[Fixed]Virus detected, please help this computer illiterate member

Scratcher

Scratcher

Emperor
Joined
Jan 14, 2003
Messages
1,450
Location
Deep in the Jungle
Guys (or Gals), I am completely computer illiterate and I seriously need some advice and instructions on what to do. I have not "played around" with my computer due to the fear of completely messing things up.

I have windows XP and I run AVG anti-virus free edition. I update the anti virus every time I connect to the internet, which is almost every day. This morning it detected a virus called "Trojan horse Downloader.Agent.ETP" and I was prompted to repair the file, which I did (I think!). I then ran an AGV computer scan where the same virus in a different location was found, and again I pressed the "repair file" option. However, I received a message saying (something along the lines of) Windows has detected files from an unknown souce and for system stability the original files should be reinstalled, please insert windows XP disc. So I inserted the disc but nothing seemed to happen, no file exchange, or file installation took place. I then restarted my computer.

But, when I try to open Microsoft Outlook I get the following error message:
dwwin.exe - unable to locate component
This application has failed to start because WININET.DLL was not found. Re-installing the application may fix this problem.

In my AVG virus vault the Trojan horse..... is found at these 2 locations:
D:\WINDOWS\system32\wininet.dll
D:\WINDOWS\system32\dllcache\wininet.dll

When using windows explorer I can not find the file wininet.dll in D:\WINDOWS\system32 and I can not find the folder D:\WINDOWS\system32\dllcache

But I have found the file WININET.DLL on the windows XP disc.

So please, computer wizards, what should I do now? (apart from cry in frustration).

Thanks
 
I am now getting a little concerned. I keep getting pop ups saying:

Messanger Service - Message from SECURITY to ALERT on date.... time...
Stop!
Registry Cleaner Recommended

To fix the errors please do the following:
1 Download Registry Repair from: web address regdoc.32.com
2 Install registry Repair
3 Run Registry Repair
4 Reboot your computer

FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORRUPTION

I have also received similar messages telling me I have 55 critical errors and my computer is going to crash soon so go to msreg.com, gegfixit,com and another message informing me there is a woman called Romana waiting for me to contact her.

What are these pop ups? So far I have ignored them all. What is this messanger service? I have never seen this before.

Advice desperately needed.

Thanks,
Scratcher
 
The second post looks like adware. Did it pop up in an IE window, or a dialog box? If it was a dialog box, this link might be useful for you.

Go and download the spyware cleaner programs, links in my sig. Run those every couple of days, it'll help keep your system clean. Be sure to update them! Don't think that'll be a problem with you, tho.

You also might try reinstalling Office/Outlook.
 
@Turner, I will now go and DL the spyware thingy. I hope it is not too big as I have a very very slow dial up connection.

The pop ups appear in a text block entitled "Messanger Service", not in a IE window (maybe, due to the fact I have not run IE for about 6 months now, I only use Mozilla firefox). It is very wierd that these messages would start literally minutes after the virus was detected. I had never received such pop ups in the 6 or more years of owning my computer.

But thanks for your advice,

Scratcher

Edit, the pop up was exactly the type shown in your link. I have now disabled the Messanger service, and set it to manual execution. As I never knew it was there or what it is good for...I probably won't miss it, right?

Any advise on the virus, my missing DLL file, with easy to follow step by step instructions would be highly appreciated.

Again, thanks,
Scratcher
 
Yeah, you'll want to go to that first link I provided. Without looking at your system, it does sound like the virus/trojan started the pop ups.

I don't recall the filesizes for d/ls, but they're not too large. A couple megs each. Maybe an hour or two total download time.

I know, it's a long time. But those files really help keeping spyware to a minimum.
 
@ Turner,

I am currently DL'ing Spybot S&D. As you can imagine, at 5kB per sec it is taking a while!

Do you recommend one of the spyware programs over the others or do you recommend running all three?

Thanks,
Scratcher
 
Unfortunately, all three. Spybot will pick thinks up that AdAware will miss, and vice versa. Spyware Blaster is a different kind of program, which blocks certain things. Kinda seperate from the other two, but useful nonetheless.

