Author Topic: Infected by Win32:Trojan-gen. {Other} HELP HELP HELP  (Read 16872 times)

0 Members and 1 Guest are viewing this topic.

YaBB

  • Guest
Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« on: July 21, 2003, 07:43:41 PM »
Hey Guys
. When I run avast home anti virus it comes up with the virus of Win32:Trojan-gen {Other} (regsrv.exe Infected: Backdoor.Optix.Pro.12). . I dont know what to do. I just cant seem to get rid of it. I have found a program to get rid of most of the problems that it causes. (By cutting the links in program files, so that you are unable to access any of your programs) but still I cant get rid of this Trojan.  I need my computer to compleate a Paper due last week. Please Please help

Thanks

whocares

  • Guest
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #1 on: July 21, 2003, 11:58:00 PM »
Hi,


What Win do you have ?
Where exactly was the infected file found (full path and filename+ fileextension

use TrendOnlineScan from www.trendmicro.com -> products to properly identify  your Optix.pro-Variant (scan whole PC) or
scan the infected file with Onlinescan from www.kaspersky.com

search for the virus names in the respective Virus-Databases (Trend/Kasp.) and follow the removal procedure..
 
Optix.Pro allows more or less complete remote control of your PC, so backup any important data on CD'S /disks until your are sure Optix is gone..

you need to change all the passwords recently (since the infection) entered on the PC AFTER the PC is cleaned ;)
« Last Edit: July 21, 2003, 11:59:28 PM by whocares »

whocares

  • Guest

YaBB

  • Guest
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #3 on: July 23, 2003, 12:46:36 PM »
Hey
Im running win ME. and the full file extention is C:\windows\system\regsrv.exe
this is why that windows wont let me deleat it. What does this Trojan do? Because now that I have fixed the exe. problem what else does it do.

I tried going to the sites. And they did find the trojan. But after following the steps to remove it. It didnt work.

thanks for any help

whocares

  • Guest
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #4 on: July 23, 2003, 03:40:17 PM »
Hi,

what are the exact names by Trend/Kaspersky-Scanners for your trojan ?
Please post the links to the respective description here, too..


General advice on trojan removal:

-scan for & identify infected files
- search for the related trojan processes with taskmanager and kill the processes
-remove registry/startup entries for the trojan files
- if a scan then can't delete the files, 'cause they're in use, rename them in dos-box or reboot and rescan, then cleaning or deleting infected files
that's it..  ;)
For WIN ME or XP you will also have to disable system-Restore temporarily; procedure is described on above Info-Sites, too..


For Win ME (& W9x)  you might also try booting with Trend'S emergency disks: look up e.g. CIH in their DB, and you'll find the Link

 :)
« Last Edit: July 23, 2003, 08:55:06 PM by whocares »

YaBB

  • Guest
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #5 on: July 30, 2003, 12:24:46 PM »
Hey again
Thanks so much for the information. I have goten rid of all the viruses on my computer (according to avast and tredmicro). However sometimes my icons keep changing, is that some other sign of a virus?? Or is it just some computer fault?

Thanks for any help

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11872
    • AVAST Software
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #6 on: July 30, 2003, 12:46:04 PM »
In my opinion, changing some of the icons randomly is a "feature" of Win9x. I remember a time when I got a new icon for Control Panel on every boot (Windows 98 SE). Later, it somehow stopped itself... I have no reason thinking that Windows ME should be different.

I.e. if it's happening in a reasonable extent (just a few icons from time to time), I'd consider it "normal". If your icons change heavily, then it's strange - but it's unlikely to be caused by a virus.

YaBB

  • Guest
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #7 on: July 30, 2003, 09:44:05 PM »
hey guys
the icons change all the icons change at once, but it only happens about 1 out of every 5 or 10 boots? So you have never heard of a virus that does that? Also my file icons change, for example a word file might have the internet explorer icon? I'm just worried because my computer has been infested for such a long time. However as I said both avast and tredmicro come up with nothing.

Actually another quickie, which is the best anti virus? Cause im using avast, (swiched from norton 2003) and I really dont know.

Thanks for any help

Offline raman

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1062
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #8 on: July 31, 2003, 05:43:25 AM »
the icons change all the icons change at once,

Search for a file called iconcache.db and delete or rename it.
MfG Ralf

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11872
    • AVAST Software
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #9 on: July 31, 2003, 09:58:34 AM »
iconcache.db? I must say I have never heard of such file... do you mean ShellIconCache?

Offline raman

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1062
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #10 on: July 31, 2003, 10:15:42 AM »
Yes, does 98
* raman call it ShellIconCache? I only have Winxp?
MfG Ralf

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11872
    • AVAST Software
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #11 on: July 31, 2003, 10:34:47 AM »
ShellIconCache is present on Windows 98, ME and 2000 (at least). I didn't find such a file on Windows XP (but neither iconcache.db).

YaBB

  • Guest
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #12 on: July 31, 2003, 11:27:55 AM »
so do i search and deleat the first one or the secound one? Is it a virus? Or just a glitch? I am running Win ME

Thanks for any help

YaBB

  • Guest
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #13 on: July 31, 2003, 11:29:46 AM »
ok I searched for both files and couldnt find either one of them?


Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11872
    • AVAST Software
Re:Infected by Win32:Trojan-gen. {Other} HELP HELP HELP
« Reply #14 on: July 31, 2003, 11:51:13 AM »
You don't have ShellIconCache in your Windows directory? (Note that it's got "hidden" attribute).