| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 90364 | 2008-05-31 23:27:00 | Possible virus, please help | jake1192 (13816) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 674340 | 2008-05-31 23:27:00 | I am a computer user without much knowledge, but usually i can figure out my problems. However, I currently have one issue which i haven't been able to resolve. To keep my computer clean, i use trend micro house call as a virus scan, and it said i have infections from BKDR_CIADOOR.EA. Specifically, it is in the file C:\WINDOWS\fonts\svchost.exe. This file can't be removed by the program and i can't find it to delete it manually. Can anyone tell me if this is harmful and how I should remove it? I appreciate any help |
jake1192 (13816) | ||
| 674341 | 2008-05-31 23:37:00 | Post a hijackthis log, its in my sig, have you installed an AV program / scanner?? Try trojan remover if you can get it, its in my sig below, install it update it then click on scan. Then open my computer (If you use XP), highlight C then right mouse / scan with trojan remover I would also get ccleaner (http://www.ccleaner.com) Install it (untick the yahoo toolbar option), run it then click on tools / startup. If C:\WINDOWS\Fonts\svchost.exe is here (under startup), highlight it then click on delete entry Its a backdoor trojan that works in IRC, so stay clear of using any IRC program / logging into any IRC server If youre using an IRC program now, quit it |
Speedy Gonzales (78) | ||
| 674342 | 2008-06-02 00:48:00 | Thank you for helping . . . I installed Trojan Remover and I think i have solved the problem . I will post a hijackthis log and seek further help if any future scans detect the same problem . I have on quick question: Was the cause of this trojan aim? If so, do you have any suggestions on how to use aim without picking up the trojan again? Could it be from downloading word documents that were sent through aim? |
jake1192 (13816) | ||
| 674343 | 2008-06-02 01:42:00 | I would have to see the HJT log first. To see what programs are in it. If you use a P2P program like Limewire, you may have downloaded a file, that had this trojan in it, if you ran it. |
Speedy Gonzales (78) | ||
| 1 | |||||