'trojan horse' in my computer - help !

Re: Trojans


Sorry ClubMan, but I have to disagree. Trojans have behaviour different from viruses. Some Anti-virus programs may stop some of them, but they can take many forms.


See www.anti-trojan-software-reviews.com/ or www.irchelp.org/irchelp/security/trojanterms.html

BTW, I'm not arguing about terminology here. I just think you need to protect against both. Personally, I think you need at least 3 levels of security + Common Sense.

(1) Firewall
(2) Anti-Virus
(3) Anti-Trojan

A real PITA, but that's the way the online world is these days.
 
Re: Trojans

Moi, frankly, I just took dannymur's 'last resort' advice, downloaded the free trial version of 'Trojan-a*se-whupper', ran it, and it cleared up the problem that my workplace's (no doubt expensively-bought) AntiVirus systems were signally failing to get rid of...

Bingo! — problem solved; thanks again, dannymur!

Dr. M.
 
Re: Trojans

Sorry ClubMan, but I have to disagree. Trojans have behaviour different from viruses. Some Anti-virus programs may stop some of them, but they can take many forms.

Fair enough - I stand corrected.
 
Re: condescending

i admit to knowing very little about trojans etc but upon reading this i checked with my virus checker and discovered that a number of backdoor trogans appear to have been discovered and protected against in the past week. one today. I have two adware thingys that show up when i scan and norton cant delete them but they dont appear to be doing any harm. they are there because of kazaa which i have since removed (despite wailing and tantrum throwing etc). Should i just leave them alone. they are there for nearly a year now and appear harmless. Also noticed that pop-ups have ceased since i deleted said Kazaa.
 
2 cents on the adware software

I have a home pc, that for a while I havent bothered to clean to see what kind of malware would get in.
Ive used both mozilla and IE on a win2000 install on a broadband connection without a firewall or AV software..
Last weekend, I ran adaware 6 first and then spybot and both found a few stray dogs hanging around. Spybot found some that Adaware didnt. I then ran AVG which found nothing.
However, now thinking it was clean, I ran a full version of a product called x-cleaner. It has an adware cleaner on it, it found 2 adware programs that the other 2 didnt. I ran spywareblaster and it found none. What does this tell me? One piece of adware SW isnt enough as there must be as many adware programs are there are removal tools. My recommendation would be to run as many as you can get your hands on if youre worried.
Theres a biggish list of removal tools on this link, I'll update the clean pc post with this link for posterity. here.
 
Re: Trojans

Bingo! — problem solved; thanks again, dannymur!
Click to expand...

Ná habair é.

glad somebody was helped by my hastily put-together post on the dreaded capall Trojan

Some day i might need a Doctor
 
Re: the dreaded capall Trojan

...is back, I'm afraid!
Tenacious little buggers, aren't they?

(Hope you don't need my services, dannymur — I'm only the 'of-Philosophy' kind of Doctor!)
 
'false positive' results in trojan hunt?

Have you considered the possibility that you might be getting 'false positive' results in your trojan hunts?

Google Search Strategy ("false positive" trojan)

ajapale
 
trojans

Thanks a million for all the help folks !!!
It's much appreciated !

I downloaded a trojan remover that dannymur(?) listed and when I re-scanned with my AVG virus protection all seemed well.

However,
About an hour later my Sygate Firewall appeared on screen telling me that "somebody is scanning your computer" ???

So when I looked in the Sygate log listing, it shows that somebody is trying to accesss/scan my computer.

It has just done it again - said "Port Scan Logged" ???

What does this mean ?
Is somebody trying to use my computer to make premium rate calls or what ?

It lists the attacking IP address.
Is it possible to find out where this address is from ?

Cheers,
Silvera.
 
Re: trojans

What does this mean ?
Is somebody trying to use my computer to make premium rate calls or what ?

Not necessarily. It could be innocuous. Or it may not be. It may be a suspected or it may be an actual . At least your firewall seems to have caught it just in case. A lot of network/internet activity happens unbeknownst to the user and not obviously related to end user/on screen activity. When seemingly mysterious activity such as this crops up then it's worth investigating it to determine the cause and, if it's innocuous and required for normal functioning of the system, to reconfigure the firewall to allow the relevant traffic in or out or both. If in doubt keep it out though. That's a key approach when securing a PC/LAN - lock it down and only permit traffic if absolutely required.

