what does this type of virus mean

[maryuk]

hi, i recently done a scan of my computer and it found that it was infected with these viruses, win32:lowzones-c(trj) also win32:rbot-gv(trj) is this a serious virus and what harm can it do to my computer, im new to all this and need a little help. thanks.

[Relyt]

Good Day

These infections are both Trojans with backdoor capabilities. Fortunately you discovered them. And obviously you’ll need to eradicate them if you haven’t already. If you have not removed them, disconnect your computer from the Internet/Network until you do. The real question is how long were they there, did someone gain access to your computer, and what did they do once they did. Only you know for sure how much personal and account information is on the compromised computer. So if it does involve bank accounts etc., a careful reconciliation of all of those accounts is a must. Also your computer could have been used to carryout other illegal deeds so you must make sure it is clean before going back online with it. There are many good Trojan removers out there and “The Cleaner” and “Swatit” are just two of them. Below is some information about the Trojans.

Win32.Rbot is an IRC controlled backdoor (or "bot") that can be used to gain unauthorized access to a victim's machine. It can also exhibit worm-like functionality by exploiting weak passwords on administrative shares and by exploiting many different software vulnerabilities, as well as backdoors created by other malware. There are many variants of Rbot, and more are discovered regularly.

http://www3.ca.com/securityadvisor/v....aspx?id=39437

Troj/LowZone-G is a Trojan for the Windows platform.

Troj/LowZone-G will lower the security settings of Internet Explorer and then use Internet Explorer to connect to a web page.

http://www.sophos.com/virusinfo/anal...jlowzoneg.html

For a lot more info, just enter: “win32:lowzones” or “Win32.Rbot” into google’s search.

cheers

Edit: Below, Nihil provides some outstanding guidance on how to clean it up and keep it that way.

[nihil]

What is the antivirus?

They are trojans, so you might expect that you may have backdoors, keyloggers, password sniffers and whatever.

Update your AV and run it in SAFE MODE

Get SpyBot Search & Destroy, update it, and run it in safe mode

Get AdAware SE, update it and run it in safe mode.

Get SwatIT and do the same

In SpyBot, run the immunisation option (you should run it in advanced mode)

From DiamondCS, get Registry Prot and install it.

You should clear all your temporary internet files, history, browser cache and Java cache before doing all this

And make sure that your Windows is fully patched.

You should also be running a firewall...............are you?


Just a few little tasks for you to be getting on with

By the way, you did the right thing to ask................the problems with trojans is you don't know what comes along with them.

Good luck

[maryuk]

hi, you said to get swatit sorry but i dont know what it means or how to get it and you also said from diamond cs get registry prot and install it i also dont know what that means or how to get it, also how do you make sure windows is fully patched sorry if i sound a bit thick but this is all new to me. thanks

[Relyt]

He was wanting you to download and install those programs from their appropriate sites. Just click on the links below and they will lead you to the sites where you can download them.

http://swatit.org/download.html

http://www.diamondcs.com.au/index.php?page=regprot

http://www.microsoft.com/downloads/h...displaylang=en

Have a nice evening