-
December 12th, 2004, 09:19 PM
#1
Junior Member
what does this type of virus mean
hi, i recently done a scan of my computer and it found that it was infected with these viruses, win32:lowzones-c(trj) also win32:rbot-gv(trj) is this a serious virus and what harm can it do to my computer, im new to all this and need a little help. thanks.
-
December 12th, 2004, 09:45 PM
#2
Good Day
These infections are both Trojans with backdoor capabilities. Fortunately you discovered them. And obviously you’ll need to eradicate them if you haven’t already. If you have not removed them, disconnect your computer from the Internet/Network until you do. The real question is how long were they there, did someone gain access to your computer, and what did they do once they did. Only you know for sure how much personal and account information is on the compromised computer. So if it does involve bank accounts etc., a careful reconciliation of all of those accounts is a must. Also your computer could have been used to carryout other illegal deeds so you must make sure it is clean before going back online with it. There are many good Trojan removers out there and “The Cleaner” and “Swatit” are just two of them. Below is some information about the Trojans.
Win32.Rbot is an IRC controlled backdoor (or "bot") that can be used to gain unauthorized access to a victim's machine. It can also exhibit worm-like functionality by exploiting weak passwords on administrative shares and by exploiting many different software vulnerabilities, as well as backdoors created by other malware. There are many variants of Rbot, and more are discovered regularly.
http://www3.ca.com/securityadvisor/v....aspx?id=39437
For a lot more info, just enter: “win32:lowzones” or “Win32.Rbot” into google’s search.
cheers
Edit: Below, Nihil provides some outstanding guidance on how to clean it up and keep it that way.
Connection refused, try again later.
-
December 12th, 2004, 09:59 PM
#3
What is the antivirus?
They are trojans, so you might expect that you may have backdoors, keyloggers, password sniffers and whatever.
Update your AV and run it in SAFE MODE
Get SpyBot Search & Destroy, update it, and run it in safe mode
Get AdAware SE, update it and run it in safe mode.
Get SwatIT and do the same
In SpyBot, run the immunisation option (you should run it in advanced mode)
From DiamondCS, get Registry Prot and install it.
You should clear all your temporary internet files, history, browser cache and Java cache before doing all this
And make sure that your Windows is fully patched.
You should also be running a firewall...............are you?
Just a few little tasks for you to be getting on with
By the way, you did the right thing to ask................the problems with trojans is you don't know what comes along with them.
Good luck
-
December 13th, 2004, 01:36 AM
#4
Junior Member
hi, you said to get swatit sorry but i dont know what it means or how to get it and you also said from diamond cs get registry prot and install it i also dont know what that means or how to get it, also how do you make sure windows is fully patched sorry if i sound a bit thick but this is all new to me. thanks
-
December 13th, 2004, 01:58 AM
#5
He was wanting you to download and install those programs from their appropriate sites. Just click on the links below and they will lead you to the sites where you can download them.
http://swatit.org/download.html
http://www.diamondcs.com.au/index.php?page=regprot
http://www.microsoft.com/downloads/h...displaylang=en
Have a nice evening
Connection refused, try again later.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|