Author Topic: trojan horse cant be removed  (Read 7042 times)

0 Members and 1 Guest are viewing this topic.

ajoebonnie

  • Guest
trojan horse cant be removed
« on: November 27, 2006, 06:18:28 PM »
previously my system has been detected by avast tht it got infected by a trojan horse, n i keep deleting it, removing it but still not successful at all. So i sent it to a technician. Right now, my 2nd pc has been infected, few hours ago.

when i was notified about the trojan, i clicked on the delete, a message pop up saying tht "The processs cannot access the file because it is being used by another process". Neither can i move it to chest. I believed tht it has affected my OS too, how do i get rid of it?

i did all tht i can even by scanning it thoroughly in reboot. During tht process, those infected files seems to be cleared off, but once the window restarts, the trojan is still there, but perhaps in a different folder. Even now, the avast seems to stop running itself, it shuts off itself. :-[

Malware : Win32:Pepatch-Q [Trj]

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: trojan horse cant be removed
« Reply #1 on: November 27, 2006, 06:26:12 PM »
Hi ajoebonnie,

What is your OS?

What is the location(s) of the file detected?

Please download any of the following you don't already have, install, update and run a scan:

AVG Anti-Spyware: (Requires Win2000/XP)

http://www.ewido.net/en/

Spybot Search & Destroy:

http://www.safer-networking.org/

a-Squared:

http://www.emsisoft.com/en/software/free/

Ad-Aware:

http://www.download.com/3000-2144-10045910.html

Please post a HijackThis! log if none of these works:

http://www.bleepingcomputer.com/tutorials/tutorial42.html

Good luck!
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline BJ_GeOrgE

  • Avast Evangelist
  • Sr. Member
  • ***
  • Posts: 350
  • prevention is better than cure
Re: trojan horse cant be removed
« Reply #2 on: November 27, 2006, 06:29:49 PM »
have u tried the avast virus cleaner tool?it may can remove it..and try to do a scan with avg antispyware or spybot search & destroy(i use spybot but avg antispyware is very effective as well..)if nothing of these helps..i don't know..then give a shot by running windows in safe mode and deleting the file that contains the trojan..but i think that ur trojan has a pretty gd spread rate..oh..also try to do an online scan in www.bitdefender.com or in www.trendmicro.com (i don't know the exact link for the trendmicro online scan)...gd luck man  :)
OS:Windows 7 Professional 64-bit SP1
Antivirus: Avast Free v8.0.1497/Firewall: Windows Firewall/On Demand: Malwarebytes Free Edition/Other tools: CCleaner

ajoebonnie

  • Guest
Re: trojan horse cant be removed
« Reply #3 on: November 27, 2006, 06:31:09 PM »
my OS is Windows Xp Pro.

if i download these would it affect my avast from running properly? I just downloaded and installed a programme named Trojan Remover, but anyway, it doesn't seem to work too.

ajoebonnie

  • Guest
Re: trojan horse cant be removed
« Reply #4 on: November 27, 2006, 06:32:03 PM »
i have notified tht the trojan is in C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: trojan horse cant be removed
« Reply #5 on: November 27, 2006, 06:39:20 PM »
All the programs I mentioned work well with avast!

You should also try running a program to clean out your temp files like CleanUp!:

http://www.stevengould.org/software/cleanup/

I have never heard of Trojan Remover; I doubt its effectiveness. Stick with the tried-and-trusted programs I mentioned.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

ajoebonnie

  • Guest
Re: trojan horse cant be removed
« Reply #6 on: November 27, 2006, 06:41:20 PM »
alright, thanks!

will try them out now :)

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 87443
  • No support PMs thanks
Re: trojan horse cant be removed
« Reply #7 on: November 27, 2006, 06:48:16 PM »
my OS is Windows Xp Pro.

if i download these would it affect my avast from running properly? I just downloaded and installed a programme named Trojan Remover, but anyway, it doesn't seem to work too.

The programs suggested by Frank for the most part are on-demand programs (except AVG Anti-Spyware) none of which have any problem with avast or vice versa. However, when running other security program scans, it is best to pause the Standard Shield provider. This will speed the overall scan and avoid any possible conflict.

i have notified tht the trojan is in C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5

Before running any programs, it is best to clear the Temporary Internet Files and temp file locations, since they are temporary there is no point in scanning them if you can delete them.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 23.1.6049 (build 23.1.7883.774) UI 1.0.746/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: trojan horse cant be removed
« Reply #8 on: November 27, 2006, 06:53:14 PM »
Quote
Before running any programs, it is best to clear the Temporary Internet Files and temp file locations, since they are temporary there is no point in scanning them if you can delete them.

