Author Topic: WIN32:TROJANO  (Read 5527 times)

0 Members and 1 Guest are viewing this topic.

sunfamily

  • Guest
WIN32:TROJANO
« on: June 25, 2004, 12:28:28 AM »
HI EVERYONE

      I HAVE LOCATED A "Win32:Trojano-169 [Trj]" VIRUS IN MY HOME PC YESTERDAY . DOES ANY ONE HAVE ANY CLUE. I HAVE THE FOLLOWING FDETAIKLS.
1.IT WAS CAUGHT DURING BOOT TIME SCAN
BY AWAST 4.1
2.A DLL FILE IN WINDOWS DIRECTORY HAS BEEN INFECTED BUT COULD NOT BE REPAIRED SEE ATTACHED FILE.  
4.WHAT SHALL I DO WITH THIS FILE.
5.I TRIED TO SEARCH THE FILE BUT COULD NOT LOCATE IT IN WINDOWS SEARCH
6. IS IT SAFE TO DELETE THE FILE
HELP PLEASE
THANKS AND REGARDS
SUNNY

 

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re:WIN32:TROJANO
« Reply #1 on: June 25, 2004, 03:22:02 AM »
File C:\WINDOWS\Downloaded Program Files\jao.dll is infected by Win32:Trojano-169 [Trj] - Repair: Error 42060

I think it`s safe to delete the file (but if you can, send the file to Chest and wait for more opinions).

Please, the forum protocol does not use CAPS. Seems you are yealing and this is a helpful and peaceful forum...  8)

The best things in life are free.

sunfamily

  • Guest
Re:WIN32:TROJANO
« Reply #2 on: June 25, 2004, 06:28:33 AM »
      thank you very much. i have now done a scan from windows and the same virus was intercepted and as you have sugested i moved it. do you know what settings i should make so that this virus is intercepted in windows. thanks for the small tips not to use caps in the forum.

regards
sunny  

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re:WIN32:TROJANO
« Reply #3 on: June 25, 2004, 02:04:38 PM »
Do you know what settings i should make so that this virus is intercepted in windows.

Sunny, I suggest you start using the 'High' level of sensitivity in all providers.
After some time, when you learn and get used to avast, it will be posible to 'downsize' the level of protection to fit your needs  8)
The best things in life are free.

sunfamily

  • Guest
Re:WIN32:TROJANO
« Reply #4 on: June 26, 2004, 08:40:17 AM »
thanks a lot. iwill do that .
bye for now  
sunny

zehavi

  • Guest
Re:WIN32:TROJANO
« Reply #5 on: June 27, 2004, 08:08:25 PM »
I have also a problem with Trojano.
The infected files in my system (Win98) reside in c:\windows and c:\windows\system  and thee are a lot of them. Avast identified 3 variants :
Win32.Trojano-173
Win32.Trojano-180
Win32.Trojano-181

Most are of the 180 type.

Effects noticed. Unusual number of popups in IE (got around by m0oving to Mozila).
At some point added a lot of startup files and the PC could not finish booting. Went around this by booting in safe-mode and removing the startups.
Up to now Avast is unable to repair the files giving the message could not process xxxxxx.
I cannot just dlelete the files because some belong to Windows And I wish to avoid reinstalling  Windows.

Avi

sunfamily

  • Guest
Re:WIN32:TROJANO
« Reply #6 on: June 29, 2004, 12:01:25 PM »
during scan a virus was intercepted and then the scanner is reported as infected which dissappears whe the scanner is restarted. is this of any concern.
regards
sunny

whocares

  • Guest
Re:WIN32:TROJANO
« Reply #7 on: June 29, 2004, 02:20:23 PM »
the scanner is reported as infected

didn't it rather say something like "scanner status: Infected" ?
This is a bit misleading, but rather means, that a virus/trojan was found.
avast itself was NOT infected..

to both of you:
Please work through the link in my sig "virusRemoval" and
- supply more detailed info, e.g path/filenames
- secure your System & IE, or this stuff will always come back
- use ad-aware, spybot, cwshredder to clean
- use KAV, Trend & RAV Onlinescanners to identify recurring variants..

sunfamily

  • Guest
Re:WIN32:TROJANO
« Reply #8 on: June 29, 2004, 09:22:53 PM »
thanks very much for the immediate reply. i will try out your suggestions
Regards
Sunny


sunfamily

  • Guest
Re:WIN32:TROJANO
« Reply #9 on: July 05, 2004, 12:18:49 AM »
i have done an adaware scan and got the attached log. what should i do about. i am unable to remove them completly fro the system.

help please
sunny