|
-
July 7th, 2004, 09:38 AM
#1
Senior Member
 trojan making me nuts!!!!!
i have a small office inside the house the trojan virus always seems to be a headache for me!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! it comes and it goes is there a way to delete this virus? using any kind of AV just to deleted this annoying virus!!!!!!!!!!!!! we have our important files inside my cpu!!!!! and what do you prefer in AV so i can delete this virus any firewall you prefer in this small office.
im tried of formating and formating my pc!!!!
is there a way to delete this virus?
and is there an AV you prefer to del this file?
and what firewall do you prefer?
-
July 7th, 2004, 10:37 AM
#2
hi
Make up your Mind is it a Virus or a Trojan  .....and how do you know you have a Virus/Trojan..and how do you know it's the same one which comes and goes.......it might be different every time
Do you have a AV installed.......if not Get one soon .......I would recommend AVG ( if yo are going for a Free one)....and Norton if you are planning to buy one( i know few people would differ in choice here but it's mine)......
and for firewall Kero (free) and Norton Personal Firewall (paid)
and dont forget to update your AV reguraly ...without it it would be defenceless against new ones........And i would Suggest a Weekly Scan with Housecall online Virus Scan
AntiVirus are not very good when it come to Trojans....you might want some thig like TDS-3 or Moosoft the Cleaner to get rid of trojans...........
Ummm and AD-Aware....would also be helpful against Spywares/Adwares........I have heard Norton Antivirus 2004 takes cares of both Virus and Spywares/Adwares.......I haven't tested it yet.....
--Good Luck--
-
July 7th, 2004, 10:38 AM
#3
 G'day jin29_neci, Thought i recognised the !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Anyways, It is a little hard to assist you with your trojan.
Question #1: What is the name of the trojan?
Question #2: What Antivirus are you using, is it updated with the latest definitions?
Question #3: Have you searched the forums here to find out what security software
is recommended?
-
July 7th, 2004, 12:53 PM
#4
You mentioned that you have reformated and reinstalled numerous times, so I would say that you are loading this virus/worm right from your backups and not getting it from the net.
You possibably have an infection that has placed itself in some of your important data, that you reload every time you reformat and reinstall. Every time you open or run the data/program that is infected, it reinfects your office machine.
I would suggest that you update your virus definitions and run your av against your backup files and see if you can't find out where it is coming from.
\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
Author Unknown
-
July 7th, 2004, 01:12 PM
#5
Senior Member
the trojan horse is the virus and im using AVG as my anti-virus but it seems that my AVG can't delete the virus it only detects it!!!!
-
July 7th, 2004, 01:42 PM
#6
Go here symantec
And look for the name of the virus/ trojan that you have and follow the instuctions for
its removal. hope this helps.....
-
July 7th, 2004, 01:49 PM
#7
Junior Member
Hello.
I have found in the web that spybot , avg and norton av can't eliminate trojan horse (I really don't know).
I have found this method:
Go to Start /Control Panel /Folder Options (click the View tab)and uncheck both the *Hide file extension for known file types & *Hide protected operating system files (Recommended)-boxes, then OK yourself out.
Then go to Start /Search /For Files or Folders option and type in the name of the file: stobject.exe - highlight the file and press Delete...make sure to empty your Recycle Bin
Good luck.
-
July 7th, 2004, 01:52 PM
#8
I think the best bet would be to go to Jetico.com and downloading BCWipe. Once BCWipe is installed go to C:\Programs\Jetico\BCWipePD and download this program to a bootable CD/Floppy. Boot and then wipe your pc, once this is done install any flavor of linux that gets your attention. If your new to linux try (Mandrake/Linare/Xandros/Linspire) this will solve your problem.
--PS. HOPE (www.HOPE.net) is only DAYS away!
-
July 7th, 2004, 05:03 PM
#9
Hi
the trojan horse is the virus and im using AVG as my anti-virus but it seems that my AVG can't delete the virus it only detects it!!!!
Yes AVG is not very good when it comes to Trojans.......I would most of the Antivirus are not good when it comes to cleaning trojans........heres is what i would suggest ..do a online scan at .....Housecall ..it will find the trojan and most probably say File is uncleanable......so select the file and Press "Delete file"..
