January 14th, 2008, 04:12 AM
I am trying to help my brother clean a trojan off of his computer. He is running Vista Home Premium. The trojan is trojan.wimad.a ... it was originally found by AVG AV... and was originally listed as trojan horse generic5.ijc. I have been searching google for a solution, and found a forum that suggested running Ewido in safemode. Looks like Ewido got bought out by Grisoft, so now it is AVG Anti-Spyware. Regardless, we downloaded it, booted to safemode, and started a scan. Pretty early on in the scan we got an information balloon that said:
We have not yet run the check disk utility... I was wondering if anyone here had come across this.
c:\c:\$Recycle.bin\s-1-5-21-2501116068-1111772687-1608448203-1000\$row5w3j is corrupt and unreadable please run the chkdsk utility.
here are some other steps that were taken:
Ran AVG AV in normal and safemode, both times it found the trojan but was unable to remove it, reported 1 error and 0 files healed.
Ran Spybot S&D, but found no evidence of a Trojan.
Ran Adaware 2007 in safemode, it found the trojan and claimed to quarantine it, but after that we ran AVG AV again and the trojan was still there.
Ran Hijack this, and pasted the log file at hijackthis.de. There were no "nasty" entries.
We are currently still in the middle of the AVG Spyware scan in safemode.
All of the software and definitions are up to date.
It is getting late, and I am getting ready to go home. So I will probably continue this battle sometime in the next couple of days.
Any help is greatly appreciated.
Thanks for your time.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"