Results 1 to 5 of 5

Thread: Some torjan detected by my Symantec AV

  1. #1

    Some torjan detected by my Symantec AV

    Hi,

    I was watching a program over bbc iplayer over the net and suddenly I found my symantec AV popped up and showed backdoor.trojan (1.exe), trojanhorse (2.exe, 4.exe). The first one got deleted and other two ot quarantined. I tried to serach those two exe but didn't find them on the system.
    The status is still shown as infected.
    Any idea how to remove these two files. I've tried to delete them using AV but no success.
    Moreover, if someone explains me how I got them and how to avoid them next time it'd be great.
    At that time I ran netstat and found the following output (pls. see attached screenshot)

    Cheers
    Attached Files Attached Files
    The more one comes to know a man the more one admires a dog.

  2. #2
    Senior Member mungyun's Avatar
    Join Date
    Apr 2004
    Location
    Illinois
    Posts
    172
    Didnt you put a post up earlier about the strange connections your computer was trying to make? have you ran any of the malware scanners yet? like Malwarebytes, Adaware, spybot, etc. Id say try those first and see what comes from that =-)

    Also, i would say you would have better luck if you put these types of threads in the Spyware/Adware section because gcc threads doesnt show up on the main page and people might not see it. (right?)
    I believe in making the world safe for our children, but not our children’s children, because I don’t think children should be having sex. -- Jack Handey

  3. #3
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    Quote Originally Posted by mungyun View Post
    Also, i would say you would have better luck if you put these types of threads in the Spyware/Adware section because gcc threads doesnt show up on the main page and people might not see it. (right?)
    Agreed, thus now this thread has now been moved into Spyware / Adware.


  4. #4
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Posts
    1,024
    Try running hijackthis and copy/paste the log file here. Those logs tell you a LOT about what's going on in your system.

  5. #5
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Try MalWareBytes first. I recently was infected with a similarly described trojan
    that was putting files like 360.exe and 419.exe in my Local Settings/Temp folder
    under my profile. Check msconfig to see if there a "winlogon.exe" enabled on
    startup (winlogon shouldn't be there!). The rogue winlogon.exe will be hiding (and
    I mean HIDING) in "C:\Recylcer\S-5-some-unique-sid". Both MalWareBytes and
    Avira's AntiVir cleaned it out. Be sure to scan any portable USB drives you may
    be using. My impression is I got infected off one of those, though I download a
    lot of BBC stuff.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

Similar Threads

  1. Norton Corporate 9.0 Help
    By CXGJarrod in forum AntiVirus Discussions
    Replies: 7
    Last Post: June 11th, 2004, 06:32 PM
  2. Symantec Norton AntiVirus 2004 ActiveX Control Vulnerability
    By SDK in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: May 25th, 2004, 03:06 PM
  3. Symantec Client Firewall Remote Access and Denial of Service Issues
    By SDK in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: May 13th, 2004, 02:08 PM
  4. Symantec and Sun Microsystems Protect Against ''Zero-Day'' Attacks
    By BourneAgain in forum IDS & Scanner Discussions
    Replies: 1
    Last Post: November 2nd, 2003, 06:33 PM
  5. ** Heads Up ** Symantec - Ooops
    By Tiger Shark in forum Network Security Discussions
    Replies: 5
    Last Post: June 25th, 2003, 03:13 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •