I recently reformatted my Win XP C: drive and no sooner did I switch on my cable modem did the system seem to be overwhelmed with all manner of trojans and other peculiarities. Both firefox/IE directed all traffic to a "End of the Internet" url. I got around that by taking out a suspicious process in the task manager. Now I finally got AVG 7 antivirus, Ad-Aware and a firewall and the system appears clean but for one remaining problem. On startup, a 4kb file C:\instalfag.exe is executed and it causes a crash. Delete the file and it reappears seconds later. AVG7 doesn't identify it as a virus. Today I found the file was gone and instead a 178kb file c:\angelshit.exe is being executed at startup instead. Same applies for this file also. Any advice? My virus definition file is up to date. I have copies of both instalfag.exe and angelshit.exe if anybody would like to take a look. Thanks in advance.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Virus? help... instalfag.exe angelshit.exe
- Thread starter CK83
- Start date
they're bad get rid of them.
C:\instalfag.exe : is this their full path, is it not
C:\windows or
C:\windows\sytem32 ?
Anyway, paste the full path of whereever it is into the killbox and delete them!
Download the pocket killbox
Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the Full Path of File to Delete box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the
X in the middle after you enter each file. It will ask for confirmation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the Paste Full Path of File to Delete box.
C:\instalfag.exe
c:\angelshit.exe
* Download the trial version of Ewido Security Suite here
* Install ewido.
* During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
* Launch ewido
* It will prompt you to update click the OK button and it will go to the main screen
* On the left side of the main screen click update
* Click on Start and let it update.
* DO NOT run a scan yet. You will do that later in safe mode.
* Click here for info on how to boot to safe mode if you don't already know
how.
How to boot to safe mode
* Now copy these instructions to notepad and save them to your desktop. You
will need them to refer to in safe mode.
* Restart your computer into safe mode now. Perform the following steps in
safe mode:
* Now run Ewido:
* Click on scanner
* Put a check by the following before you scan:
o Binder
o Crypter
o Archives
* Click the Start Scan button to start the scan.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop
download ccleaner.
C:\instalfag.exe : is this their full path, is it not
C:\windows or
C:\windows\sytem32 ?
Anyway, paste the full path of whereever it is into the killbox and delete them!
Download the pocket killbox
Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the Full Path of File to Delete box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the
X in the middle after you enter each file. It will ask for confirmation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the Paste Full Path of File to Delete box.
C:\instalfag.exe
c:\angelshit.exe
* Download the trial version of Ewido Security Suite here
* Install ewido.
* During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
* Launch ewido
* It will prompt you to update click the OK button and it will go to the main screen
* On the left side of the main screen click update
* Click on Start and let it update.
* DO NOT run a scan yet. You will do that later in safe mode.
* Click here for info on how to boot to safe mode if you don't already know
how.
How to boot to safe mode
* Now copy these instructions to notepad and save them to your desktop. You
will need them to refer to in safe mode.
* Restart your computer into safe mode now. Perform the following steps in
safe mode:
* Now run Ewido:
* Click on scanner
* Put a check by the following before you scan:
o Binder
o Crypter
o Archives
* Click the Start Scan button to start the scan.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop
download ccleaner.
- Status