Trojan found....cant delete..wtf?

Discussion in 'Backup and Security' started by cashmoney69, May 31, 2007.

  1. Renos.y is the name of the trojan that my AV software picked up (trend micro antivirus), but it's unable to delete the trojan..so what do i do now?
     
  2. turn off system restore, reboot in safe mode and then run the scan.
     
  3. running in safe mode is good idea for removals, however, the registry is where you are likely to have the challenge.......likely that pc-cillen can't help you there........you'll need to know your pathways or do a restart from a previous "sys restore" via the ;

    1 start

    2 help/support

    3 undo changes to your computer with system restore

    4 restore my computer to an earlier time

    (5 and then select a date prior to the incursion.........obviously you need to be clear of when the incursion evented)

    then; reboot in safe mode

    go to start

    select your hard drive

    select documents and settings

    select your own folder (admin or owner)

    you'll need to select "tools" at the top of the page

    select folder options

    select view tab

    select "view folder"

    you then see the hidden files

    select local settings (faded folder, not normally seen)

    select temp internet files

    inside that folder go to the top of the page and select "edit" then select "select all" then move the mouse over the highloighted area and right-click the mouse and select "delete" and this will delete to the recycle bin (but don't immediately empty the bin)

    run scan

    restart in normal mode

    as you have run a restore likely you'll have all sorts of crud on the hard drive so run a full defrag .........that'll take some time

    of course, get a second opinion..........maybe wait a for someone else to opine on this post

    good hunting


    mm1
     
  4. highly reccomend you also dowload a "highjack this" file (google) and its free........very useful........... and look to see what is suss in the listing............this is where you get to spot the erroneous spiders that clamp onto your registry...........you need to know your stuff..........you can safe a report and take it to a specialist who'll spot the nasty immediately (and then suck-you-dry) ..........

    you should also have spybot (google) and its free

    now, pc-cillen and spybot arent the best of freinds and use a bit of ram but its minor issue compared to the upside you get form having both.........spybot is a beauty............

    good luck to ya

    J
     
  5. maxpi

    maxpi

    The best advice I have seen is to do periodic image saves and force a restore point before you ever install software. Never uninstall, always restore to the point before the problem showed up.

    I had Norton save and restore but it was an annoyance in a couple of ways. I have had the XP restore be unable to go to a previous restore point so I abandoned that. It is still useful because it tells you what changes were made and when. I'm moving on to the next image saving software trial............
     
  6. 2nd hijack this. Once you learn recognize the good files in the report, it becomes easier to isolate the nasty ones. To learn which files are good, there are plenty of examples on the web if you search hijack this log files.

    When you get into some really nasty replicating types that don't go away by mere hijack delete, you can start to do a google search for more custom ddt applications like CW shredder that work on specific viruses.


     
  7. Tums

    Tums

  8. you can runa google search on the virus, maybe some is int there that can help you.

    Easy way, call up StopZilla. I used them, goa virus that was new. Send them some data, they researched it, added it to their program, and fixed it.

    They are new all the time. Someone will get it.
     
  9. microsoft will give you the registry keys to delete.........but........once again, you need to know your stuff..........pay the bux to someone who knows if youve got the the slightest doubt...........a little like trading.......risk reduction
     
    #10     Jun 1, 2007