PDA

View Full Version : Trojans

kfh
12-03-2004, 02:22 PM
Hi All,

I'm running AVG 7.0 Pro, It has found Trojan Horse PSW perfect a,b,c. Avg won't and can't remove these trojans, What free app will.

Thanks,

kfh.
classicsoftware
12-03-2004, 03:20 PM
Please download

Stinger (http://vil.nai.com/vil/stinger/) and The Avast virus removal tool (http://www.avast.com/eng/down_cleaner.html).

Boot into safe mode and run each of them.

Then go on-line and run an on-line scan at trend micro (http://housecall.trendmicro.com/).

After your done that, go and download Hikack This (http://www.subratam.org/?page=removal) and post a log back here. Malware travels in packs. If you have a virus or trojan horse, you probably also have some spyware as well.
david eaton
12-03-2004, 03:34 PM
Where are the infected files?
kfh
12-03-2004, 03:55 PM
Hi All,

The files are in system volume restore. on a drive I can't boot to at the moment, this is probably why.

Thanks,

kfh.
Steve
12-03-2004, 06:39 PM
If you go and shut off "System Restore" that should remove the problem files. Run your virus scan after that and if it comes up clean, turn System Restore back on and create a new restore point.

:)
david eaton
12-03-2004, 06:46 PM
Yep, Steve is quite right.
The Restore files are compressed archives that cannot be opened by any other program.
Disabling your system restore, and rebooting should remove them. Restart system restore, and set a clean restore point, and you should be OK.
kfh
12-04-2004, 01:19 PM
Hi All,

I Turned of system restore as mentioned.
I ran all the above non of them are even finding the trojans.
They are all still there I ran AVG again.

Thanks,

kfh.
Budfred
12-04-2004, 02:25 PM
If you turned off System Restore and that is where they were, they should be gone... Please post the report from AVG regarding what it has found....

Also, it may be worthwhile to post an HJT log to see if anything shows up.... Be sure to use 1.98.2....
Donn
12-04-2004, 09:56 PM
Kfh-

I'm curious to know if you are running or have any other anti-virus program on this PC besides AVG Pro 7.0 ? Did you recently uninstall some other AV program and not uninstall all of its files?

Also, exactly what symptoms are you having that these trojans are producing, any? Or is there just the notification from AVG ?

thanks . . .
PrntRhd
12-05-2004, 12:41 AM
AVG THINKS it detected a password-stealing file. I would run Trend Micro's Housecall online scan as a double check against a false positive.
Edit:
but Classicsoftware already advised the same a couple of posts back.