| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 40278 | 2003-12-03 08:30:00 | Trojan Horse | BobE (4944) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 196975 | 2003-12-03 08:30:00 | Hi, My name is Bob Ephraim. My O.S. is WindowsXP, Home Edition. In the last week of November I had an addition to my computer: Trojan Horse Backdoor.VB.8.AX. The name changed to TV Backdoor.VB.8.AX.The error information told me it had put the following file in System32: mapisvc32.exe. The computer wend mad and time and again rebooted. Thanks to info I found on the internet I was able to delete the .exe file after plenty of frustrating hours. I also deleted the reference in the Registry. I still have though an other file: New_icon. This is in: PaintShop Pro8\Quick Guides\Graphics Projects\Add text on Path-an Example\Images. I have tried with two different progs. to delete this file with no success. Sometimes, when I tried to right click on it (to send it, anywhere, away from my computer!) the computer rebooted telling me it had found a serious error. There is one other change: when I looked for a Restore Point in October, only November was shown and I could not get the calendar for October. Short of wiping everything from my harddrive, is there a solution for my problems? Looking forward to your reply, Bob. |
BobE (4944) | ||
| 196976 | 2003-12-03 08:46:00 | Download and run Stinger (vil.nai.com) to check for trojans... Download, install and run AdAware (majorgeeks.com) and also Spybot Search & Destroy (www.safer-networking.org) Download, install and run SpyWareBlaster (www.javacoolsoftware.com) I presume you have an antivirus package, for a free one download, install configure and run AVG_v6 (www.grisoft.com) See the FAQ's (in particular #8b) at the top right of this page. Cheers, Babe. |
Babe Ruth (416) | ||
| 196977 | 2003-12-03 09:05:00 | Hi Bob, If you know how to get into safe mode, try there. To get into safe mode is the same way as other windows, but with XP, it can take a long time. Enjoy a cup of coffee while you wait. Then try and delete that file. In fact I wouldn't delete it, just rename it so it becomes "dead". eg new_icon.exe .... to..... new_icon.xxx This means you could restore it if required. If all is well a few weeks later, delete it. |
Pheonix (280) | ||
| 196978 | 2003-12-04 05:44:00 | I doubt if Spybot or Adaware will pick it up. As it isnt spyware, its a trojan. And unless its in their database, they wont do anything. Also, I would check it out and see what files it has put on ya system and where. I would say, like other trojans it'll put commands in the registry. So, that'll be the first place to look to delete the command/s. That'll be better than trying to find the files and renaming them file by file. If the command isnt in the registry to run the file/s, obviously it can run and hackers can't hack you while you're on the net. Or go to www.symantec.com and get the removal tool, if there's one there. |
Spacemannz (808) | ||
| 1 | |||||