|
Posted by Bieto on July 5, 2005, 9:12 am
If you were Registered and logged in, you could reply and use other advanced thread options
I HAVE ON WINDOWS SERVER 2003 THIS TROJAN THAT ONLY PANDA ANTIVIRUS HAD
FOUND.
ALTHOUGH I REMOVE IT WITH PANDA IT RETURN ON RESTART.I NEED HELP!
|
|
Posted by David H. Lipman on July 5, 2005, 9:35 am
If you were Registered and logged in, you could reply and use other advanced thread options
| I HAVE ON WINDOWS SERVER 2003 THIS TROJAN THAT ONLY PANDA ANTIVIRUS HAD
| FOUND.
| ALTHOUGH I REMOVE IT WITH PANDA IT RETURN ON RESTART.I NEED HELP!
|
First - Please fix your keyboard. It has a broken "Caps Lock" key.
Dump the contents of the IE Temporary Internet Folder cache (TIF)
Start --> Settings --> Control Panel --> Internet Options --> Delete Files
Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear
Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe
It is a self-extracting ZIP file that contains the Kixtart Script Interpreter {
http://kixtart.org Kixtart is CareWare } three batch files, five Kixtart
scripts, one Link
(.LNK) file, this PDF instruction file and two utilities; UNZIP.EXE and
WGET.EXE. It will
simplify the process of using up to 3 different Anti Virus Command Line Scanners
to remove
viruses and various other malware.
C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal
Mode. This
way all the components can be downloaded from each AV vendor’s web site.
The choices are; Sophos, Trend, McAfee, Exit the menu and Reboot the PC.
You can choose to go to each menu item and just download the needed files or you
can
download the files and perform a scan in Normal Mode. Once you have downloaded
the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode
[F8 key
during boot] and re-run the menu again and choose which scanner you want to run
in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive
PDF help
file.
To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }
NOTE: You may have to disable your software FireWall or allow WGET.EXE and/or
FTP.EXE to go
through your FireWall to allow them to download the needed AV vendor related
files.
* * * Please report back your results * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
|
|
Posted by Azhar Attari on August 2, 2005, 5:59 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Turn off System Restore and Boot in safe mode and Delete the Virus
I Guess it will work
> I HAVE ON WINDOWS SERVER 2003 THIS TROJAN THAT ONLY PANDA ANTIVIRUS HAD
> FOUND.
> ALTHOUGH I REMOVE IT WITH PANDA IT RETURN ON RESTART.I NEED HELP!
>
>
|
|
Posted by Ian Kenefick on August 2, 2005, 6:12 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>Turn off System Restore and Boot in safe mode and Delete the Virus
>
>I Guess it will work
Ok this will not work at all. If the virus is reappearing then it was
not properly removed in the first place or else there is a companion
infection such as a trojan-downloader installing/replacing the
malware.
Use the Sysclean_FE & Clean.exe tools available from
www.ik-cs.com/got-a-virus.htm
Please let us know how you faired with this.
--
Ian Kenefick
http://www.ik-cs.com
http://antivirus.ik-cs.com
|
| Similar Threads | Posted | | trojan horse backdoor irc/sdbot.myx | December 15, 2005, 5:29 pm |
| trojan horse IRC/backdoor.sdbot.myx | December 15, 2005, 5:35 pm |
| Virus Sdbot | September 16, 2005, 12:41 pm |
| What port Need Sdbot for Execute | September 19, 2005, 2:21 pm |
| "aolsoftware.exe" likely SDBOT.COV worm | February 7, 2006, 4:51 pm |
| W32/Backdoor.KPI | May 25, 2006, 7:22 pm |
| Backdoor.HackDefender | July 14, 2005, 10:56 pm |
| Need help with backdoor.prorat | October 20, 2005, 6:13 am |
| backdoor.trojan | April 25, 2006, 1:43 pm |
| Anybody got a fix for BackDoor.Generic3.LRT? | October 27, 2006, 11:44 pm |
|
XML site map