Computer Question about Trojan/Virus...?

[sheath]

Howdy, all.

Tonight I was researching on the internet when I got a message pop-up from the AVG 6.0 program, saying a Trojan Horse has attempted to access my computer. I immediately ran a check, and it came back with a temporary internet file that was infected with the "Trojan Horse Sec Thought.E".

When I tried to remove it to the 'Virus Vault', it informed me that I couldn't remove it. Okaaaaaay...so, I ran the check again, got the same thing.

I then ran my Spybot program and it came back clean.

Now what? Is this going to be a problem on my computer? Or does it just not matter, which is why it wouldn't let me remove it? Is there any other program that will remove it?

Thanks for the help.

S.

 

[incognito989]

If you're using windows xp, avg has some problems with disinfecting files that get into the 'system volume' folder. That is, this folder is where the 'roll-back' information is stored so you can go to an earlier configuration, amongst a bunch of other things.

If you keep getting notices about that system volume folder, you can follow the steps here to delete it. Note that this will remove the restore points, so make sure your computer is *working* before doing this:

http://www.grisoft.com/faq/us_faqtext.php?id=56&id_lang=2&sid=3

Yes, I used to use avg, and have had to do this myself... It stopped the popups that kept on annoying me. It may be what you're seeing now.

Otherwise, reboot into safe mode with windows and run the virus scanner. That should do it, theorhetically. If you need help with this step, let me know.

 

[cyberski]

Ruh-Roh Sheath.....

I found this for ya:http://www.moonlitsubmit.com/forums/index.php?showtopic=70&st=0&#entry374

This bugger looks as though it may be troubles to get rid of.

Before you go through anything drastic from symantec, first go here: A2 squared-free and download there FREE trojan scanner and run it and see if it will pick it up and remove it for you.

Another free trojan scanner to try is Ewido Security Suite, but only if you are using windows 2000, or XP

Download both of these, and run both of then often, I run at least one of them at least once a week just to be on the safe side.

 

[MagicFingers]

Send them a message

I was searching Norton for info about a worm so I searched for your problem. Nothing found there.
I went to Grisoft AVG and searched for it. Found nothing, however, I also found nothing for trojan, hourse, sec, thought or anything else I searched for there.

So, I suggest you send them a note and ask where it is comming from.
Good luck!

 

[sheath]

Thank you for the advice...I'm going to be going through all of it systematically until I find something that works.

I should have mentioned...I'm using Windows 98.



S.

 

[sheath]

Ruh-Roh Sheath.....

I found this for ya:http://www.moonlitsubmit.com/forums/index.php?showtopic=70&st=0&#entry374

This bugger looks as though it may be troubles to get rid of.

Before you go through anything drastic from symantec, first go here: A2 squared-free and download there FREE trojan scanner and run it and see if it will pick it up and remove it for you.

Another free trojan scanner to try is Ewido Security Suite, but only if you are using windows 2000, or XP

Download both of these, and run both of then often, I run at least one of them at least once a week just to be on the safe side.

Okay. I'm almost afraid to ask this, but I am going to anyway.

What can this thing actually DO to my computer? From the link you sent me, it seems there is a serious problem concerning this one.

S.

 

[cyberski]

Okay. I'm almost afraid to ask this, but I am going to anyway.

What can this thing actually DO to my computer? From the link you sent me, it seems there is a serious problem concerning this one.

S.

As with any trojan, it can be a serious problem. The threat metrics on this one happens to be low for all three rankings, but still, it is a trojan and it can be trouble if left alone. I would go and get that a2 scanner and see if it can detect it and remove it, if that doesn't work, i'm afraid i'm of no more help cause it gets to deep for me. Sorry

You can go here: http://scan.sygatetech.com/pretrojanscan.html

And have them do an online scan and see what they find.

 

[car nut]

edited.....

 

[Weird Harold]

I immediately ran a check, and it came back with a temporary internet file that was infected with the "Trojan Horse Sec Thought.E".

When I tried to remove it to the 'Virus Vault', it informed me that I couldn't remove it. Okaaaaaay...so, I ran the check again, got the same thing.

Any problems with stuff found in "temporary internet files" cn usually be solved by deleting your temporary internet files through Tools/Internet Options.

It sounds like AVG stopped the trojan from running and infecting your system but it just can't quarantine a temporary internet file -- which you don't need to save anyway.

 

[Blastasbird]

If all else fails look to see if there is a virus removal tool, I had to look for one of those recently when I got the netsky.c virus.

And I would make sure you have system restore disabled, virus love to live in System Restore

 

[sheath]

Re: Re: Computer Question about Trojan/Virus...?

Any problems with stuff found in "temporary internet files" cn usually be solved by deleting your temporary internet files through Tools/Internet Options.

It sounds like AVG stopped the trojan from running and infecting your system but it just can't quarantine a temporary internet file -- which you don't need to save anyway.

Thank you for the advice!

I did delete all temp files, then ran so many scans it makes my head spin. Including sygatetech and a2 squared. The only one that picks it up is AVG. The others don't pick up anything at all.

So...I'm wondering. Since AVG is the program that caught it first, does that mean it's going to keep seeing in on there even if it has not truly infected my files?

If it isn't yet obvious that my computer knowledge is limited, well, it should be.

S.

 

[Ms_Lilith]

In my experience, trojans that can't be deleted are of the 'time bomb' variety. They'll sit there doing nothing, and then BAM, a certain set of keystrokes or mouse movements, and it'll explode. I don't know how to help you (I would ask sweetie, but he's asleep)... I'll ask later, and if he can help, I'll post his reply.

 

[Blastasbird]

I think you should check out this symantec link it is related to the virus you have

Second Thought tells you how to remove and stuff

 

[sheath]

Strangest thing...now I'm really confused.

I ran all the 'scan for virus' programs I could find. Like I said earlier, AVG was the only one that picked it up. I rebooted the computer a few minutes ago for a reason that had nothing to do with this particular problem, and when I ran AVG again, now it shows nothing at all on my computer. No trojan, virus, nothing.

I'm cautiously optimistic.

S.

 

[Blastasbird]

You could always try an online scan at Symantec, I found there online scanner to be quite good my my AV didn't detect any kind of virus

 

[cyberski]

Sheath, Go here: WorldStart.com and go to the PC ask and answer forum and ask them there. Tell them that "Numbnutz" sent you there to ask, you'll get a ton of people helping you in no time

No really, there are a lot of people there that use AVG and know the program inside and out and they will know just what to do with that bugger. Last night I was just way to.....um....erm....."tired".....yeh that's it, to think of refering you there. This is a forum I spend alot of time at, and get the majority of my tech info from. Like I said, alot of smart people there and usually fast responses too.

Oh, and when you register....use me as your referal....

 

[sheath]

Thank you, all.

cyberski, I'm going to register there in a little while and see if I can get this taken care of soon.

You have been most helpful!



S.

 

[firefighter02]

All this talk about Trojans...

Why did it not surprise me that our friend Sheaths name would be attatched to this. LOL

Ok..Just another ? Could the AVG program keep a record of stopping the trojan in its log? Kind of like Ad aware does when it quarantines spyware, but until you go into the quarantine file and remove them they are still kind of there?

Just a thought...I'll return you to your regularly schedualed trojan fitting...

By the way..was the trojan ribbed for her pleasure??

FF

 

[sheath]

All this talk about Trojans...

Why did it not surprise me that our friend Sheaths name would be attatched to this. LOL

Ok..Just another ? Could the AVG program keep a record of stopping the trojan in its log? Kind of like Ad aware does when it quarantines spyware, but until you go into the quarantine file and remove them they are still kind of there?

Just a thought...I'll return you to your regularly schedualed trojan fitting...

By the way..was the trojan ribbed for her pleasure??

FF

Leave it to YOU to twist an honest-to-goodness question into a sexual discussion.

I went back through the AVG log and all I can find are the test results...it ran a test last night at around two AM, and it was still finding it...but the test ran this morning around ten or so shows no virus on the computer at all.

I'm looking through all the nooks and crannies of that program right now, though, now that you mentioned it.

And by the way, since you asked...Ribbed for her pleasure? I dunno. I prefer no trojans at all!

S.

 

[cyberski]

Thank you, all.

cyberski, I'm going to register there in a little while and see if I can get this taken care of soon.

You have been most helpful!



S.

I'll look for ya

 

[ReadyOne]

1. If it's a "temporary internet file" then go to Start / Control Panel / Internet Options / General tab and click "Delete Files" (assuming you're IE). Temporary internet files are stored in funny ways and not always deleteable by mere mortals.

2. Many different AV companies used different names for the same infection. I've noticed lately that Symantec and McAfee are cross referencing each other's names in their newer write-ups. This means you could run the McAfee scanner and get a report which appears to indicate you have a different infection.

Download http://download.nai.com/products/mcafee-avert/daily_dats/DAILYDAT.ZIP and run it from safe mode. Their tools page is http://vil.nai.com/vil/averttools.asp

3. "Trogan" refers to the method of delivery. The bad thing comes along with something you'll accept, so technically, you give it permission to enter. This "giving permission" means that it can run like any program you install and will not be limited by the (very few) security controls built into windows.

You may remeber the story about how the Greeks snuck into Troy by hiding a comando party inside a giant horse left outside the city gate. The dumb Trojans haulled the thing inside, and under cover of darkness the commandos let themselves out...

 

[Weird Harold]

Strangest thing...now I'm really confused.

I ran all the 'scan for virus' programs I could find. Like I said earlier, AVG was the only one that picked it up. I rebooted the computer a few minutes ago for a reason that had nothing to do with this particular problem, and when I ran AVG again, now it shows nothing at all on my computer.

That sounds like AVG was finding the virus in a RAM cache that wasn't cleared when you deleted your temporary internet files -- or that you have your system set to delete all temporary internet files when the browser is closed.

I'd say that your problem is solved and you only need to worry about going back to the site that tried to send you the trojan -- keep your AVG updated and you shouldn't need to worry much about an infection.