Help, Trojans found!

Dagoodz

Okay, everything has been fine on my computer (Windows ME), until today, when I turned it on, and a whole bunch of my desktop items are gone, the targets of some of the files are empty, and clicking the startup menu does nothing. I am connected online via DSL, and everytime I click Internet Explorer, I just keep getting a security message that wants to know if I will allow cookies.

I went into safe mode, and found everything to be the same, so I ran AVG AntiVirus (I read it was recomendded on this site) from My Comp>Program Files>etc, and it found the Trojan "Downloader.Small.14.AF" 3 times and the Trojan "Dropper.Surfside.A" 2 times, in different folders of C:\_Restore\Archive. The problem is, after the scan completes, the antivirus just closes and everything stays the same.

I'm a little new to this so I'm not sure how to do the log thing and I am typing this post/currently online with a different computer. Is there anyway to fix this and/or anyway to recover everything without just putting in the computer restore disc?

Please let me know if you need any more information, any help is greatly appreciated! Thank you for your time and help!

SpywareShooter

Please see [link=http://www.short-media.com/forum/showthread.php?t=14915]This Post[/link] on how to post a HJT log.

Dagoodz

The problem is, that it won't connect to the internet (I am currently using another computer) and I can hardly run anything, since most of the targets of the folders have been removed. Is there any other way to get a log? I downloaded the HJT program and burned it to the disc, but couldn't find a way to launch something from the disc on the infected computer. Any hope, or just start from scratch and put in the Restore CD that came with it?

As an update, reran the virus scan, and it found nothing, but damage is done. Start menu leads to nothing/is nonexistant, Internet does the same thing I mentioned above, and in the security setting, no internet connection exists. Targets to most folders are empty, and in 'My Computer', I get a message about 'Active X' not being installed and not being to view any of the contents (which happens with any folder that still exists)

Leonardo

Well, if you can verify there is no spyware, malware, or virii, then perhaps it's time to do a Windows reinstallation under "Repair" mode. But I'll leave the cleaning regimen to our resident experts.

Buckeye_Sam

Hijackthis this won't run from the disc. You'll have to copy it to your hard drive and run it.

From what you are describing you've suffered substantial corruption of your system files and registry. Add to that Windows ME is not a very stable platform to begin with, and you will probably be able to resolve this quickest by formatting and reinstalling Windows.

But if you don't want to take that step yet, we can explorer some options and see what can be done for you.

Can you boot into Safe Mode?

If so, how do things seem? I know it will look funny, but does the computer seem to operate ok in Safe mode? If you can try to get a hijackthis log and post it here so we can see what's going on.

Leonardo

Add to that Windows ME is not a very stable platform to begin with

Sorry, I read through the posts too quickly. No 'repair' installation available in ME.

Dagoodz

I just restored from the beginning, lost some pics, but it's okay, now have all the things reccomended from this site and have it protected, thanks anyways