Results 1 to 6 of 6

Thread: How do i erase a Ring zero Trojan from my pc

  1. #1

    How do i erase a Ring zero Trojan from my pc

    I keep getting an intrusion on my firewall that the ip 63.198.17.106 keeps trying to enter through port 80 and a few otha ports, and it mension Ring Zero Trojan in the warning message, maybe theres a trojan in my system or his trying to get throught the port that Ring Zero Trojan uses to open, HOW would i go by to check and/or erase this trojan from my system, would appreaciate the help! Thanks!

  2. #2
    what's ur OS?
    if windows
    trace it through the registry then remove the string

  3. #3
    Senior Member SirSub's Avatar
    Join Date
    May 2003
    Location
    Groom Lake, Nevada
    Posts
    148
    Two questions
    1) Can a trojan enter through port 80?
    2) I've tried searching for Rising Zero Trojan, and nothing comes up, are you sure this is the name of the trojan.

    To get rid of the trojan, goto www.moosoft.com and download the trial version of The Cleaner, run a scan and then delete the trojan.
    It is impossible to make anything foolproof because fools are so ingenious. - Murphy

  4. #4
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    you still don't acctualy know if you have a trojan.....some one tried to port you on port 80, port 80 is the HTTP port, but also some trojans use it....so far...theres no proof that you have the trojan, furthermore, the firewall is intercepting all the data any how...

    ok...heres what you do..
    goto Run in the start menu, type in cmd(xp/2k)/Command(9x/ME(?)) ( ok..that was "CMD" if your on a XP or 2k System, "Command" for any thing else.)

    A DOS like window will pop up

    type in Netstat -an

    It will produce a list of IP's and ports...look for the port 80, if you find it and it says "LISTENING" next to it, then you need to look more into this trojan, if not...then ou don't have a trojan on port 80 (Dosn't mean you don't have a trojan though)

    - Noia
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

  5. #5
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Well if you had used google you would have found this link among many other

    http://www.f-secure.com/v-descs/ringzero.shtml

    and as said previously.. just because some one scanned the port isnt to say you have the trojan.. your concern level may increase if it was an outbound attempt..

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  6. #6
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    *Moved from Antionline: How do I?*

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •