Trojan removal?
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Trojan removal?

  1. #1
    Junior Member
    Join Date
    Apr 2005
    Posts
    4

    Exclamation Trojan removal?

    HI

    Few days before i had a trogen in my comp. through some insecure site. My antivirus could not detect it and i removed it manually by backtracing it and removing its registry entries. I want to know whether my system is secure in this way of removal of trojans? as my antivirus scanner doesnt detects it at all.

    Do Reply

  2. #2
    What sort of antivirus solution do you have? Do you keep it updated?

    I recently wrote a tutorial on cleaning up your PC. In it I talk about antivirus solutions as well as general cleanups. Hopefully it can help you.

    My tutorial (click here)
    And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror. -from The Book of Mozilla, 7:15

  3. #3
    Junior Member
    Join Date
    Apr 2005
    Posts
    4

    Thumbs up REPLY

    My antivirus is Antivir and i update it when ever its latest patch is available.

    Moreover i its virus registry doesnt have any such trojan enlisted in it (even after latest update patch). So is my way of virus removal secure??

    Or else what other ways of manual virus removal are there??

  4. #4
    Do you have any anti spyware programs? Those are made to remove trojans as well. I listed several good ones to use in my tutorial*


    *sorry for the shameless plugging but I figure that tutorial pretty much has all links/answers there for this sorta thing.
    And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror. -from The Book of Mozilla, 7:15

  5. #5
    Junior Member
    Join Date
    Apr 2005
    Posts
    4

    REPLY

    I have a NOADWARE spyware but it isnt efficient either. \\\

  6. #6
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    When you say you removed its registry entries, are you saying that is all you removed? It may have attached itself to programs already on your computer, such as a web browser (as a plugin or toolbar maybe?) or system process. If this is the case it may be quite difficult to remove.

    However, most trojans do not exhibit this type of behaviour, and merely place registry entries ensuring that they will be executed when the computer is booted. By deleting those registry entreis, you have likely ensured that they will not start when you reboot the computer. If you have not done so already, you should also delete any files which may be associated with this trojan, then reboot and make sure they haven't reappeared again. Also check the running process list (CTRL-ALT-DEL=>Task Manager=>Process List) and make sure it is not running. If you cannot remove it in this manner, reboot, enter safe mode, and remove it from there.

    As for removal tools, don't just check your particular antivirus vendor's site for them. Check other sites, such as Symantec, McAfee, or Grisoft. As a matter of principle, they make removal tools free for download. Unfortunately, it may be difficult to find a removal tool for this trojan as you have not properly identified it yet. Try other virus scanners to see if they can identify the trojan for you.

    If you cannot identify it, you have likely removed it by following the above steps, if you have not done so already.

    Don't forget to submit the trojan to a few AV companies for research.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  7. #7

    Re: REPLY

    Originally posted here by guruofall
    I have a NOADWARE spyware but it isnt efficient either. \\\
    I suggest you go download some of the better known ones (Ad-Aware SE , Spybot:Search and Destroy , Microsoft Anti-Spyware [beta] ). Use one or more of those together to see if you can root this problem out. They're all free.
    And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror. -from The Book of Mozilla, 7:15

  8. #8
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,743
    To answer the Question..

    Manual Trojan removal can be as secure or more secure than an automated removal..
    now The BUT....

    when the trojan is not identified by any AV prog.. this also means your ability to identify ALL of its components will be very limited.
    What was the executable that raised your awarness to you haveing a trojan.. what source of information did you use to identify the components..
    If you only removed the Registry entries that pointed to that EXE then you have probably only half removed the trojan.


    Next I would be very concerned about your current Anti Spyware solution...

    http://www.webhelper4u.com/clones/noadware.html

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  9. #9
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400
    Virus:
    A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user.

    Trojan:
    Trojan Horses are impostors--files that claim to be something desirable but, in fact, are malicious. A very important distinction between Trojan horse programs and true viruses is that they do not replicate themselves.

    Worm:
    Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file.

    Source:http://service1.symantec.com/SUPPORT...99041209131106

    Adware:
    Adware is any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen. The justification for adware is that it helps recover programming development cost and helps to hold down the cost for the user. Adware has been criticized for occasionally including code that tracks a user's personal information and passes it on to third parties, without the user's authorization or knowledge.

    Source:http://www.spywaredata.com/spyware/s...efinitions.php

    Generally,most AVs and programs like Adaware dont remove trojans,they arent meant to do so you see..an AV usually can detect and remove the more popular trojans but they're meant to remove viruses..Adware's meant to remove different types of malware..it's recommended to use applications that are specifically meant to remove trojans for better results.Some programs you might want to look into if you want to make sure you're still infected:
    1. TDS-3 from DiamondCS (http://tds.diamondcs.com.au/index.php?page=download)
    2. TheCleaner (www.moosoft.com)

    These programs generally get rid of most trojans just fine,however..what do you do if a friend managed to code a trojan of his own and kept it just for you?Use a firewall to see what programs have access to the internet from your computer.A few recommended firewalls would be:
    1. Sygate (www.sygate.com)
    2. Zonealarm (www.zonelabs.com)
    3. Kerio (www.kerio.com)
    There're several good threads on this site related to firewalls you could pick,try searching for them.

  10. #10
    Senior Member
    Join Date
    Sep 2004
    Posts
    117
    Well i also removed manually a 3 trojan and had problem with 2 virus this week
    it was giving me such a pain...
    i don't only scan with anti-virus programs
    so i can say i have bit an experience with such stuff

    what was the name of the registry entries, where u find them
    maybe i know the trojan name and i can help u in that
    how u did the search
    u can pm me if u don't wanna share this info here, i will be seriously glad to help

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •