trojan horse?

Discussion in 'Computer Security' started by Ben Yarnold, Apr 3, 2005.

  1. Ben Yarnold

    Ben Yarnold Guest

    i have done a virus scan as normal and found out that i have a trojan horse
    backdoor small.28.ao. it has been 'healed' by my av AVG but don't know how
    it got there. i have been using kerio firewall is this prog alrite? is there
    a better freeware program around? it has almost expired can i get a crack
    for it? i am using latest spybot ad aware AVG and kerio. but these things
    are expiring!!! ne suggestions on another program or maintaining my current
    setup welcome.
     
    Ben Yarnold, Apr 3, 2005
    #1
    1. Advertising

  2. "Ben Yarnold" <> wrote in message
    news:RhI3e.21966$...
    > a better freeware program around? it has almost expired can i get a crack
    > for it? i am using latest spybot ad aware AVG and kerio. but these things
    > are expiring!!! ne suggestions on another program or maintaining my

    current
    > setup welcome.
    >

    All the products you mentioned above are free, with free updates. How can
    any of them be expiring? BTW, Sygate Personal Firewall works well for me,
    and it's free too!
    Savage
     
    Savage111owner, Apr 3, 2005
    #2
    1. Advertising

  3. From: "Ben Yarnold" <>

    | i have done a virus scan as normal and found out that i have a trojan horse
    | backdoor small.28.ao. it has been 'healed' by my av AVG but don't know how
    | it got there. i have been using kerio firewall is this prog alrite? is there
    | a better freeware program around? it has almost expired can i get a crack
    | for it? i am using latest spybot ad aware AVG and kerio. but these things
    | are expiring!!! ne suggestions on another program or maintaining my current
    | setup welcome.
    |

    We are assuming it is an infector at the root of the problem...

    Dump the contents of the IE Temporary Internet Folder cache (TIF)

    start --> settings --> control panel --> internet options --> delete files

    1) Download the Sysclean Front End utility ( SYSCLEAN_FE ) in "Procedure 1"
    at the following URL, SYSCLEAN_FE automates the download and
    execution process of the Trend Sysclean Package.
    http://www.ik-cs.com/got-a-virus.htm

    Direct URL:
    http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe

    Execute; SYSCLEAN_FE.EXE
    Choose; Unzip
    Choose; Close

    Execute; c:\sysclean\SYSCLEAN_FE.BAT
    { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean }

    When you get to the Sysclean Front End menu, hit 'e' or '3' to exit.

    2) Download and install Ad-aware SE (free personal version v1.05)
    http://www.lavasoftusa.com/
    3) Update Adaware with the latest definitions then exit the software.
    4) If you are using WinME or WinXP, disable System Restore
    http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    5) Reboot your PC into Safe Mode and shutdown as many applications as possible
    6) Using the Trend Sysclean and Ad-aware SE utilities, perform a Full Scan of your
    platform and clean/delete any infectors found
    7) Restart your PC and perform a "final" Full Scan of your platform using both Trend
    Sysclean and Ad-aware SE
    8) If you are using WinME or WinXP, re-enable System Restore and re-apply any
    System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
    9) Reboot your PC.
    10) If you are using WinME or WinXP, create a new Restore point

    * * * Please report back your results * * *


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, Apr 3, 2005
    #3
  4. Ben Yarnold wrote:

    > i have done a virus scan as normal and found out that i have a trojan
    > horse backdoor small.28.ao. it has been 'healed' by my av AVG but don't
    > know how it got there. i have been using kerio firewall is this prog
    > alrite? is there a better freeware program around? it has almost expired
    > can i get a crack for it? i am using latest spybot ad aware AVG and kerio.
    > but these things are expiring!!! ne suggestions on another program or
    > maintaining my current setup welcome.


    The best security you can get is proper system administration. Do you
    download crap from the Internet? Does your account have administrator
    privileges? See where I am going here?

    Michael

    --

    "Microsoft isn't evil, they just make really crappy operating systems." -
    Linus Torvald
     
    Michael Pelletier, Apr 3, 2005
    #4
  5. Ben Yarnold

    Ben Yarnold Guest

    trojan news..

    i have done a scan with the sysclean in normal windows bcoz i couldn't
    restart in safemode. im running xp sp2 i was pressing f8 while starting
    didn't work... the scan found nothing on the system..??? i already have ad
    aware and do regular scans. i don't dl crap of the net i don't know how i
    got it. when i did my first scan with AVG antivirus said that the file
    hijackthis.exe was infected. that file was from a trusted source for fixing
    malware and the like. mayb a false negative? why do i have 2 turn sytem
    restore off? it said that the restore points would b deleted so i opted not
    2. the scan with sysclean said that access was denied to alot of files with
    diffent extensions. since then i have created a admin user then changed my
    user 2 limited. and was planning 2 use the admin user 4 office type stuff
    and my limited 4 everything else. was this the rite thing 2 do? thanx for
    help but still need it....plz!!
    "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
    news:s5J3e.1459$1r6.1121@trnddc02...
    > From: "Ben Yarnold" <>
    >
    > | i have done a virus scan as normal and found out that i have a trojan
    > horse
    > | backdoor small.28.ao. it has been 'healed' by my av AVG but don't know
    > how
    > | it got there. i have been using kerio firewall is this prog alrite? is
    > there
    > | a better freeware program around? it has almost expired can i get a
    > crack
    > | for it? i am using latest spybot ad aware AVG and kerio. but these
    > things
    > | are expiring!!! ne suggestions on another program or maintaining my
    > current
    > | setup welcome.
    > |
    >
    > We are assuming it is an infector at the root of the problem...
    >
    > Dump the contents of the IE Temporary Internet Folder cache (TIF)
    >
    > start --> settings --> control panel --> internet options --> delete files
    >
    > 1) Download the Sysclean Front End utility ( SYSCLEAN_FE ) in
    > "Procedure 1"
    > at the following URL, SYSCLEAN_FE automates the download and
    > execution process of the Trend Sysclean Package.
    > http://www.ik-cs.com/got-a-virus.htm
    >
    > Direct URL:
    > http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe
    >
    > Execute; SYSCLEAN_FE.EXE
    > Choose; Unzip
    > Choose; Close
    >
    > Execute; c:\sysclean\SYSCLEAN_FE.BAT
    > { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean }
    >
    > When you get to the Sysclean Front End menu, hit 'e' or '3' to
    > exit.
    >
    > 2) Download and install Ad-aware SE (free personal version v1.05)
    > http://www.lavasoftusa.com/
    > 3) Update Adaware with the latest definitions then exit the software.
    > 4) If you are using WinME or WinXP, disable System Restore
    > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    > 5) Reboot your PC into Safe Mode and shutdown as many applications as
    > possible
    > 6) Using the Trend Sysclean and Ad-aware SE utilities, perform a Full
    > Scan of your
    > platform and clean/delete any infectors found
    > 7) Restart your PC and perform a "final" Full Scan of your platform
    > using both Trend
    > Sysclean and Ad-aware SE
    > 8) If you are using WinME or WinXP, re-enable System Restore and
    > re-apply any
    > System Restore preferences, (e.g. HD space to use suggested 400 ~
    > 600MB),
    > 9) Reboot your PC.
    > 10) If you are using WinME or WinXP, create a new Restore point
    >
    > * * * Please report back your results * * *
    >
    >
    > --
    > Dave
    > http://www.claymania.com/removal-trojan-adware.html
    > http://www.ik-cs.com/got-a-virus.htm
    >
    >
     
    Ben Yarnold, Apr 5, 2005
    #5
  6. Re: trojan news..

    From: "Ben Yarnold" <>

    | i have done a scan with the sysclean in normal windows bcoz i couldn't
    | restart in safemode. im running xp sp2 i was pressing f8 while starting
    | didn't work... the scan found nothing on the system..??? i already have ad
    | aware and do regular scans. i don't dl crap of the net i don't know how i
    | got it. when i did my first scan with AVG antivirus said that the file
    | hijackthis.exe was infected. that file was from a trusted source for fixing
    | malware and the like. mayb a false negative? why do i have 2 turn sytem
    | restore off? it said that the restore points would b deleted so i opted not
    | 2. the scan with sysclean said that access was denied to alot of files with
    | diffent extensions. since then i have created a admin user then changed my
    | user 2 limited. and was planning 2 use the admin user 4 office type stuff
    | and my limited 4 everything else. was this the rite thing 2 do? thanx for
    | help but still need it....plz!!


