I've just run a virus check on my computer, and it's given me 2 warnings, and the software says it's unable to delete, repair, or quarantine the infected files.

The 2 warnings shown are

The file C: \WINDOWS\system32\mscvhost.exe is infected with the TROJAN.NATSPAMMER virus

The file C: \WINDOWS\sys.reg is a ADWARE THREAT - ADWARE RAXUMS

The Symantec site gives instructions for getting rid of the ADWARE threat. I've followed the instructions, but it doesn't appear to have worked.
I can' t find any info on the NATSPAMMER, or how to get rid of it.

I've run Spybot and Adaware, and neither of them detect anything. I'm running Win XP, and using Norton 2004 antivirus.

Any info as to how to get rid of these infections (and prevent future infections) will be gratefully received, as I've run out of ideas.


419

Hi 419

Please download 'Hijack This!' from here (http://www.thespykiller.co.uk/), unzip, and place it in it’s own folder, (not in the temp folder) doubleclick HijackThis.exe, and hit "Scan". When the scan is finished, click "Save Log", and copy and paste it in a PM to me.

This will give me a rundown of what’s going on in your PC. I'll be glad to analyse it for you, and let know what to do next. Don’t fix anything yourself yet, as a lot of the stuff on that list will be harmless or required.

Please remember to switch off the smilies before sending the PM though.

Cheers

Liam

---------------------------------------------------------------------------------
A member of the Alliance of Security Analysis Professionals (http://asap.maddoktor2.com/) since 2004.

Hi 419,

I've checked your log, and PMd you with instructions on what to do next. :)

Cheers

Liam

I now have an Adware and virus free computer thanks to E-Liam.

419

Could you post the solution on here in case any other people may happen to come accross this (including me :D )

Thanks guys

Maz

Hi 419, you're welcome.. :)

Hi Maz,

I'd love to, but this is just one instance of literally thousands of different pieces of scum that get foisted onto people's machines. I could post a blow by blow solution for this machine, and it's likely that it will never be seen by another member of this forum. When first got here, I was asked to keep the techie level down to a quiet drone in the background, and I respect that. I'll happily fix any individual's problems as and when they appear via PM, but the forum's policy is for (relatively) low tech scumware advice.

I rightly see their point, as it's not a "technical" forum perse, and will abide by that. Again, if anyone has any security issues, I'll be glad to deal with them via PM.

Cheers

Liam

---------------------------------------------------------------------------------
A member of the Alliance of Security Analysis Professionals (http://asap.maddoktor2.com/) since 2004.

Hi Eliam - not a problem at all! Will bear that in mind and post here if need be.

Maz :ok: