This is very seious--a trojan horse!!!!

Status
Not open for further replies.
GeekyBoy

GeekyBoy

In the zone
Guys

This is very very serious-it was actually my mistake.I recently upgraded my computer and had to install windows xp fresh on it.I had installed all the applications (including antivirus) but I forgot to install a firewall.The first few days I surfed the net without any virus invading my pc.But after a couple of days later,my internet connection disconnected abruptly and would not connect again(I have a dial up).I entered the network connections folder and I saw there was a new connection created(which of course I hadn't!)named "New Dialup Connection" which tried to dial a certain number.I made Norton Antivirus do a scan of my whole system and it found a dialer(named "Dialer.Kotu").It removed the dialer but a few days later suddenly a norton antivirus dialog box appeared saying it found a virus called "Trojan Horse" and they found it in "C:\Documents and Settings\GeekyBoy\Local Settings\Temp" and the filename was "win283.tmp.exe".When I clicked on ok,it said it could not repair the file and quarantined it.After that whenever I search the net it shows the same virus in the same folder,but the filename is differently genereted.Also Norton Antivirus sometimes shows that I am infected by "Dialer.Trojan" virus.The viruses "Dialer.Kotu" and "Trojan Horse" reappear even when norton says it has removed the virus.How can I remove these viruses?This is very critical--please help.
 
OP
GeekyBoy

GeekyBoy

In the zone
Venom said:
*www.symantec.com/security_response/writeup.jsp?docid=2004-052522-3128-99
Click to expand...
I've read this damn article!
I've done all the steps required,but still it does not go away.And what about the trojan?
 
samrulez

samrulez

Cyborg Agent
Try to delete the file...
Also see this *www.symantec.com/security_response/writeup.jsp?docid=2001-010916-4630-99&tabid=3

Is u r virus defenitions up-to-date....then surely update it..
 
Last edited:
OP
GeekyBoy

GeekyBoy

In the zone
samrulez said:
Also see this *www.symantec.com/security_response/writeup.jsp?docid=2001-010916-4630-99&tabid=3
Click to expand...
I 've removed this Dialer.Trojan but I can't remove the "Trojan Horse" virus.It infects files which are randomly generated in the folder which I told in my post.I has mostly extentions of ".tmp.exe",".tmp " and ".exe"

samrulez said:
Is u r virus defenitions up-to-date....then surely update it..
Click to expand...
I've already had them updated
 
Last edited:
dhan_shh

dhan_shh

Ambassador of Buzz
You can try 'Trojan Hunter' or 'Trojan Remover',trial versions are available: h**p://www.misec.net/ or h**p://www.simplysup.com/.

This page may be of help:
h**p://www.firewallguide.com/anti-trojan.htm
 
Last edited:
anandk

anandk

Distinguished Member
first download and use ccleaner to clear ur temp files and other pc junk.
www.ccleaner.com

since u have identified the location of the malware, u can always use 'delete doctor' to delete the sticky fellow. www.diskcleaners.com

then enter SAFE MODE and scan ur pc with a good av and anti-spy.

it all fails, pls post ur hijackthis logfile here or at www.hijackthis.de for scrutiny.

incidentally ewido is a good freeware trojan/malware remover.
 
Garbage

Garbage

God of Mistakes...
If u don't mind, let me suggest a solution for this.

Acc/to my opinion Norton is NOT good. U can use QuickHeal 8.0 for this. It also repaires the viruses.

& afterword download ZoneAlarm Firewall from www.zonelabs.com & install it. It removes the spywares & Dialers also.....
 
JGuru

JGuru

Wise Old Owl
First of all before connecting to the Net,install ZoneAlarm firewall. It's the best firewall.
It can monitor what program connects to the Net, if the program looks suspicious,
deny it Net access. Also you a antispyware like SpyBot, it can prevent registry changes,
browser hijacking, spywares etc., Use FireFox or Opera browser. Since lots of
these spyware use IE to connect to the Net, so if you give permission to IE to
connect to the Net, your System will be compromised!! So don't use Internet Explorer.
 
OP
GeekyBoy

GeekyBoy

In the zone
shirish_nagar said:
If u don't mind, let me suggest a solution for this.

Acc/to my opinion Norton is NOT good. U can use QuickHeal 8.0 for this. It also repaires the viruses.

& afterword download ZoneAlarm Firewall from www.zonelabs.com & install it. It removes the spywares & Dialers also.....
Click to expand...
I have installed ZoneAlarm but still the viruses do not go away...
 
anandk

anandk

Distinguished Member
a zonealarm firewall may block virii entry, but will not make an already inside virus go away. an anti-virus, a firewall, an anti-spy, each have difrnt functions.best to have all 3 'on' ven online, else use an internet security suite like zass.
 
OP
GeekyBoy

GeekyBoy

In the zone
Can everyone give me a more detailed advice?What advice I get from you guys is not enough.I suppose formatting the system will do enough to remove the viruses.
 
Last edited:
Pathik

Pathik

Google Bot
yup formatting ll remove it but u ll lose all ur data...
better scan with a antivirus and delete all infected files....
 
samrulez

samrulez

Cyborg Agent
Well....formatting is the easiest option..but.....try removing it....
use ad-ware/cc cleaner or some utility....
Also turn off system restore....
 
OP
GeekyBoy

GeekyBoy

In the zone
I know ZoneAlarm is a firewall:mad:
I had just tried to log into safe mode and scan and remove the viruses but windows refused to boot into safe mode.This may be caused by the virus.I took the easy step-backuped my data and formatted!Although the backup took a lot of time,it was worth it.
 
K

k_blues24

Journeyman
first boot ur system in a safe mode and then try to scan the system with AV
u can use AV like Avast it should be updated & AV like AntiVir version 6 updated. Try Any of these AV (or both one after another but don't setup a any two of them simultaneously it may causes to system unstable problem.).
I recomonded AntiVir ver.6. Hope for best.
 
Status
Not open for further replies.
Top Bottom