It lists the attacking IP address.
Is it possible to find out where this address is from ?

Possibly - enter the IP address into the IPWHOIS Lookup form here (third form down in the middle column) and see what it resolves to. Does the log mention what port the activity is on?
 
trojans viruses malware.........

I'm at my wits end with this computer of mine !!!!!!!!!!

I've downloaded so may 'spyware removers', 'trojan removers' etc etc etc etc..............and there is still something in the system !!!!!!!!!

The latest program I have downloaded is SpyBot and it informs me that I have 44 infected files (the last program told me I have/had 21) - BUT it would not remove the infected files unless I paid a fee !!!!!!!

Most of the infected files seem to be "Program Files\common files\" that are also used by other programme files in my computer.

E.g. one infected files was listed as "C:\ Program Files\avoe\att"
When I looked up the file it is a legimate system installed in my computer since I bought it ???????

I reckon I may call in a professional (though I can't really afford to) !

or should I take out the hard drive and bring it to a computer specialist (thats if I can extract the drive with ease) ?????
 
trojans viruses malware.........

.......and on top of everything else the viruses are blocking my access to my Yahoo email accounts AND I keep getting pop up notices that my internet access is only available through 'Port 1900' or 'Port 8080' etc etc etc

(And Esat were no help when I phoned them.)
 
Given the number of uninvited gremlins, , you must be a big one for 'free' software.<!--EZCODE BR START--><!--EZCODE BR END--><!--EZCODE BR START--><!--EZCODE BR END-->Is there a lesson to be learned here? Why are you are affronted by a programmer's request for payment to rid your computer of problems of your own doing? The freebie applications are simply extracting their price, too.<!--EZCODE BR START--><!--EZCODE BR END--><!--EZCODE BR START--><!--EZCODE BR END-->It's time to stump-up the dosh and realise that nothing in this life is without a cost.
 
If I was having such problems and could not eradicate them then I'd seriously consider backing up any important (data) files (having scanned them for viruses etc.) and doing a complete reinstall of the operating system and applications from the original installation CDs. Then I would ensure from the start that I had adequate (firewall, virus, adware etc.) protection.

and on top of everything else the viruses are blocking my access to my Yahoo email accounts AND I keep getting pop up notices that my internet access is only available through 'Port 1900' or 'Port 8080' etc etc etc

Are you sure that this is actually a virus and not simply your firewall doing its job? Firewalls will generally lock down all access from/to your PC (and even "self contained" TCP/IP activity within your PC!) and only allow it when specifically told. After installation of a firewall there is generally a period of tuning/configuration required in order to allow necessary traffic (e.g. for web browsing, email etc.) while keeping everything else locked down.

(And Esat were no help when I phoned them.)

To be fair, general support for PC problems is not really their responsibility unless you have purchased such support from them.
 
files

Most of the infected files seem to be "Program Files\common files\" that are also used by other programme files in my computer.

E.g. one infected files was listed as "C Program Files\avoe\att"
When I looked up the file it is a legimate system installed in my computer since I bought it ???????


Max has a very good point here.

You have enough savvy to check what an infected file is before you delete it, but now you think its a valid file and you dont know whats going on, youre probably thinking your spyware cleaner isnt working properly.

Some adware writers use modified versions of installed exes and dlls to do their dirty work. That way, it puts the sh*ts up the inexperienced user when you go to delete the files. ie, You.

If youre going to use freeware, be prepared to have to clean regularly. If youre getting regular problems and your free cleaners aint doing the job and you dont have enough knowledge to deal with your pc problems, shell out and pay for a professional version of whatever will do the job for you. Treat it no different then if you had a problem with your car.
 
Re: files

Treat it no different then if you had a problem with your car.

And in this case you may need a full service/overhaul (e.g. a reinstall) rather than just an oil change (e.g. cleanout of parasites)!
 
You must log in or register to reply here.
Menu
Log in
Register