Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Trojan help

  • 07-04-2004 9:37am
    #1
    Registered Users, Registered Users 2 Posts: 568 ✭✭✭


    My AV software keeps on telling me the following (see attached) but when I run it, it doesn't get rid of the virus as the same message keeps on coming up. I also ran an online trojan remover from www.trojanscan.com and it told me the following :-

    Starting scan at 02:14:52:515...
    Scan Memory
    Memory not infected
    Scan folder: 'C:\', recursive
    Unable to scan C:\System Volume Information - Access is denied.
    Finished scan at 02:23:28:171
    Total number of files is 27163, number of infected files is 0
    Average files per second is 53, average file size is 7581998


    I just cannot seem to get rid of this, any help would be greatly appreciated.


    mfield.


Comments

  • Registered Users, Registered Users 2 Posts: 2,088 ✭✭✭BioHazRd


    Seems to be the aflooder trojan - try this link and see how you get on.

    Bio


  • Registered Users, Registered Users 2 Posts: 568 ✭✭✭mfield


    Originally posted by BioHazRd
    Seems to be the aflooder trojan - try this link and see how you get on.

    Bio

    Many thanks for the link BioHazRd. I have tried that method but cannot seem to find the correct file in the registry folder. The only one that comes close to it is the following

    RUNDLL32.EXE NvQTwk,NvCplDaemon initialize


    Any ideas?


  • Registered Users, Registered Users 2 Posts: 2,088 ✭✭✭BioHazRd


    Try a progarm called HijackThis - available free here

    If you post a log here, maybe one of the more qualified experts may have some insight

    good luck

    Bio


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Which version of Windows?


  • Registered Users, Registered Users 2 Posts: 568 ✭✭✭mfield


    Originally posted by LurkingIcon
    Which version of Windows?

    Windows XP


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Bring up Task manager

    Find the trojan on the list and kill it

    Then you can delete the file.

    For all kinds of good reasons NT/Win2K/Xp/Win2003 won't let ANYTHING delete a file that is executing. One reason is that for program code, rather than data, it uses the actual file as the "virtual memory source to reload" if it is paged out of real RAM. Saves overhead and space of writing the RAM area to the actual paging file


    OR

    You could try installing "recovery console"

    Then boot to "console"

    Then using command line delete the file.


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    Thats interesting that AVG cannot access folders with Access Control Entries.
    Same thing with registry..
    Bigger problem is root kits.
    They are easy to find, if you know what you're looking for, but
    if not, difficult enough.


  • Registered Users, Registered Users 2 Posts: 568 ✭✭✭mfield


    Many thanks for the help guys but to be honest I'm completely lost and don't know how to get rid of the torjan. :confused:


Advertisement