On this topic:
http://www.trap17.com/forums/Help-Running-...mize-t8569.html
I was told that I have a Trojan.
I downloaded a program called ScanSpyware and am scanning for Trojans.
Is this a good program for me to keep, or is there something better?
| |
|
Welcome to KnowledgeSutra - Dear Guest 
, Please Register here to get Your own website. - Ask a Question / Express Opinion / Reply
w/o Sign-Up!
| |
0
11 replies to this topic
#2
-
- Kontributors
-
- 380 posts
Super Member
- Location:usa
Posted 16 March 2005 - 09:17 PM
Hi gunbound,
The info you recieved in the previous thread of posts is accurate. (ie. re: the processess Id's running on your computer). It appears that you MAY have a trojan pgm named "system" (the one without a .exe extension). Before you do anything manually you should identify the offending critter first using a scanner program. The one I've found to be absolutely the best is called "Trojan Hunter" . It isn't free but there is a free trial available.
If you can't find the offending critter using a scanner, then you can always go to a friends (clean) computer & printout the processes running & then compare it to yours. Then very carefully (do backups of your msconfig file to floppy disc first) test by disabling one "suspect" process (see the previous list for which ones are essential to be left alone) at a time.
In the event you make a mistake & your Windows crashes, you can always restore/copy of the msconfig file using DOS commands.
Hope this Helps.
RGPHNX
The info you recieved in the previous thread of posts is accurate. (ie. re: the processess Id's running on your computer). It appears that you MAY have a trojan pgm named "system" (the one without a .exe extension). Before you do anything manually you should identify the offending critter first using a scanner program. The one I've found to be absolutely the best is called "Trojan Hunter" . It isn't free but there is a free trial available.
If you can't find the offending critter using a scanner, then you can always go to a friends (clean) computer & printout the processes running & then compare it to yours. Then very carefully (do backups of your msconfig file to floppy disc first) test by disabling one "suspect" process (see the previous list for which ones are essential to be left alone) at a time.
In the event you make a mistake & your Windows crashes, you can always restore/copy of the msconfig file using DOS commands.
Hope this Helps.
RGPHNX
#3
-
- Kontributors
-
- 106 posts
PhilosopherX
- Location:Planet X
- Interests:Philosophy, Politics, History, Scubadiving, other extreme (especially boarding) sports... and this addictive game called GunBound.
Posted 16 March 2005 - 10:33 PM
That program didn't find anything related to this "System" process. I'm skeptical if it is actually a Trojan, but if it is I want to figure it out and get rid of it. I have searched the internet for a while trying to learn about this, but I couldn't find out about a Trojan that has this exact name.
Since I don't know much about Trojans in general, can someone help me to figure out what this actually is?
I can't end the process. I can't find it by searching my C: drive. I looked in Registry Editor and under HKEY_LOCAL_MACHINE there is a SYSTEM folder... but could this be normal?
Could someone maybe tell me what possible file extentions is could have or what folders a Trojan could be in?
Since I don't know much about Trojans in general, can someone help me to figure out what this actually is?
I can't end the process. I can't find it by searching my C: drive. I looked in Registry Editor and under HKEY_LOCAL_MACHINE there is a SYSTEM folder... but could this be normal?
Could someone maybe tell me what possible file extentions is could have or what folders a Trojan could be in?
#4
-
- Kontributors
-
- 661 posts
Privileged Member
- Gender:Male
Posted 17 March 2005 - 12:47 AM
It's quite likely that the trojan is still in your computer, i highly recommend that you get a Virus Removal Tool such as Norton or McAfee, the spyware removal program you downloaded isn't liekly to have found the trojan, as it only has a spyware definition list, and not a virus one. If you don't want to go into the burden of buying an anti-virus program, a good free anti-virus program called Avast Anit-Virus, they're really reliable and should be able to find the trojan (assuming that there is one). download it at http://www.download.com/Avast-Home-Edition...ml?tag=lst-0-11
#5
-
- Kontributors
-
- 106 posts
PhilosopherX
- Location:Planet X
- Interests:Philosophy, Politics, History, Scubadiving, other extreme (especially boarding) sports... and this addictive game called GunBound.
Posted 17 March 2005 - 05:26 AM
I have Norton Anti-Virus and have had it for a long while. I updated everything and still cannot find anything. So I guess that there's no virus? I dunno, but it's agravating. My computer has had these occasional moments every once and a while where it hangs, and that keeps bothering me. So when I was told that this Support thing is a Trojan, I figured that that was the problem... but I can't find it! Ugh.
