Re: Cleaning Trojan virus off

From: Chek (chek_16_at_hootmail.com)
Date: 09/10/04

• Next message: sKEETer: "spamware"
• Previous message: Brian Sheffield: "Re: System Restore gone Kaput!"
• In reply to: Brian Sheffield: "Cleaning Trojan virus off"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 10 Sep 2004 17:35:08 +0100

Brian,
Try:
http://www.aumha.org/a/parasite.htm

with particular attention to installing and running:
CWShredder,
Spybot Search & Destroy 1.3,
AdAware (SE has now replaced version 6),
Hi Jack This,
About Buster,
Spywareblaster.

Use at least 2 of these online anti-virus scanners

Trend Micro - Free online virus Scan
http://housecall.trendmicro.com/

McAfee Security - FreeScan
http://www.mcafee.com/myapps/mfs/default.asp

Symantec Security Check
http://security.symantec.com/ssc/home.asp

Panda ActiveScan - Free online scanner
http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Some infections can be more persistent than others, so see how the tools
suggested
work to start with.
Hope this helps,

Chek
Change' boos' to 'bos' in address to email directly

"Brian Sheffield" <bsheffcpa@netscape.net> wrote in message
news:%23%23CKty0lEHA.536@TK2MSFTNGP11.phx.gbl...
> One of our workstations has a trojan on it. McAfee identifies it as
> Downloader-OR but doesn't give any directions on how to remove it. I have
> attempted to clean, delete, and move the file without success.
> Interestingly, the file identified by the on-access scanner cannot be
found
> by the windows explorer, command line dir command, or the Novell ndir
> command.
>
> I have tried to use system restore to get to a prior safe state, however
> the on-access scanner still finds that file and denies it access to system
> resources. My question is, will I have to low-level the hard drive and
> re-install everything to make sure this trojan is dead?
>
> TIA
>
> Brian Sheffield
> Rich Grant Trucking
>
>

---

• Next message: sKEETer: "spamware"
• Previous message: Brian Sheffield: "Re: System Restore gone Kaput!"
• In reply to: Brian Sheffield: "Cleaning Trojan virus off"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: System Restore registry key missing ... online antivirus scan sort of as a second opinion to one you run ... I sent three files to Kaspersky to evaluate and in the meanwhile I ... Is there some handy little vbs file or easy fix to get that registry ... you could try reinstalling System Restore. ... (microsoft.public.windowsxp.general) Re: Weird situation ... What I usually show people is the output of the history command, ... Even with a site license from microsoft, ... Read it on online with Safari View a sample ... (comp.os.linux.security) Re: BITS 2.0 Update Fails ... Did you remove online from my email address before sending it? ... >> Sudheer GN ... >>> Try the following command in a command window to see what version ... >>> it would install. ... (microsoft.public.windowsupdate) Re: Open Ports Killing Net Speed ... > be active at all times when online. ... Then turn system restore back on. ... > Symantec Online Virus and Security Scan: ... > latest security patches from Windows Update too. ... (microsoft.public.windowsxp.help_and_support) Re: Open Ports Killing Net Speed ... > be active at all times when online. ... Then turn system restore back on. ... > Symantec Online Virus and Security Scan: ... > latest security patches from Windows Update too. ... (microsoft.public.windowsxp.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)