Trojen

kev

In Runtime
Messages
472
Ok so recently i was infected with a bunch of viruses i got most of them with a virus scan and boot scan plus a adaware scan. but there is this one that i cant get rid off called

Win32:Trojano-3295 [Trj]

When Avist comes up and says it found it and i say deleat it avist says

The process could not access the because it is being used by another process ... can not process C:\Documents and Settings\Kevan\Local Settings\Temporay Internet Files\Content.IE5\SLGH4JAH\rdgUS2404(1).exe\[Yoda]

Except i dont know which process it is being used by. Im serprised that a boot scan did not get it.

How might i get rid of it?
 
[font=ARIAL,MS SANS SERIF,UNIVERS,HELVETICA]Hope this helps...

Starting your computer in Safe mode
[/font] [font=ARIAL,MS SANS SERIF,UNIVERS,HELVETICA][size=-1]Situation:[/size][/font]

This document tells how to start your computer in Safe mode.

[font=ARIAL,MS SANS SERIF,UNIVERS,HELVETICA][size=-1]Solution:[/size][/font]
"Safe mode" comes with Windows 98/Me/2000/XP. Safe mode lets you turn off unnecessary computer programs so that you can find the cause of a problem. When you are done, you can turn on the programs again.

Safe mode looks and acts differently than normal Windows. In Safe mode:


  • You cannot connect to the Internet.
  • Windows looks different.
  • Many programs that start with Windows will not start.
Safe mode is part of Windows. We wrote this page to make it easier to use Safe mode with our products. If you need more help with Safe mode than you get from reading this page, please contact Microsoft or your computer manufacturer.

In the list below, find the type of Windows that you have. Click an icon to either open ( http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/949e46314f0916a0852565d00073bbfd/ef8760e25f58ee7988256a6a0054bc32/Solution/0.426?OpenElement&FieldElemFormat=gif) or close ( http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/949e46314f0916a0852565d00073bbfd/ef8760e25f58ee7988256a6a0054bc32/Solution/0.7EC?OpenElement&FieldElemFormat=gif) each section. Follow the instructions in that section. (If you cannot open a section, then read the document Cannot expand sections in a Symantec Knowledge Base document.)


Windows 98/Me
Windows 2000

Windows XP
We recommend that you use the System Configuration Utility to get into Safe mode, however, the F8 key can also be used.

To use the System Configuration Utility, you must log on to Windows XP with an Administrator account.

To use the System Configuration Utility to start Windows XP in Safe mode
  1. Close all open programs.
  2. Click Start > Run.
  3. In the Run dialog box, type msconfig and then click OK.





    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/949e46314f0916a0852565d00073bbfd/ef8760e25f58ee7988256a6a0054bc32/Solution/0.8D7E?OpenElement&FieldElemFormat=gif
  4. In the System Configuration Utility, on the BOOT.INI tab, check /SAFEBOOT.



    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/949e46314f0916a0852565d00073bbfd/ef8760e25f58ee7988256a6a0054bc32/Solution/1.E24?OpenElement&FieldElemFormat=gif
  5. Click OK.
  6. When you are asked to restart the computer, click Restart.



    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/949e46314f0916a0852565d00073bbfd/ef8760e25f58ee7988256a6a0054bc32/Solution/2.318A?OpenElement&FieldElemFormat=gif



    The computer restarts in Safe mode. (This can take several minutes.) When you are finished working in Safe mode, use the System Configuration Utility to start Windows XP in normal mode.
To use the System Configuration Utility to start Windows XP in normal mode
  1. Finish what you need to do in Safe mode.
  2. In the section "To use the System Configuration Utility to start Windows XP" above, repeat steps 1-7, but in step 4, uncheck /SAFEBOOT.
  3. Close all programs, and restart the computer.
To use the F8 key to start Windows XP in Safe mode
  1. Restart the computer.

    Some computers have a progress bar that refers to the word BIOS. Others may not let you know what is happening.
  2. As soon as the BIOS loads, begin tapping the F8 key on your keyboard. Do so until the Windows Advanced Options menu appears.

    If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. If this happens, restart the computer and try again.
  3. Using the arrow keys on the keyboard, select Safe mode and then press Enter.
 
Or you could try downloading a program called ccleaner from www.ccleaner.com and running that. It clears all the temporary internet files therefore removing any trojans lurking in there. Always worked for me so far!
 
So far i have run Avist (both in windows and a boot scan) always finds the same program twice (telling me that it is hideing itself in mutipul locations (possably the registry)
Ad-Aware SE - Always finds somthing
Trojen Hunter - Found i belive 4 trojens (including a bad HTTP Port)
PreventX (somthing like that) - This one looks for mailware (it found 9 soposably mailwares on its 1st scan...but it thought CPU-Z was a mailware) However since i have run this program i have not had Avist come up with the above alert. However this program keeps blocking a program called mail32 (somthing like that... each time the number is different) When i read about it on the programs website it tells me this program has over 900 names (great)!!!!!

I will run that program though
 
Back
Top Bottom