Or If you want to do it more sophisticated way Download Moosoft the Cleaner ......it's free to use for 30 days...it will be able to ret rid of the trojan....Download it update it ..and run a scan.....Also try scanning in safe mode...
If you can tell the exact name of that trojan that AVG detects we might be able to find some Removal tool for that Trojan...
And By the way Trojan Horse is not a Virus.....
--Good Luck--
-
July 7th, 2004, 07:29 PM
#10
Junior Member
TROJ_AGENT.L
--------------------------------------------------------------------------------
Virus type: Trojan
Destructive: No
Pattern file needed: 900 (1.900.14)
Scan engine needed: 6.740
Overall risk rating: Very Low
--------------------------------------------------------------------------------
Reported infections: Low
Damage Potential: Low
Distribution Potential: Low
--------------------------------------------------------------------------------
Description:
This Trojan is installed once a user visits the particular malicious Web sites containing this malware.
It allows an infected user to connect to the Internet as the host system by starting a random port proxy server on the infected machine.
This Trojan may behave like a proxy server, which hides an attacker from a user. It can be used to conceal a connection between an attacker and the infected machine, making the connection more difficult to trace.
It accesses the the following url:
http://ads.s<BLOCKED>fit.com/dc180.php
It opens an Internet Explorer window in full screen mode, displaying nothing else but a blank blue screen.
This Trojan runs on Windows 95, 98, ME, NT, 2000, and XP.
Solution:
AUTOMATIC REMOVAL INSTRUCTIONS
To automatically remove this malware from your system, please use Trend Micro Damage Cleanup Services.
MANUAL REMOVAL INSTRUCTIONS
Restarting in Safe Mode
» On Windows 95
Restart your computer.
Press F8 at the Starting Windows 95 message.
Choose Safe Mode from the Windows 95 Startup Menu then press Enter.
» On Windows 98 and ME
Restart your computer.
Press the CTRL key until the Windows 98 startup menu appears.
Choose the Safe Mode option then press Enter.
» On Windows NT (VGA mode)
Click Start>Settings>Control Panel.
Double-click the System icon.
Click the Startup/Shutdown tab.
Set the Show List field to 10 seconds and click OK to save this change.
Shut down and restart your computer.
Select VGA mode from the startup menu.
» On Windows 2000
Restart your computer.
Press the F8 key, when you see the Starting Windows bar at the bottom of the screen.
Choose the Safe Mode option from the Windows Advanced Options Menu then press Enter.
» On Windows XP
Restart your computer.
Press F8 after the Power-On Self Test (POST) is done. If the Windows Advanced Options Menu does not appear, try restarting and then pressing F8 several times after the POST screen.
Choose the Safe Mode option from the Windows Advanced Options Menu then press Enter.
Identifying the Malware Program
To remove this malware, first identify the malware program.
Scan your system with your Trend Micro antivirus product.
NOTE all files detected as TROJ_AGENT.L.
Trend Micro customers need to download the latest pattern file before scanning their system. Other Internet users may use Housecall, Trend Micro’s free online virus scanner.
Removing Autostart Entries from the Registry
Removing autostart entries from registry prevents the malware from executing at startup. In this procedure, you will need the name(s) of the file(s) detected earlier.
Open Registry Editor. Click Start>Run, type Regedit then hit Enter.
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry or entries whose data value is the malware path and file name of the file(s) detected earlier.
Close Registry Editor.
--------------------------------------------------------------------------------
NOTE: If you were not able to terminate the malware process as described in the previous procedure, restart your system.
--------------------------------------------------------------------------------
Additional Windows XP Cleaning Instructions
Running Trend Micro Antivirus
Scan your system with Trend Micro antivirus and delete all files detected as TROJ_AGENT.L. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro’s free online virus scanner.
Trend Micro offers best-of-breed antivirus and content-security solutions for your corporate network, small and medium business or home PC.
For additional information about this threat, see Technical Details.
------------------------------------------------------------------------------------------------------
Run the free virus scan at http://housecall.antivirus.com use the auto clean. If it cant clean them follow the steps to delete the files in safe mode.
hope that helps
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