Very true. Sometimes an attempt to remove temp files will stall if malware is running from a temp file. CleanUp! is pretty brutal, and will clean files in use on reboot. If however it should fail to delete any temp files, move on to a Trojan scan and try deleting the temps files later.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Spiritsongs

  • Guest
Re: trojan horse cant be removed
« Reply #9 on: November 27, 2006, 07:08:52 PM »
 :)  Hi "ajoe" :

     I never heard of "Trojan Remover" either; the programs recommended by Frank are those that
    antiSPYWARE Expert Eric Howes recommends at : www.spywarewarrior.com/rogue_anti-spyware.htm#trustworthy . However, one of the ones there that Frank does not suggest is probably
   the best, the FREE version of "SUPERantispyware" at www.superantispyware.com .
    When a security program detects something, should ALWAYS select "quarantine" FIRST, not
    "Delete".
     If none of these programs "solves" your problem, you will most likely need the guidance of
     volunteer EXPERIENCED Malware Experts usually found on antiSPYWARE Support Forums, who
     analyze "logs" from the "HijackThis" program, best downloaded from www.thespykiller.co.uk/files/HJTsetup.exe .
At the download prompt, choose "Save".  
Navigate to the saved file and double-click the installer, HJTsetup.exe.
HijackThis will be installed on your computer at C:\Program Files\HijackThis, making an entry in the start menu and also providing a desktop shortcut.
When the installation is complete, exit HijackThis.

  Since you do not seem to have any antiSPYWARE program on your computer, I recommend
  the forums at www.landzdown.com .

 Frank : Does not "CleanUp" have "Delete Prefetch files" as one of their "automatic" Options !?
           Another thread on this forum recommends NOT deleting Prefetch files" !?

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: trojan horse cant be removed
« Reply #10 on: November 27, 2006, 07:20:03 PM »
As malware can hide in prefetch, I reckon it's worth cleaning it out: the prefetch folder is rebuilt automatically and you only loose a few seconds in boot time.

EDIT: For routine temp file cleaning (when malware infection is not suspected) I don't recommend cleaning the prefetch folder.
« Last Edit: November 27, 2006, 07:26:18 PM by FreewheelinFrank »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

ajoebonnie

  • Guest
Re: trojan horse cant be removed
« Reply #11 on: November 28, 2006, 11:18:55 AM »
i think i had successfully removed those trojans or maybe not, right now, some of my system files had been removed too!

wat do i do?? i mean, most of my programmes cant be open in the sense tht, let say i click on the internet explorer icon, it cant be open, a pop up appear asking me whether to open it with?

wat do i do now? i think the clean up machines have realy cleared up all files tht has been infected by trojan, i guess right now even avast even isn't working properly... wat should i do? n if all these have been settled, do i need anymore safeguard in order to prevent trojans from accessing my system? as far as i concern, avast isn't tht efficient in clearing up trojans.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67212
Re: trojan horse cant be removed
« Reply #12 on: November 28, 2006, 12:21:27 PM »
wat do i do?? i mean, most of my programmes cant be open in the sense tht, let say i click on the internet explorer icon, it cant be open, a pop up appear asking me whether to open it with?
File association seems to be changed by the trojan.

do i need anymore safeguard in order to prevent trojans from accessing my system?
It will be good if you download, install, update and run other trojan remover tools:
a-squared
Free AVG Antispyware
SUPERantispyware
Spyware Terminator

as far as i concern, avast isn't tht efficient in clearing up trojans.
Most of the times you need specific tools to remove and clean a trojan infection. Follow Spiritsongs' advices...  :)
The best things in life are free.

ajoebonnie

  • Guest
Re: trojan horse cant be removed
« Reply #13 on: November 28, 2006, 01:13:51 PM »
so how do i fix the existing problems now? do i re install the window ? n how do i do it?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67212
Re: trojan horse cant be removed
« Reply #14 on: November 28, 2006, 01:57:43 PM »
so how do i fix the existing problems now? do i re install the window ? n how do i do it?
Use Google  8)
http://www.dougknox.com/xp/file_assoc.htm
Use the .exe association tool  :)
The best things in life are free.