A pain, I know. But it'll be worth it.
 
Thanks for the reply. I was hoping you would reply quickly as I didn't want to close all applications and disconnect from the internet to launch spybot if I had to DL the others.

So back to my super swift DL. I think I'll take the dogs for a walk while waiting!
 
Further info,

jusched.exe (whatever that is!) and ituneshelper.exe will not run due to WININET.DLL was not found.

Furthermore, spybot has been DL'ed and installed but will not run for the same reason.

What should I do about this Virus, and wininet.dll file?

Help appreciated.

Scratcher
 
jusched is the java update scheduler.

Can you do a system restore to a point before you got this virus? Better burn off those programs to a cd if possible, because systemrestore will delete them.
 
@Turner, I have no idea what is, or how to perform, a system restore.

How would I know a time when the virus was not present? I do not even know what kind of Virus it is and how the hell I got it. The AGV heal and restore options do not seem to get rid of the virus or enable my programs to work. After supposedly healing and restoring I get:

dwwin.exe - Application error (or different file name for different applications)
The application failed to initialize properly (0xc0000022). Click on OK to terminate the application.

I have since found that other programs (QuickTime Player) are not working due to the same dll file issue.

I saw on one of your spyware DL sites programs for removing Trojan and worm viruses. Do you think I should try one of these, and could this interfere with my already installed AGV?

God, I feel so out of my depth at the moment.
 
Times like this it really helps to have my hands on your computer. Ah well.

You can try AdAware. Or you could try to find a specific removal tool for that virus. Symantec should have something like that for you. Give me a few and I'll look for it.

You could also try another free virus program, like Avast! Avast! is a decent program that I use. (And my wife has AVG on her laptop, so we use both.) I don't know how big the d/l package is, but it's probably about 4 or 5 megs. So thats, what? 30 minutes on dialup? I know, I know....a pain.

To use the system restore, click on Start -> Programs -> Accessories -> System Tools -> System Restore. Then pick a restore point before you started seeing the virus and restore to that point. This is an XP feature, and I'm not sure what OS you're on. So if you started seeing the virus on Monday, restore to Sunday or before Monday. You will have to reinstall any new software since that restore point, because the systemrestore will remove anything new. It's kind of a pain, but it can be a lifesaver.
 
@ Turner, I hope I am not being too much of a pain in the ass (especially with my simple questions....but I am not used to doing these types of things with computers.....I played unpatched civ for years because I couldn't get the patches to work). :blush:

The system restore sounds quite easy to undertake. The only new software recently installed or DL'ed are the spyware programs you recomended to me today. If I was to put these onto my memory stick, I can transfer them back after the system restore right?

What about any game saves in the time frame between now and my chosen system restore date/time? Would these disappear?
What about any emails received / sent between now and my chosen system restore date/time? Would these disappear?

I connect to the internet maybe twice a day, but this morning was the first time I had any indication of a virus. Would going back to a time and date prior to my last all clear AGV system check (3rd August) be recommended?

and again, your help is appreciated,
Scratcher
 
Scratcher said:
@ Turner, I hope I am not being too much of a pain in the ass (especially with my simple questions....but I am not used to doing these types of things with computers.....I played unpatched civ for years because I couldn't get the patches to work). :blush:
Click to expand...
Don't worry about it. I was once the same way myself. :)
Scratcher said:
The system restore sounds quite easy to undertake. The only new software recently installed or DL'ed are the spyware programs you recomended to me today. If I was to put these onto my memory stick, I can transfer them back after the system restore right?
Click to expand...
Yes, you can transfer them back. The system restore should only affect files on your hard drive. But be sure and remove the stick. Then it won't be able to affect it at all.
Scratcher said:
What about any game saves in the time frame between now and my chosen system restore date/time? Would these disappear?
Click to expand...
I'm thinking yes, they would disappear too. Saving those off would be a good idea too.
Scratcher said:
What about any emails received / sent between now and my chosen system restore date/time? Would these disappear?
Click to expand...
Only those on your local computer. You did say you're using Outlook, right? So anything that you've downloaded and not kept on the server would be deleted.
Scratcher said:
I connect to the internet maybe twice a day, but this morning was the first time I had any indication of a virus. Would going back to a time and date prior to my last all clear AGV system check (3rd August) be recommended?
Click to expand...
That would probably be best, but you might get away with yesterday, or the day before. But going back to before the last system check would make sure.
Scratcher said:
and again, your help is appreciated,
Scratcher
Click to expand...
You're quite welcome.

