definality sounds like sub 7 the cleaner will get it off and i think there iz a thing at tlsecurity.com that removes every thing of it includin the reg lines
edit i hate it when ppl post at same time :(
Printable View
definality sounds like sub 7 the cleaner will get it off and i think there iz a thing at tlsecurity.com that removes every thing of it includin the reg lines
edit i hate it when ppl post at same time :(
ok... first of all.. unless this trojan can hide itself u can find out where its connected itself to..
even though many times nowadays the directions and stuff are rerouted through a mailer or server.. go to ms-dos or command prompt and type in netstat -n this will show all the connections on ur computer.. copy and paste these to a txt document...
After u get the proof contact ur isp from an alternate e-mail adress (like urs if ur freind is having the problem)
The worst thing that could happen is she has to format her computer... first backup all savegames, text documents, etc... (highly unlikely that the toojan will be transmitted through backup) then format the computer and reinstall the os and stuff
As stated by other responders, your friend has a trojan. The trojan and any related worms have to be removed from her system.
1. Remove any junkware such as Kazaa and delete all files in the Windows\Temp.
3. Next she will want to download Ad-Ware 6.0 all spyware.
2. Download the lastest version of TDS Professional anti-trojan ware. There is a 30 days trial version available that does a good job of sniffing trojans including mutexs and mutlithreads. The program eats up a lot a resources while it checks, but it is probably the best anti-trojan available. Be sure to get the plug-ins as well. Run a full scan of the system including ports. When the program is finished checking, delete all trojans, reboot and run the scan again verifying all ports.
4. Reboot once again and run scan with TDS. Her system should show clean.
I'm assuming your friend has anit-virus software installed? If not she needs to get some. And she should register her download of TDS set it for autoscan. TDS and most anti-virus software like Norton and Netshield can run concurrently. Ad-Ware doesn't need to be registered but she should check their website regularly for the latest version and updates. I recommend the anti-trojan software because once she has been hacked, she's likely to be hacked again.
Come on guys, whipeing the system is a lot of over kill in this case. Drop the system from the web, get a firewall and antivirus onto it ( the anti vrius will need t obe updated, this can be done with another system on the web and a floppy) This should clean the trojin off. Then put the system back on the net. Nothing needs to be formated or whiped...but it would be a very good idea to reset all the verious passwords that are used as they may have been compramised. Oh, and if the system is used for quicken or any other finacial it may be a good idea to get new credit card numbers.
it wouldn't be a bad idea to use an anonymous proxy in the future, either -
Yup, never know what could be lurking around on a comprimised system, especially if the user of the machine isnt technically savy. I second that motion of changing passwords (over a secure connection if possible ;) ) and starting the box over from scratch.
Later,
Ndog