    That was painful to read ! bcoz u rite funny

    Anyway assuming the version of Ad-aware you use is Ad-aware SE v1.05 and is up to date you
    can also try SpyBot Search and Destroy and the following....

    Trend Micro - Free online virus Scan
    http://housecall.trendmicro.com/
    http://housecall.antivirus.com

    McAfee Security - FreeScan
    http://www.mcafee.com/myapps/mfs/default.asp

    Panda ActiveScan - Free online scanner
    http://www.pandasoftware.com/activescan/com/activescan_principal.htm

    Computer Associates:
    http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

    DialogueScience:
    http://www.antivir.ru/english/www_av/

    F-Secure:
    http://support.f-secure.com/enu/home/ols.shtml

    BitDefender
    http://www.bitdefender.com/scan/license.php

    Freedom Online scanner
    http://www.freedom.net/viruscenter/index.html

    Kaspersky
    http://www.kaspersky.com/service?chapter=161739400#betatest

    Symantec
    http://securityresponse.symantec.com/

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, Apr 5, 2005
    #6
  7. Ben Yarnold

    lee Guest

    Re: trojan news..

    Ben Yarnold wrote:
    > i have done a scan with the sysclean in normal windows bcoz i couldn't
    > restart in safemode. im running xp sp2 i was pressing f8 while starting
    > didn't work...

    Were you "tapping" the F8 key, or "pressing" it. Tapping will take you
    into safe mode. Pressing will not.
     
    lee, Apr 5, 2005
    #7
  8. Ben Yarnold

    Pete Guest

    On 2005-04-03, Ben Yarnold <> typed:
    > i have done a virus scan as normal and found out that i have a trojan horse
    > backdoor small.28.ao. it has been 'healed' by my av AVG but don't know how
    > it got there. i have been using kerio firewall is this prog alrite? is there
    > a better freeware program around? it has almost expired can i get a crack
    > for it? i am using latest spybot ad aware AVG and kerio. but these things
    > are expiring!!! ne suggestions on another program or maintaining my current
    > setup welcome.
    >


    What version of 'kerio firewall' are you using ? I've used Kerio Personal
    Firewall 2.1.5 for a few years now, and as far as I can tell, it's done what
    is says 'on the tin'. From what I can infer from your post, the firewall had
    nothing to do with your infestation. It cannot stop you downloading poo from
    the Internet, that is a different matter altogether. Any firewall is useless
    if you just click 'Yes' or 'Permit' to anything it alerts you to, without
    reading the information it shows you. A good rule of thumb is to deny
    anything that you're unsure of, and only allow programs when they're
    obviously not working because they're being prevented from connecting out.
    Internet Explorer springs to mind here. Hmm, hang on ... :)

    By the way, if 'cracked' software is your bag, then you'll more than likely
    end up with a whole load more poo on your system than you have already.


    Pete.

    --
    Fortune says :

    If you don't say anything, you won't be called on to repeat it.
    -- Calvin Coolidge
     
    Pete, Apr 5, 2005
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jim Chapman

    Trojan Horse cannot be put in vault by AVG free version

    Jim Chapman, Aug 7, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    577
    °Mike°
    Aug 7, 2003
  2. bb3

    Re: AVG can't eliminate Trojan Horse virus

    bb3, Aug 8, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    479
  3. PhilGreg

    Re: AVG can't eliminate Trojan Horse virus

    PhilGreg, Aug 9, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    523
    PhilGreg
    Aug 9, 2003
  4. Jim Chapman

    Trojan Horse

    Jim Chapman, Aug 15, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    560
  5. Fitzy_bhoy

    Trojan Horse...Help needed

    Fitzy_bhoy, Aug 27, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    744
    Ralph Wade Phillips
    Aug 28, 2003
Loading...

Share This Page