- Posts: 92
- Thank you received: 0
how to remove trojans
16 years 9 months ago #25419
by saidfrh
how to remove trojans was created by saidfrh
Any suggestions on how to remove Trojan.Agent.dwb, downloader.agent.erf and downloader.vb.bxv. I have googled the above and could not find clear cut removal instructions.
Thanks.
Thanks.
16 years 9 months ago #25427
by DaLight
Replied by DaLight on topic Re: how to remove trojans
You're right! There does not seem to be an abundance of information for dealing with it, but I generally use a combination of Spybot and HijackThis! in safe mode to tackle any such problems. If you don't have any success, I've heard very good things about PC tools' Spyware Doctor (
www.pctools.com/spyware-doctor/
).
16 years 9 months ago #25429
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: how to remove trojans
if you know the file that is infected in your system. you can send it to this free online virus scanner
www.virustotal.com/
It will scan the file using 32 most popular anti viruses. It will give the results of which AntiVirus detected which virus. if any.
It will scan the file using 32 most popular anti viruses. It will give the results of which AntiVirus detected which virus. if any.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
16 years 9 months ago #25443
by Chojin
CCNA / CCNP / CCNA - Security / CCIP / Prince2 / Checkpoint CCSA
Replied by Chojin on topic Re: how to remove trojans
You should try looking for services running which are unknown to you.
Also use MSCONFIG for startup and regedit to see which files are posted in your /software/Micrsoft/windows/current version/run path
this will mostly remove 80% of the virusses out there.
Also use MSCONFIG for startup and regedit to see which files are posted in your /software/Micrsoft/windows/current version/run path
this will mostly remove 80% of the virusses out there.
CCNA / CCNP / CCNA - Security / CCIP / Prince2 / Checkpoint CCSA
16 years 5 months ago #26917
by Starfire
Still catching up on old posts so please excuse the late post..
Also... Become intimate with your registry and in particular...
HKEY_[CURRENT_USER] / [LOCAL_MACHINE] /software/microsoft/windows/CurrentVersion/ [Run/Run Once/RunOnce/Ex] entries.
This is where they love to hide em so that they kick in as soon as the system initiates. If you can't access your system due to all this nonesense, bootup in safe and come visit these entries with a ready delete key. If you don't know what is usually here, youre in trouble but if you are aware and see new entries here you don't klnow about and you haven't installed anything lately that you know of, just delete the entiere key and get your system back.
Sorry for the late post but think this is a little trick we should all know about..
No clue how you do this on vista or macs (but then macs deserve it!)
Star.
Also... Become intimate with your registry and in particular...
HKEY_[CURRENT_USER] / [LOCAL_MACHINE] /software/microsoft/windows/CurrentVersion/ [Run/Run Once/RunOnce/Ex] entries.
This is where they love to hide em so that they kick in as soon as the system initiates. If you can't access your system due to all this nonesense, bootup in safe and come visit these entries with a ready delete key. If you don't know what is usually here, youre in trouble but if you are aware and see new entries here you don't klnow about and you haven't installed anything lately that you know of, just delete the entiere key and get your system back.
Sorry for the late post but think this is a little trick we should all know about..
No clue how you do this on vista or macs (but then macs deserve it!)
Star.
Time to create page: 0.140 seconds