| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 46681 | 2004-07-01 22:50:00 | AVG reports Trojan Horse Downloader, Norton A.V says all clear | steve.cook (5834) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 249135 | 2004-07-01 22:50:00 | This one is really giving me some grief. PC with Windows 98SE running very slow, keeps changing default homepage, can't access many sites and continual pop-ups. Norton A.V 2002 was already installed and up to date, full scan, all files reported No viruses. Installed AVG Free Edition, within seconds reported first virus "Trojan Horse Downloader.Dyfica.2.n". Then continued to report further infections, all beginning with "Trojan Horse Downloader" but different ending. ie .winshow.r, .wintrom.2.h, .agent.bk, .agent.bj (there were several with .agent.[2 further characters]. .startpage.cg etc etc. A total of 85 files found but all had "Trojan Horse Downloader" at the beginning of the description. Those that could be healed were, the rest went to quarantine and were deleted. Subesquent scans reduced the number until I got none. Then on a reboot they reappear. I've purged the Registry (Run, Run Services etc), and disabled Startup group in msconfig. Machine is connected by ADSL and has no dial modem, there are no entries under dial-up networking. Next I installed Search & Destroy 1.3. It fails at approx 4200 items scanned with a message in German basically saying Invalid data type. The exact text is... [Error during check! 2020Search (Ungültiger Datentyp für ")] This S&D error has happened repeatedly, even after a reinstall. Next I ran Ad Aware - it found 245-odd objects, cleaned up everything, but still the problem persists. I've never had one as bad as this and this posting is my last hope before I do a format & full reload. I'm sure there's just one file on the PC causing this continual loop but I can't identify it. Has anyone had success with this? All help greatfully received. And of course, one wonders why AVG can find it so quickly and Nortons does not want to know? |
steve.cook (5834) | ||
| 249136 | 2004-07-01 23:06:00 | Try booting in Safe Mode and run Adaware and Spybot scans. Also try a NAV scan in Safe Mode. You can't run AVG in Safe Mode though for some reason :( |
CYaBro (73) | ||
| 249137 | 2004-07-01 23:13:00 | Thanks for that, already done that, I tried to cover everything I have already done in my original posting but overlooked that detail. Believe me, I think I've tried everything - hence my call for help. I'm a PC tech by the way, 15+ years experience and still finding things that stump me. I've also emailed Symantec to ask why Nortons can't find it. Customer wants to know why too. ;-) |
steve.cook (5834) | ||
| 249138 | 2004-07-01 23:24:00 | Go Here (securityresponse.symantec.com) just type Trojan Horse Downloader.winshow.r or Trojan Horse Downloader wintrom.2.h and each name you have listed in the search box and it should give you a fix for each one |
johnboy (217) | ||
| 249139 | 2004-07-01 23:24:00 | Hi Steve It is not advisable have two AV programs installed at the same time as they will conflict with each other. The results from the AVG scan could have been picked up from the NAV definitions. Download and run CWShedder from here (www.majorgeeks.com). Also in AdAware under customise tick all the options in scanning and run a custom scan. let know the results of this |
Davesdad (923) | ||
| 249140 | 2004-07-01 23:28:00 | Here (search.symantec.com) | johnboy (217) | ||
| 249141 | 2004-07-02 02:12:00 | The "Ungültiger Datentyp für" error is a bug in the Spybot update. Its just been fixed apparently, if you can find the updated file. |
godfather (25) | ||
| 249142 | 2004-07-02 02:26:00 | I thought CWShredder was a specific tool for getting rid of CoolWebSearch? Excuse me butting in like this but just puzzled. ?:| |
mark c (247) | ||
| 249143 | 2004-07-02 03:00:00 | Download and scan your computer with HijackThis from here (www.spywareinfo.com) to see if you can recognise anything sinister that needs removing. | tommy (2826) | ||
| 249144 | 2004-07-02 05:49:00 | Hi Dave, thanks for the reply, and until fairly recently I would have agreed with you, but unfortunately it's no longer the case. I am now regularly installing AVG onto all my customer's Computers to supplement their protection and have not yet encountered a conflict with another AV program. Two programs has the added advantage that if one bombs out, there is still some protection. Cheers Steve |
steve.cook (5834) | ||
| 1 2 | |||||