My computer is infected with three viruses: Downloader, Spyshredder, and Trojan.Dropper.  How can I get rid of them.  I noticed that my computer's performance decreased substantially shortly after I left it on for three days without me being around.  The computer was obviously used by others while I was gone.  I ran a virus check using symantec's virus scan, and those were the results.  I looked thru the removal tools, but did not find any of the removal tools I needed.  How can I remove these viruses from my PC?

Hi

1. Did Norton not remove these for you after detection??

2. Download Hijackthis http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download and download the third in the list (Excutable) and click "Scan with log"  open the log in Notepad, the paste me the results please in a Personal Message.  being as you have more than one infection there should be a few entries. Will try and spot the startup entries to fix to give the PC more resouces. 

3. Download Malwarebytes from http://www.malwarebytes.org/mbam.php, update and do a full scan.

We will see how we go, as for the other 2 infections, depends on the slight variant. We will get there step by step. 

Quads 

Quads, thank you for your help.  I will do as you instruct and let you know what happens.  Thanks again.

Quads, I’m new in the forum and don’t know how to send you a personal  message.  I have the scan results to sedn to you; just don’t know how to do it in a personal message.  How do i do that?

---

RickRojas wrote:
Quads, I'm new in the forum and don't know how to send you a personal  message.  I have the scan results to sedn to you; just don't know how to do it in a personal message.  How do i do that?

---

Hi

I have sent you a Personal Message (PM) the letter icon along the right hand side will have now change to yellow saying "x new message"

Quads 

Quads, I'm sorry for my ignorance, but what do you mean by "tick these entries".  I'm not really computer savvy, and don't undestand some of the jargon.  Again, I apologize for my ignorance.

Here is the malawarebites log:

Malwarebytes' Anti-Malware 1.30
Database version: 1441
Windows 5.1.2600 Service Pack 3

12/1/2008 10:30:34 AM
mbam-log-2008-12-01 (10-30-34).txt

Scan type: Full Scan (C:\|)
Objects scanned: 170308
Time elapsed: 1 hour(s), 12 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Rapid Antivirus (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\mozilla.org\Mozilla\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1055\A0112021.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\atmgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dbldrv.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dbxdrv.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rick\gotomypc_428.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Ok

When I say tick the entries I listed, see in this screenshot how I have ticked one

Then you click the "Fix Checked" button.   The PC may have to be restarted after.

How old is your AV Program??

Please note only tick the entries I stated in message 7 above 

Quads 

All Clean??

Quads 

I suggest running a Panda ActiveScan. Create a free account for removal. If Panda does not remove all the threats without you paying $$$, manually delete the infected files.

Hi

The poster starter already has Panda Active scan in the Hijackthis.log.   The person has just disappeared after my last set of major instructions. (message 7)

Must be fixed

Quads 

It's nice of you to help him out, Quads.  Another guy, also disappeared the other day, without coming back, after you helped him...

Not very nice.....

But do not get demotivated, Quads, please....Beacause, your help is really invaluable....

Quads, I'm still here.  I had to step out and take care of some responsibilites, but I'm here, and I'm very grateful for your help.  Please let's continue.

---

TrDo wrote:

It's nice of you to help him out, Quads.  Another guy, also disappeared the other day, without coming back, after you helped him...

 

Not very nice.....

 

But do not get demotivated, Quads, please....Beacause, your help is really invaluable....

Message Edited by TrDo on 12-02-2008 02:24 AM

---

I was basically stating to Techie that Panda was in the Hijackthis.log so must have the active scan service to some extent.  

It is hard to tell if they are gone, or taking a break, People do disappear you tend to get use to that, that just the way it goes.  Another thing is people have to realise we are not all in the same part of the world. So some people are not online at a moment in time due to it's their night time.

The things you learn on here.

Quads 

Quads, I would like to formally introduce myself.

My name is Rick Rojas.  Married, wity 4 kids. I am in Los Angeles California and work from home, in the Real Estate industry.  My computer is the main tool I use to perform my work.  I am grateful to you and to everyone in this forum who is pitching in their two cents. 

I have followed your instructions with the exception of running the scan again.  The scan takes about an hour, and I need to finish up some tasks on it.  It is 7:17 PM PST.  I will run this scan in about an hour, and will report the results to you.

I have to tell you, the little bit that you had me do, has increased performance on my PC.  Thanks!

No problem. 

---

RickRojas wrote:

Quads, I would like to formally introduce myself.

 

My name is Rick Rojas.  Married, wity 4 kids. I am in Los Angeles California and work from home, in the Real Estate industry.  My computer is the main tool I use to perform my work.  I am grateful to you and to everyone in this forum who is pitching in their two cents. 

 

I have followed your instructions with the exception of running the scan again.  The scan takes about an hour, and I need to finish up some tasks on it.  It is 7:17 PM PST.  I will run this scan in about an hour, and will report the results to you.

 

I have to tell you, the little bit that you had me do, has increased performance on my PC.  Thanks!

---

Hi Rick...Sorry, if what I said came out a bit hard...Wasn't having a go at you...

Stick with Quads....From what I gather, he's a Hijack expert....!!!! I'm sure you'll be able to sort it out....

TrDo.

Thanks!  I will definitely stick with Quads.  Thru his guidance, I’ve been able to remove some, if not all of the viruses.  I will send him the results of my last scan, and see what comes next.

Quads, here are the results of the scan I did last night with Malawarebites:

Malwarebytes' Anti-Malware 1.30
Database version: 1441
Windows 5.1.2600 Service Pack 3

12/2/2008 6:41:49 AM
mbam-log-2008-12-02 (06-41-49).txt

Scan type: Full Scan (C:\|)
Objects scanned: 172635
Time elapsed: 1 hour(s), 3 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)