Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: ander00 on July 12, 2004, 08:52:12 PM

Title: Trojans wont die!
Post by: ander00 on July 12, 2004, 08:52:12 PM
i have 4 that avast picks up, and the delete at system boot whatever doesnt do the trick either.

ive tried the system restore deactivate then reboot, and rescanned. but to no avail, Oh and when i try to delete it avast says : CANNOT PROCESS (FILE LOCATION OF THE FILE)

These are the files that sum sad guy/girl has mashed up by writing a malicious program when he/she could put his skills to use. F***ing loosers i wish i could meet them in the streets but anyway,

Win32:Trojan-gen. {Other}
F:\download10895486785055609.dat\winbpkhk.dll

F:\download10895486785055609.dat\winbpkwb.dll

F:\download10895486785055609.dat\rinst.exe

F:\download10895486785055609.dat\winbpk.exe

but i cant find the files in explorer?

So far im safe as i have zonealarm pro so too much personal info shouldnt be leaked right?

Please help

Title: Re:Trojans wont die!
Post by: neal62 on July 13, 2004, 09:04:00 AM
You may want to consider getting these programs for Trojan detection. They are free and very good. One is called Ad-Aware version 6.0. The other is SpyBot Search and Destroy version 1.3. Both of them along with possibly another free program "SpywareBlaster" should be able to detect and rid your machine of these trojans.
Title: Re:Trojans wont die!
Post by: ander00 on July 13, 2004, 12:32:19 PM
i have those programs already and ther report nothing to be found on my system???
Title: Re:Trojans wont die!
Post by: watchthisspace on July 13, 2004, 12:45:56 PM
Hi ander00 and welcome to the forums,
Try TDS-3 from http://www.diamondcs.com.au/ its on the front page and there is a free trail, Hope this works


Watchthisspace
Title: Re:Trojans wont die!
Post by: whocares on July 13, 2004, 03:28:51 PM
Hi,

these pathnames look like they're from a P2P/Filesharing archive-/download- or TEMP-folder

and the file names suggest a keylogger:
http://www.google.de/search?hl=de&ie=UTF-8&q=rinst.exe+trojan+bpk.exe+&meta=
e.g. http://vil.nai.com/vil/content/v_100257.htm
against which a firewall wouldn't help, of course..

I hope you didn't activate the downloaded file ;)

boot to safe mode and delete those .DATs with avast or manually..
Title: Re:Trojans wont die!
Post by: ander00 on July 13, 2004, 06:54:35 PM
nah i didn't activate the file

erm

i booted in safe mode and tried to delete those .dat files but i get an error message

ok ive downloaded those programs ill tell you how i got on with them
Title: Re:Trojans wont die!
Post by: ander00 on July 14, 2004, 06:34:13 PM
hi thanx for the help but none of the above tips did the job :(

However i managed a way to delete the files

Because i have worrys about my WINDOWS dir being stored on the same drive as kazza etc

when i first installed my o.s i made a partion drive F: 1gb

I just rememberd this so i did the following steps

1) I moved all the non infected files into a folder on C:

2) Ran msdos, Used the DEL command and it erased the remaining infected files on that drive.

3) Turned of pc, inserted xp install disk, turned off again, then in xpsetup deleted my partion drive F

4) Exit take cd out startup as normal

5) Full virus scans with 2 programs, Panda & avast

6) No virused , tronjans blah detected !!!

7) Insert xp cd agin create drive F: partion 1gid

8) Take cd out boot up as usual

9) Viris scan F:

10) Move the folder i want from C; to F;

11) Hey presto!

**** In the future when file sharing may become part of a broadband/isp package, i will re-install it****

But for now they suck, don't use them unless you are prepared for the risk.

Title: Re:Trojans wont die!
Post by: whocares on July 14, 2004, 09:30:27 PM
Good to hear that it worked..
 :)

imho you could also have booted from XP-CD and just deleted the files from there (console)
*
I just wonder why they would be locked/in use even in safeMode, if you didn't execute the files..