[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Downloader.Trojen Help

Posted on 2004-04-08
4
Medium Priority
?
1,759 Views
Last Modified: 2010-04-11
Norton Antivirus 2004 has detected a DownLoader Trogen.
Message comes up
C:WINDOWS\AddCLS.xe
The file WINDOWS\AddCLS.xe is infected with the Downloaderfile.Trogen virus.

Problem I have is I cannot remove it.
Nortons gives message  repair failed
                                   delete failed
                                  access failed
What does .WINDOWS\AddCLS.xe file do
Can i remove this file to get rid of this trojen without  causing problems on computer
If yes how and can I replace this file with an uninfected one.
Opperating system XP Home Edition
0
Comment
Question by:Windows_ME_is_a_dog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
Thunder_scream earned 1000 total points
ID: 10788337
Hi
its some sort of web trojan..these are its dependencies..
Running processes:
C:\WINDOWS\AddCLS.exe
regedit key:
HKCU\..\Run: [AddClass] C:\WINDOWS\AddCLS.exe

I dont suggest moving it by manually ...try the following..
1: go to safemode and try to remove it...with norton anti  if this does not work
2: create a norton rescue disk and restart with the floppy and do a scan and try to remove it..  if this does not work
3: remove manually.

good luck
0
 
LVL 2

Expert Comment

by:Thunder_scream
ID: 10788346
also the installation cd for norton has a rescue mode
if you boot with the installtion cd that is
cheers!
0
 

Author Comment

by:Windows_ME_is_a_dog
ID: 10789045

When i click on more information in nortons  gives me

Trojan: Backdoor.IRC.Aladinz


Trojan: IRC.Momma.Worm


Trojan: W32.Ronoper.Worm



0
 

Author Comment

by:Windows_ME_is_a_dog
ID: 10789460
Thanks Thunder_scream Had to manual remove it.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question