Solved

Possible Trojan? Unable to find.

Posted on 2004-04-02
10
393 Views
Last Modified: 2010-04-13
When I try and access "MY Computer", try and open up "my documents", or even try and open "My Network Places. The computer system will not allow me to open these items and the screen will refresh and "kick me" off the internet (if connected). Also I am not able to open up the "control panel". It acts as though there is a trojan or worm but when I do a virus scan and use "The Cleaner) the system is unable to find any trojan horses or viruses. ANy ideas?
0
Comment
Question by:manch03
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 6

Expert Comment

by:akboss
ID: 10745483
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 10745519
Boot to safe mode and use this

Stinger
BackDoor-AQJ, Bat/Mumu.worm, Exploit-DcomRpc, IPCScan, IRC/Flood.ap, IRC/Flood.bi, IRC/Flood.cd, NTServiceLoader, PWS-Sincom, W32/Bugbear@MM, W32/Deborm.worm.gen, W32/Dumaru@MM, W32/Elkern.cav, W32/Fizzer.gen@MM, W32/FunLove, W32/Klez, W32/Lirva, W32/Lovgate, W32/Lovsan.worm, W32/Mimail@MM, W32/MoFei.worm, W32/Mumu.b.worm, W32/Nachi.worm, W32/Nimda, W32/Sdbot.worm.gen, W32/SirCam@MM, W32/Sobig, W32/SQLSlammer.worm, W32/Yaha@MM
http://vil.nai.com/vil/stinger/
0
 
LVL 7

Expert Comment

by:Worked4me
ID: 10745533

Hey Manch03,

  I had some of the same symptoms on a pc try this link and see if it helps.
Also does it allow you to access the regedit and taskmanager?

http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20940675.html
0
 

Author Comment

by:manch03
ID: 10745543
I currently have Spybot-S &D no luck finding anything. The first web site is unavailable. Is there a certain program you would like me to try?
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 10745552
Run the program I posted "Stinger"
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10745799
And another Trojan removal tool, to add to CO's comment..

Trojan Remover :http://www.simplysup.com/
0
 
LVL 7

Expert Comment

by:Worked4me
ID: 10747392

Hey Manch03,

  This question was answered on 4/1/2004 I can' t figure why the link is unavailable now.

The site for the WORM_AGOBOT is
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_AGOBOT.DU
or
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_AGOBOT.JP

There are many variants for these and the names for the process may differ from
what is listed since mine was MSclock.exe.  As for Spybot, I tried Norton Antivirus, Mcaffre Virus
Scanner, Stinger, Ad-aware 6, spybot, all updated and with update definitions and none of them detected this worm.
0
 

Author Comment

by:manch03
ID: 10748480
At this point I have tried just about everything. The Stinger could not find any viruses or trojans. Ad-Ware found 16 objects and deleted them. Most of the on-line virus scanners were not available because I do not have access to Internet Explorer (will not open) so I have to use Netscape. Most sites (Anti-Virus) are prompting me to use Internet Explorer. I will proceed with the next two suggustions from "fatel Exception" and "Worked4me". NO solution yet. Any more suggustions?
0
 
LVL 6

Accepted Solution

by:
akboss earned 500 total points
ID: 10749175
HijackThis  
http://209.133.47.200/~merijn/files/HijackThis.exe

see if you can download and run this.

Post the log so we can take a look see.
0
 

Author Comment

by:manch03
ID: 10750413
I am still not sure which Virus or Trojan that was in the computer but the program HijackThis worked and everything is working fine. Thanks
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, I will show you HOW TO: Suppress Configuration Issues and Warnings Alert displayed in Summary status for ESXi 6.5 after enabling SSH or ESXi Shell.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now