Trojans... HELP
Discussion
Right it looks like I have a trojan on the PC. Symptons - I have had a number of blocked access atempts by the Norton firewall, also running a NATS hardware firwall. This seemed odd as I've never had them before. Anyhow I've now found a directory on the C drive with a stupid name which I don't recognise. When you scan it with norton it classes it as a single boot file...No it's got 4 subfolders etc this seems wrong.
I can't delete it even as administrator and it won't let me open the subfolders. I've even tried it in Dos I can't erase delete or remove the directories.
ANY Thoughts.
The directory is called:C:76d3c2a84542bfdec38ab15f659554fc
and the subdir are
ownload, ip, new, and lang
I'm sure it shouldn't be there..
I can't delete it even as administrator and it won't let me open the subfolders. I've even tried it in Dos I can't erase delete or remove the directories.
ANY Thoughts.
The directory is called:C:76d3c2a84542bfdec38ab15f659554fc
and the subdir are
ownload, ip, new, and lang I'm sure it shouldn't be there..
Did you manage to decipher what it was trying to do when accessing the Internet (i.e which server/port it was trying to access?). It may be easier to identify it from that. Failing that, there's a number of free tools available to check for Trojans (do a google search)
DJ
edited to say: http://1spybot.com/ claims to be able to scan and advise on Trojan removal
>> Edited by _DJ_ on Sunday 18th January 21:32
DJ
edited to say: http://1spybot.com/ claims to be able to scan and advise on Trojan removal
>> Edited by _DJ_ on Sunday 18th January 21:32
Maybe go to a reputable site like www.symantec.com and do an online scan?
God, I should charge for the
Fishy m'boy, do the following.
Assuming reasonable software AV and firewall such as Norton Internet security suite (open to debate)..
Downlaod and run Spybot and adaware.
Go to www.spywareinfo.com and dowload hijackthis, run it and post the logfile onto the forum that is on that site in the removal help section.
They will then post back with the final stages of removal of the trojans & spware that all the other have missed.
I have personaly wrestled with 5 pieces of this crap over christmas and I should consider myself to know better, being in the industry.
Mail me if you need anymore help.
Now give me a ride in ya T350!
Coach
>> Edited by coach on Sunday 18th January 22:57
Fishy m'boy, do the following.
Assuming reasonable software AV and firewall such as Norton Internet security suite (open to debate)..
Downlaod and run Spybot and adaware.
Go to www.spywareinfo.com and dowload hijackthis, run it and post the logfile onto the forum that is on that site in the removal help section.
They will then post back with the final stages of removal of the trojans & spware that all the other have missed.
I have personaly wrestled with 5 pieces of this crap over christmas and I should consider myself to know better, being in the industry.
Mail me if you need anymore help.
Now give me a ride in ya T350!
Coach
>> Edited by coach on Sunday 18th January 22:57
simpo two said:
Maybe go to a reputable site like www.symantec.com and do an online scan?
Thats where I go if I have a virus that I cant get rid.
kojak69 said:
Maybe go to a reputable site like <a href="http://www.symantec.com">www.symantec.com</a> and do an online scan?
Thats where I go if I have a virus that I cant get rid.
Thats were I go to.....................work!
fish said:
Well I may be speaking to you later as I'm going to give symantec a call about it today before I waste any more time on it.
As I understand it, viruses are a bit different from spyware, so antivirus software doesn't remove spyware. That's why you need to keep up to date on anti-software for *both* sets of nasties.
tuffer said:
Thats were I go to.....................work!
In that case, tell me what file ccApp.exe does, and why I've had to disable the thing to stop it interrupting everything my computer ever seems to want to do! As far as I'm concerned, Norton Antivirus is a complete nightmare and always has been. I've tried to live with it, one way or another, for more than ten years, and never yet had the thing work properly. Ho hum.
Thumper you might like to take a look at:
www.kaspersky.com/ A bit more expensive than NAV. I use it because it has certain features that NAV
does very badly. I once emailed a technical query on a Sunday thinking I would get back to me on the Monday
- they got back to me in 10 minutes. Perhaps you get what you pay for.
www.kaspersky.com/ A bit more expensive than NAV. I use it because it has certain features that NAV
does very badly. I once emailed a technical query on a Sunday thinking I would get back to me on the Monday
- they got back to me in 10 minutes. Perhaps you get what you pay for.
Thumper said:
tuffer said:
Thats were I go to.....................work!
In that case, tell me what file ccApp.exe does, and why I've had to disable the thing to stop it interrupting everything my computer ever seems to want to do! As far as I'm concerned, Norton Antivirus is a complete nightmare and always has been. I've tried to live with it, one way or another, for more than ten years, and never yet had the thing work properly. Ho hum.
I do not work in the AV arm of Symantec but Google did manage to find this in around 1/3 of a second:
info
Sounds like you may have a layer 8 problem as I have used NAV for the last 3 years and never had any problems or a Virus! Kaspersky etc may be just as good if not better, I only use it as it's free.
>> Edited by tuffer on Tuesday 20th January 14:15
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff