Avast WEBforum

Other => Viruses and worms => Topic started by: aliboy on January 10, 2007, 11:36:48 AM

Title: trojan horse found?
Post by: aliboy on January 10, 2007, 11:36:48 AM

Hallo Ali here what the problem is my sister's computer.Everytime she  signs her name and password to get on the internet it comes up Trojan horse has been found and she can't connect to the net.All i know is she got windows xp home edition,not got much security all she got is AVASTI AND SHE WITH AOL new to computers so be gentle what shall i do thank you

Title: Re: trojan horse found?
Post by: DavidR on January 10, 2007, 02:45:17 PM

What is the Trojan name ? What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?

What actions have you taken to try and resolve the problem ?
avast gives options, move to chest, repair, delete, etc. what action did she take/choose.

If she took a positive action (and best) to move it to the chest, I assume it keeps coming back ?
Is she getting any errors about not being able to more delete, etc. ?

She could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, Menu, 'Schedule boot-time scan...'

Title: Re: trojan horse found?
Post by: aliboy on January 12, 2007, 01:22:21 PM

Hallo I've had a look at my sisters computer the Trojan horse c:\windows system 32 jbhook.dll\vs pack\aspack.vps version 0662-0 22.12.2006.Her AVAST version 4.7 home edition has not got boot time scan. she got windows xp home edition service pack 2 what next? ???

Title: Re: trojan horse found?
Post by: DavidR on January 12, 2007, 01:49:44 PM

There are thousands of Trojans it would have a more unique name:
Check the avast! Log Viewer (right click the avast icon), Warning section, this contains information on all avast detections.

It has a boot-time scan:
As I said follow the path - Right click the avast icon, select Start avast! Antivirus, Menu (or press F1 or right click an area of the skin), 'Schedule boot-time scan...'

(http://img.photobucket.com/albums/v325/for-dwr/boottime.jpg)

A google search for jbhook.dll returns many hits http://www.google.com/search?q=jbhook.dll.

There are other questions, reference the actions she took, this information helps us to help you.

If you haven't already got this software (freeware), download, install, update and run it, preferably in safe mode.
1. Ewido, a.k.a. avg anti-spyware (http://www.ewido.net/en/download/) or a-Squared free (http://www.emsisoft.com/en/software/free/).

Title: Re: trojan horse found?
Post by: aliboy on January 23, 2007, 11:46:10 AM

Hi all, my sisters computer had a Trojan horse i used system restore it seams OK now she's got no internet access ,so is there anything else to do.Will it be safe for her to access the internet now,and what security should i put on her computer that don't cost to much.and how will i know everythings OK on the computer is OK any tips thank you.Will system restore have done the trick or do i need to do more?.What i mean by no internet access,when this happened she could not connect to the net so she stop paying for AOL,now she wants to start again is there anything i should do first.The computer is a bit slow,but it is a old computer,6 years old.

Title: Re: trojan horse found?
Post by: Lisandro on January 23, 2007, 12:15:33 PM

Quote from: aliboy on January 23, 2007, 11:46:10 AM

Will system restore have done the trick or do i need to do more?

To be sure:

1) If you didn't do yet, enable/disable System restore on Windows ME (http://support.microsoft.com/default.aspx?scid=kb;en-us;Q264887) or Windows XP (http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;310405). System Restore cannot be disabled on Windows 9x and it's not available in Windows 2k.

2) Clean your temporary files. You can use the  Windows Advanced Care (http://www.iobit.com/AdvancedWindowsCarePersonal/index.html) features for that.

3) Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (http://support.microsoft.com/default.aspx?scid=kb;en-us;315222) (repeatedly press F8 while booting).

4) It will be good if you download, install, update and run other trojan remover tools: a-squared (http://www.emsisoft.com/en/software/free/), Free AVG Antispyware (http://www.ewido.net/en/) or  SUPERantispyware (http://www.superantispyware.com) (trojan removers). Some users recommend Spyware Terminator (http://www.spywareterminator.com/).

5) Use the immunization of  Windows Advanced Care (http://www.iobit.com/AdvancedWindowsCarePersonal/index.html) features of spyware/adware cleaning and removal.

Other manner to be sure will be full computer on-line scanning:
Kaspersky (http://www.kaspersky.com/kos/english/kavwebscan.html)
Trendmicro housecall (http://housecall.trendmicro.com/)