January 17th, 2004, 05:00 PM
I Have A Trojan Horse
First i want to ask that: is this the right board to post it on?
Ok now that is out of the way HELP ME
i downloaded a key logger (from this site, the one with the most downloads i think it was achtung) then i unziped it and my antivirus (norton systemworks 2003) identifies it as a trojan horse. BUT it cant delete it (it tries to repair, quarrientine, and delete it but fails in all three) I tried DOS to delete it (im not familir with dos but i have a "DOS For Dummies Command Reference" im lookin at it now)but it says "Access Denied". I dont have any problems now but help me delete it.
January 17th, 2004, 05:10 PM
I think misc security discussions might of been better, but this one is fine.
the dos commands you 'll need are "attrib -h -r -s filename" as long as this
isn't running as a process.. then the delete command "del filename"
(of course you might have to change directories to the right location using the cd command)
there are of course, trojan scanner tools... take a look at this thread
January 17th, 2004, 05:11 PM
what OS are you running?
try rebooting your system in safe mode then delete the file manually from DOS or windows(whetever). Access Denied message is because the application is running. what is the name of the trojan? tell us if you are still not able to get rid of the trojan
this is a similar thread .
January 17th, 2004, 05:20 PM
January 17th, 2004, 05:22 PM
Here's a piece of freeware that will get rid of Achtung. And here's a download link from VNUNET Spain... all the other download-links seem to be down, and this one works
January 17th, 2004, 05:25 PM
I dont like horses, anything with 4 legs and a head bigger than mine scares the **** out of me, but i can deal with this type.
its saying access deined for 2 reasons, possibly the permissions are set as readonly or its running,
Use the attrib command to change the permissions then try a delete.
or ctrl-alt-delete find it in the task manager and stop it, then delete it.
or try going to the mcaffee website and finding it there and finding instrutions on removal of it,
this teaches you a vital lesson that you shouldnt double click everything you download, if youd scanned it first before double clicking it then you would have known that it was a trojan. Also keep those virii definitions
January 17th, 2004, 05:46 PM
Restarting into safemode and deleting it with DOS worked (but i did change the atribute to -r earlier)
But tell me is that file really a trojan horse (i mean antionline would never do that..right?)
January 17th, 2004, 05:55 PM
LOL.. antionline never do that ? No.. YOU did that. the downloads sections were put in by the founder of this site and they are all pretty much OLD, lame, files.. meant for folks to disect, experiment with. (on your own computers, not to infect others) I think JP meant to have those downloads here to attract folks and possibly get them to sign up here and learn what security is all about.. frankly, I think they've lost their value and should be taken out, but in this case you've provided us with some entertainment, so they were of some use after all.. LOL..
January 17th, 2004, 11:43 PM
hmm .... I thought JP had a warning on that page... oh well perhaps my memory is off..(no insult intended for memory)
yep there are some OLD live babies in there.. Just take Negs advice.. and all will be well (hmm sounds like an excuse I heard the other day..)
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr