Trojan Help

tyman1180 · 07-23-2006, 05:56 PM

Whenever i open up mozilla firefox my bitdefender antivirus pops up and says it has blocked and deleted Trojan.Downloader.JS.Psyme.D, and Trojan.Downloader.JS.Psyme.O, but this happens ever time i open firefox. i have run many different virus scans and i have found nothing i actually found exactly where the virus is but it cant be deleted because its in use. I made a new profile in firefox and that worked but now firefox takes about 10 mins to open which is rediculous. Anyone have any help for me please

**John Scott** · 07-24-2006, 12:04 AM

This may be overkill, but I prefer to reformat my PC every couple months - keeps it nice and clean.

**G10** · 07-24-2006, 01:02 AM

This may not clear it but it is worth a go.

Disable the 'System Restore' option (if using XP)

Try running Trend Micro's Housecall on your system.

Update your antivirus software then run a full scan of your hdd and see what comes up.

If this finds and deletes it, then re-enable your 'System Restore' option and go from there.

The reason you are disabling your restore option is because sometimes, viruses can bury themselves in that.

littleFella · 07-24-2006, 03:58 AM

That thing sounds like a rootkit. I'd go for John's drastic suggestions.

notamaster · 07-24-2006, 12:37 PM

I am in line with G10, sorta:

Disconnect from the internet (eeiick ;] ).
Turn off "system restore".
Boot into "safe mode".
Run all your scans again.
Reboot, if gone, turn on "system restore".

Scanners that I have had good luck with are ad-adware, spybot, ewido, mcafee, and hijackthis. If this doesn't work then I have a few other things to try. Some of these can seem like knock-down drag-out experiences.

tyman1180 · 07-24-2006, 04:22 PM

ill try some of these but if it comes down to reformatting how do i exactly do that im not big on all of that like messing with everything

Daniel-Z · 07-24-2006, 04:31 PM

Quote:

Originally Posted by JohnScott

This may be overkill, but I prefer to reformat my PC every couple months - keeps it nice and clean.

I said the same thing in another thread and was told that I shouldn't have to.

None the less I agree with you 100% John I practice the same

tyman1180 · 07-24-2006, 04:32 PM

oh and one more thing in avasts virus chest if you push the delete command when it asks you to do something will it delete the virus off my computer or should i leave it in the chest

Daniel-Z · 07-24-2006, 04:32 PM

Quote:

Originally Posted by tyman1180

ill try some of these but if it comes down to reformatting how do i exactly do that im not big on all of that like messing with everything

There is a thread that was created by EGS I think. 2 harddrives I think was the subject.

There are all sorts of posts in there about formating and re-installing windows

If not just go to google and type exactly that in "Formating and re-installing windows xp"

tyman1180 · 07-24-2006, 07:18 PM

hey thanks i started up in safe mode went to where the virus was and deleted them thanks no more bit defender but for some odd reason firefox doesnt start up fast anymore and theirs no more viruses or anything

notamaster · 07-24-2006, 08:52 PM

I am not sure of what the slowness is from, maybe it is trying to load that which isn't there anymore?

Everybody: if you have never turned off your "system restore" and re-booted into safe-mode and ran your scanning programs, well, I urge you to do so even if you haven't encountered any trouble. This "system restore" area is a place were a virus/baddie can hide and it will not be scanned by anything until you are in safe-mode with "system restore" turned off.

It should also be obvious that you have to disconnect your internet to scan at any time. I always run hijackthis at the end of every internet session to determine if something was loaded to run on the next boot-up, it's an easy catch/fix.

I thought I had a clean system and still found something hiding in that restore area a while back. Which in a way indicates that a scan isn't completely covering your entire drive until this safe~restore mode is utilized. And yeah, it's a pain in the aZ$ compared to normal computing but on a lower level than re-formatting and installing the entire drive.

Oh, if you don't have a computer, well, nevermind.....!!

**G10** · 07-25-2006, 03:35 AM

Quote:

Originally Posted by littleFella

That thing sounds like a rootkit. I'd go for John's drastic suggestions.

For this situation, that measure is too drastic dude

A lot of people wipe their systems every 6 month's or so but that is something I have never done and it works fine.

Get a good piece of software that cleans, compacts and defrags the registry and you shouldn't have too much trouble. I recommend something like Advanced System Optimizer.

I use it myself but you can check out the reviews

littleFella · 07-26-2006, 08:11 AM

I don;t reinstall my systems but rootkits are pretty nasty. I wrote one a while ago as an exercise. The only reason I didn't bother removing it is cuz I know what it does and it is harmless to my laptop. Tried removing it, and still have a few adventures doing so.

Btw. none of the software you linked to says they take care of rootkits

**G10** · 07-26-2006, 11:50 AM

I don't know a lot about rootkits or understand how they work but I will look into them, my guess is that if it isn't happening anymore and the software I mentioned doesn't get rid of them, then it may not have been that.