I'm gonna be honest here...I'm not too familiar with restore points. It's been a long time since I've messed with them, so some of my answers may not be entirely accurate. But backing up any information you want to save is a good idea regardless of whether or not I'm right. It certainly won't hurt, take nothing but time. Assuming you don't have a lot of save files, it could be done pretty quickly as well.
 
@ Turner, I didn't really understand that stuff about the emails. But as I can not open the program I can't save anything. :p

I will take a deep breath, and have a go. Wish me luck! If I have not resurfaced within a day or two, I am probably searching for professional help. :D

Thanks again,

Scratcher
 
Well, if I were to send you an email (let's say scratcher@yahoo.com) first it would go to your mail provider, in this case, yahoo. It's on their server. Then you start outlook, and it goes out to the server and downloads it. Now, Outlook can either keep it on the server, or delete it.

So if you have it set up to keep the emails on the server and not delete them, then you'll still have your emails on your mail's server. But if you delete them off the server when downloading, they they'll be gone. It all depends on how you set them up.

Good luck! Feel free to post more questions here, or you can PM me as well. (better to post them here, as other people probably know better than I how to help.)
 
@ Turner,

Me again :D

Okay, I went to Start, Settings, Control Panel, Administative tools, Computer management, system restore service, and I now have a panel called system restore services properties (local computer), with 4 tabs, General, Log on, Recovery and Dependencies. I do not understand anything written on the 4 tabs, I do not have a clue how to activate, nor can I see an obvious place to insert a time and date to restore to. To be honest I am not even sure I am in the right place :(

My OS is Windows XP Professional Version 2002, if that is any help.

I am glad I don't have any beer in the house, because I would be hammered by now :mischief:
 
You're in the wrong place. What you're doing is starting/stopping the service, and we want to run the program.

Like I said a couple of posts up, go to Start -> Programs -> Accessories -> System Tools -> System Restore. Then select 'Restore my computer to an earlier time', and it should give you a calendar with available choices.
 
@Turner

Okay, I'm back :D

System has been restored to a week ago. Who said time travel is impossible :crazyeye:

Now my programs are running again. I have also installed the recommended spyware stuff and found that quite a lot of espionage was being undertaken. This has been immediately stamped out :lol:

But....AGV has now found another virus (called: Virus Identified worm / Lovsan.A.) This is located in
D:\System Volume Information\_restore{....lots and lots of numbers and letters. ..} more munbers and letters.exe with a file size of 6kb. AGV says that this file can not be repaired. Should I just delete it?

What sould I do with the previously infected with Trojan files still in the AGV virus vault. Should I now delete these files too?

Thanks,
Scratcher
 
Looks like it's in your system restore folder. I wouldn't worry about it. And yeah, I'd delete those in the AVG vault as well. And if you can't, it sounds like they're quarantined as well.

:thumbsup: Glad it worked out for you!
 
You must log in or register to reply here.

Similar threads

K
Slow launch time
Replies
2
Views
168
Walter Hawkwood
Walter Hawkwood
Solitude102
Caveman2Cosmos v43 download from ModDB - Trojan Virus!?
Replies
3
Views
2K
Thunderbrd
Thunderbrd
L
[Civ2] Running Civ2 MGE on a Linux Virtual Machine
Replies
9
Views
2K
Civilizator-2
C
F
Civ II MGE - please help with music, barracks costs and diplomat messages?
Replies
5
Views
2K
Blake00
Blake00
L
  • Sticky
Workarounds and suggestions for making Civ III run well in 2023
2 3 4
Replies
69
Views
17K
Lord_Hill
L
Back
Top Bottom