English Deutsch Français Italiano Español Português 繁體中文 Bahasa Indonesia Tiếng Việt ภาษาไทย
All categories

Norton AV caught a "generic" trojan download in progress (drive-by on a website - managed to View Source before IE shut down and there was an obfuscated URL attached to the page, which has since been removed by the site owner).

I've done the following:

- deleted the infection out of Norton quarantine
- run Spybot S&D in Safe Mode
- run AVG and AVG Spyware to double check

...can I be 100.1% sure my 'puter is now clean?

2007-10-04 01:43:55 · 10 answers · asked by DreamWeaver 3 in Computers & Internet Security

Cesar - thanks. I have ZoneAlarm (basic) installed already, and both AVG and Norton are up to date as I can get them.

Reign and co thanks too - installed AVG's scanner and antispyware components, but deactivated the AVG AV Resident Monitor (live checking thingy) for AVG as it would conflict with Norton.

Burning: no idea about your underpants, and probably don't want to know... thanks :)

2007-10-04 03:02:44 · update #1

@Angel - thanks too, but all Norton told me was that it was a "Downloader", not any specific flavour of downloader.

This is the log from Norton...

Source: Manual Scanner,Risk category: Virus,Action taken: Repaired,Description: Affected areas:
1 Additional areas:
Unknown - Deleted


Source: C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\jar_cache11863.tmp,Action taken: Automatically deleted
Source: C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\jar_cache11863.tmp,Action taken: Repair failed,Action taken: Access denied
Source: C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\jar_cache36001.tmp,Action taken: Automatically deleted
Source: C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\jar_cache36001.tmp,Action taken: Repair failed,Action taken: Access denied

2007-10-04 03:07:35 · update #2

10 answers

Dreamweaver:

No you should be concerned still. That's why in addition to the above. You should still.

1-) Make sure that you anti-virus is update to date with it's definitions and run live update frequently.

2-) Scan your computer completely at least once a month.
3-) Make sure that you have your Windows Firewall turn on.
If you don't have one download the Windows sp2. and turn it on. http://www.microsoft.com/windowsxp/sp2/default.mspx

4-) Have a Firewall installed. It's imperative because some Trojans are so well done that they can use your computer for spamming or other evil purposes.

I recommend Zone alarm Pro. Edition. Download the free trial 15 days and buy if you can.

http://www.download.com/3000-2092-10039884.html?bt.37282.10014..dl-57636

Don't share folders that contained sensitive information.
Worse case scenario. Back up your data and reformat your hard drive completely. Last case scenario.

Let me know if I was able t shed some light.

Regards,

Cesar

2007-10-04 01:52:07 · answer #1 · answered by CesarMCSE 3 · 0 0

Ok.. if you have Windows XP try to restart the computer and while it's still loading press Space. Then restore the drive to (it will give you a few options) the time before you found the trojan like yesterday or two days ago. This should erase all the data you uploaded after that time including the trojan. Good luck!

2016-04-07 03:25:49 · answer #2 · answered by Anonymous · 0 0

No, but you can be just SURE.

If the virus is not yet affected, there's absolutely no problem at all. But, if its affected it doesn't show up now, but starts reacting after days. It might start destroying registry entries and delete important files in the Windows Directory & everything else what the programmer wants it to do. Run a few more check with different softwares. There are few people specially trained to clean them. If you computer gets slowed down, check it with them.

2007-10-04 02:00:35 · answer #3 · answered by Anonymous · 0 0

Look at the Windows registry for traces of the trojan. You need its name, or the name of the URL it was going to connect to.

Then open the 'regedit' tool: Start -> Run -> (type) cmd -> regedit.

Use the search tool for words related to the trojan. If you find something delete the entry, and repeat the process until it is absolutely clean. If the trojan is no longer in Windows Registry it won't be activated by itself again.

2007-10-04 01:53:26 · answer #4 · answered by Ληgεl 4 · 0 0

You can't.

The trojan is most likely gone, but in windows you can never be 100% sure.

You can do others things

-a online scan

a decent anti-virus program like nod32 is much more accurate than norton or avg
(www.eset.com - 30 day full featured trail)

an spybot has lost it edge it used to have.
try ad aware

2007-10-04 01:49:06 · answer #5 · answered by bill goldberg 3 · 1 0

good thing you caught it, but to be sure download this program call "Unhack Me" it checks you system for trogan rootkits. also, only have on antivirus on you system at a time it cause conflict have more than one. so use only Norton(resoursce hog) or AVG.

2007-10-04 01:48:01 · answer #6 · answered by Justified 6 · 0 0

no, using only norton is not the best way to avoid all viruses and avg sucks... the other stuff just watches out for the simple things... try this online antivirus thing... it gives free scans!

http://housecall.trendmicro.com/

2007-10-04 01:47:47 · answer #7 · answered by Anonymous · 0 1

It's already really clean... Anyway having 2 Anti-Viruses may conflict each other, not suggested.

2007-10-04 01:48:53 · answer #8 · answered by ReignOfComputer 5 · 0 0

You can NEVER be 100% sure, but unless ur absolutely paranoid about viruses, you should just take it as clean.

2007-10-04 01:55:01 · answer #9 · answered by Anonymous · 0 0

Cleaner than my underpants ~~

2007-10-04 01:52:07 · answer #10 · answered by burning brightly 7 · 0 0

fedest.com, questions and answers