|
|
|
|
|||||||
| Computers Hardware, software, internet, and related subjects |
 |
|
|
Thread Tools | Display Modes |
11-17-2003, 07:01 PM
|
#1 |
|
Senior Member
Join Date: Oct 2001
Location: Arkansas
Posts: 742
 |
Trojan Horse virus
How do you get rid of it? I've did everything they said to do on Norton Antivirus web site but can't get rid of it... I think Norton sucks!
|
|
|
|
11-17-2003, 07:25 PM
|
#2 |
|
Moderator
Join Date: Jul 2001
Location: Witness Protection Program
Posts: 4,363
|
Tiger,
What Trojan horse are you infected with? PN http://securityresponse.symantec.com...r/vinfodb.html |
|
|
|
|
11-17-2003, 07:41 PM
|
#3 |
|
Senior Member
Join Date: Oct 2001
Location: Arkansas
Posts: 742
|
It scans as Download trojan...
|
|
|
|
|
11-17-2003, 07:55 PM
|
#4 |
|
Moderator
Join Date: Jul 2001
Location: Witness Protection Program
Posts: 4,363
|
Have you tried scanning your PC with another anti-virus such as AVG, or doing an online virus scan to see if the results are any different?
PN http://www.grisoft.com/us/us_404.php http://housecall.antivirus.com/housecall/start_corp.asp |
|
|
|
|
11-17-2003, 09:54 PM
|
#5 |
|
Moderator
Join Date: Jul 2001
Location: Witness Protection Program
Posts: 4,363
|
Tigger:
If you really have a trojan horse on your PC, you should consider disconnecting from the internet and then, save all of your important files and reformat your hard drive. Maybe another member has another suggestion on how to deal with this trojan horse. PN |
|
|
|
|
11-18-2003, 12:56 AM
|
#6 | |
|
Junior Member
Join Date: Nov 2003
Posts: 12
|
Quote:
|
|
|
|
|
|
11-18-2003, 01:58 AM
|
#7 |
|
Senior Member
Join Date: Oct 2001
Location: oklahoma
Posts: 2,308
|
Hey PN,
i ran house call scan and found TROJ ISTAR.A C:\_RESTORE\ARCHIVE\FS120... TROJ STARTPAGE.Q C:\_RESTORE\ARCHIVE\FS135... TROJ STARTPAGE.Q \FS135 TROJ STARTPAGE.Q \FS135 TROJ STARTPAGE.Q \FS135 TROJ ISTARB C:\PROGRAMFILES\ISTsvc\ISTsvc any ideas pn or anyone else? tigger i agree norton sucks |
|
|
|
|
11-18-2003, 07:46 AM
|
#9 | |
|
Administrator
Join Date: Jul 2001
Location: Acme Labs
Posts: 13,971
|
Quote:
-Steven |
|
|
|
|
|
11-18-2003, 12:10 PM
|
#10 | |
|
Junior Member
Join Date: Nov 2003
Posts: 12
|
Quote:
I have found following solution; -- Partially removed via add/remove programs (MS AUpdate and ISTbar). Use AdAware and/or Spybot to help with the cleanup. You can also clean up the registry: HKEY_CURRENT_USERS\Software\Microsoft\Windows\Curr entVersion\Run (AutoUpdater entry for 'aupdate.exe' programme or "1stService") HKEY_CLASSES_ROOT\CSLID\{69550BE2-9A78-11D2-BA91-00600827878D} HKEY_CURRENT_USER\Software\1STbar HKEY_CURRENT_USER\Software\IST\ HKEY_CLASSES_ROOT\Pugi.PugiObj HKEY_CLASSES_ROOT\Pugi.PugiObj.1 HKEY_CLASSES_ROOT\1STactivex.Installer.1\ HKEY_CLASSES_ROOT\1STactivex.Installer\ Search engine hijackings - you may also need to delete the following registry keys as per the advice in Microsoft's knowledge base article: http://support.microsoft.com/default...;EN-US;q323869 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page Delete the following files if they exist: aupdate_uninstall.exe; aupdate.trk; aupdate.conf; aupdate.exe; istbar.dll; istsvc.exe, istactivex.dll, 1STactivex.dll, 1stactivex.inf, |
|
|
|
|
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