Hopefully someone will eventually read this post who will be able to offer some different solutions, but I still appreciate the help so far.
Hopefully someone will eventually read this post who will be able to offer some different solutions, but I still appreciate the help so far.
#8
-
- Kontributors
-
- 1,234 posts
Princess
- Gender:Female
- Location:England
- Interests:Into graphics, html/css, sports and music. I listen to metal, hard rock, r&b mainly but I like anything.
Posted 26 March 2005 - 03:34 PM
Maybe thats why they are called Trojans? They get into your comp disguised as something else, maybe that is why you can't find it I mean the virus scans might think its something else that isn't harmful because it's well a Trojan.. lol
#9
-
- Kontributors
-
- 2,347 posts
Trap Double Mocha Member
- Gender:Male
- Location:Valley of Darkness
- myCENT:27.17
-
Posted 26 March 2005 - 04:28 PM
yeah norton is worst antivirus and it makes your system much slower and slower and i dont recommend it anyway.
try pc cillin 2005 it is good antivirus and its internet security is good to fight with spyware.
try pc cillin 2005 it is good antivirus and its internet security is good to fight with spyware.
#10
-
- Kontributors
-
- 380 posts
Super Member
- Location:usa
Posted 26 March 2005 - 05:22 PM
Hi gunbound,
The reason a trojan is called a trojan is that it's HIDDEN from normal viewing methods( thanks Becca). That INCLUDES some anti-virus & remover programs. Also if it is a brand new trojan, even the best anti-virus/scanner programs may not be able to pick it up at all untill they're updated. Some virusus/trojans etc. are out there for many months before the anti-virus programmers catch up with them.
If you've tried this program & that program that have all failed to find the problem, then the time to do some manual investigating is NOW- before more potential damage is done to your system.
First, the HKEY_LOCAL_MACHINE registry folder and the SYSTEM folder in the registry is a normal windows OS folder - DO NOT DELETE OR MODIFY IT IN ANY WAY !!! << IF YOU DO WINDOWS WILL CRASH.
Second, the only way you're going to find out if a malicious "bug"/trojan (that the scanners can't find) has installed itself at this point is to MANUALLY COMPARE the registry on your machine to the registry on a known "clean" machine using the same Windows OS as yours.
This is a slow, pain in the B*TT process- just do it. Check(compare) the registry entrys- go line by line & folder by folder.
Make sure that you have set windows to show all files (even the "hidden" ones) & extensions before you go looking.
The only other option you might have is to boot into "safe" mode & use a DOS based anti-virus program to attempt to identify the potential bug. This sometimes works because some bugs depend on Windows to hide themselves.
If All else fails, the last option you have is to re-format & re-install Windows to "clean" the system.
Hope this helps,
RGPHNX
The reason a trojan is called a trojan is that it's HIDDEN from normal viewing methods( thanks Becca). That INCLUDES some anti-virus & remover programs. Also if it is a brand new trojan, even the best anti-virus/scanner programs may not be able to pick it up at all untill they're updated. Some virusus/trojans etc. are out there for many months before the anti-virus programmers catch up with them.
If you've tried this program & that program that have all failed to find the problem, then the time to do some manual investigating is NOW- before more potential damage is done to your system.
First, the HKEY_LOCAL_MACHINE registry folder and the SYSTEM folder in the registry is a normal windows OS folder - DO NOT DELETE OR MODIFY IT IN ANY WAY !!! << IF YOU DO WINDOWS WILL CRASH.
Second, the only way you're going to find out if a malicious "bug"/trojan (that the scanners can't find) has installed itself at this point is to MANUALLY COMPARE the registry on your machine to the registry on a known "clean" machine using the same Windows OS as yours.
This is a slow, pain in the B*TT process- just do it. Check(compare) the registry entrys- go line by line & folder by folder.
Make sure that you have set windows to show all files (even the "hidden" ones) & extensions before you go looking.
The only other option you might have is to boot into "safe" mode & use a DOS based anti-virus program to attempt to identify the potential bug. This sometimes works because some bugs depend on Windows to hide themselves.
If All else fails, the last option you have is to re-format & re-install Windows to "clean" the system.
Hope this helps,
RGPHNX
Reply to this topic
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
