Trojan virus

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I keep getting a Norton antivirus alert that there is a trojan.vorun virus on
my computer. I scanned with Ewido and it finds it and asks if I want to clean
it, but it is still there! I cannot restore my Windows XP either, it always
comes back saying that the restore was unsuccessful. HELP!
 
ger123 said:
I keep getting a Norton antivirus alert that there is a trojan.vorun
virus on my computer. I scanned with Ewido and it finds it and asks if
I want to clean it, but it is still there! I cannot restore my Windows
XP either, it always comes back saying that the restore was
unsuccessful. HELP!
Click to expand...

Are you sure it wasn't Vundo? In any case, boot the computer into Safe
Mode and run your NAV and Ewido scans there. Make sure you have updated
definitions for both those programs. To get into Safe Mode, repeatedly
tap the F8 key as the computer is starting up. There are more malware
removal steps here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

You may need to run HijackThis and post your log on one of the sites
linked on the page above (not here please).

Malke
 
From: "ger123" <[email protected]>

| I keep getting a Norton antivirus alert that there is a trojan.vorun virus on
| my computer. I scanned with Ewido and it finds it and asks if I want to clean
| it, but it is still there! I cannot restore my Windows XP either, it always
| comes back saying that the restore was unsuccessful. HELP!


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

It is a self-extracting ZIP file that contains the Kixtart Script Interpreter {
http://kixtart.org Kixtart is CareWare } 4 batch files, 6 Kixtart scripts, one Link
(.LNK) file, a PDF instruction file and two utilities; UNZIP.EXE and WGET.EXE. It will
simplify the process of using; Sophos, Trend, Kasperski and McAfee Anti Virus Command Line
Scanners to
remove viruses, Trojans and various other malware.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode. This
way all the components can be downloaded from each AV vendor’s web site. The choices are;
Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file.

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

* * * Please report back your results * * *
 
David H. Lipman said:
From: "ger123" <[email protected]>

| I keep getting a Norton antivirus alert that there is a trojan.vorun
virus on
| my computer. I scanned with Ewido and it finds it and asks if I want to
clean
| it, but it is still there! I cannot restore my Windows XP either, it
always
| comes back saying that the restore was unsuccessful. HELP!


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

It is a self-extracting ZIP file that contains the Kixtart Script
Interpreter {
http://kixtart.org Kixtart is CareWare } 4 batch files, 6 Kixtart scripts,
one Link
(.LNK) file, a PDF instruction file and two utilities; UNZIP.EXE and
WGET.EXE. It will
simplify the process of using; Sophos, Trend, Kasperski and McAfee Anti
Virus Command Line
Scanners to
remove viruses, Trojans and various other malware.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode. This
way all the components can be downloaded from each AV vendor's web site.
The choices are;
Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files
or you can
download the files and perform a scan in Normal Mode. Once you have
downloaded the files
needed for each scanner you want to use, you should reboot the PC into
Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want
to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal
Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help
file.

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to
go through your
FireWall to allow it to download the needed AV vendor related files.

* * * Please report back your results * * *
Click to expand...

This is a silly answer. The User already has an Antivirus program that
alerted him to the presence of a Trojan on his system, and you want him to
jump through the hoops you listed above just to have another product verify
that he has a Trojan that requires manual removal?
I have seen you recommend this product in other responses, yet I can find
not a single reference to it
in any review (on-line or in print) of AV programs. This fact alone makes
me suspect it to not be a very reputable product, but what really turned me
against it was your claim that you may have to turn off your firewall to let
it access it's website. This is a big no-no/ Any product that requires a
bypass of any firewall is something that should not be installed on any
computer.

Bobby


Bobby
 
From: "NoNoBadDog!" <no_@spam_verizon.net>


| This is a silly answer. The User already has an Antivirus program that
| alerted him to the presence of a Trojan on his system, and you want him to
| jump through the hoops you listed above just to have another product verify
| that he has a Trojan that requires manual removal?
| I have seen you recommend this product in other responses, yet I can find
| not a single reference to it
| in any review (on-line or in print) of AV programs. This fact alone makes
| me suspect it to not be a very reputable product, but what really turned me
| against it was your claim that you may have to turn off your firewall to let
| it access it's website. This is a big no-no/ Any product that requires a
| bypass of any firewall is something that should not be installed on any
| computer.
|
| Bobby
|
| Bobby
|

I wrote the Multi AV scanning tool. It uses scanners from; Sophos, Trend Micro, McAfee and
Kaspersky and *all* are well rated anti virus applications. What I have scripted is mere a
front end to each and it is highly effective.

Since it uses the GNU WGET.EXE utility, there is the possibility that the FireWall(s) of
WinXP and other applications will block WGET from performing a HTTP get or FTP get from the
respective AV vendor web sites. I can't help that fact that this happens. Some will just
have to allow it to perform the duty others may have to disable the FireWall(s). I wish
that was not the case but sh!t happens.

Since you don't spend time in AV News Groups you are not aware of peer review that have
given the Multi AV scanning tool a "thumbs up". My recomendation to use it is not "silly".
It has the capabilities to remove malware in Normal Mode, Safe Mode and if need be in DOS or
in DOS using NTFS4DOS.

Instead of questioning the tool, it is time for YOU to try it !
 
I have gotten rid of Norton Antivirus and downloaded McAfee. I then ran
McAfee in safe mode, then started back up and ran it again. McAfee detected
the trojan "Virtumonde" and deleted it! I have since scanned with Ewido again
and it seems I am clean now. I am far from a computer expert and most of the
long solutions I was getting weren't helping me a whole lot. Anyway, I'm a
McAfee customer from now on!

NoNoBadDog! said:
David H. Lipman said:
From: "ger123" <[email protected]>

| I keep getting a Norton antivirus alert that there is a trojan.vorun
virus on
| my computer. I scanned with Ewido and it finds it and asks if I want to
clean
| it, but it is still there! I cannot restore my Windows XP either, it
always
| comes back saying that the restore was unsuccessful. HELP!


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

It is a self-extracting ZIP file that contains the Kixtart Script
Interpreter {
http://kixtart.org Kixtart is CareWare } 4 batch files, 6 Kixtart scripts,
one Link
(.LNK) file, a PDF instruction file and two utilities; UNZIP.EXE and
WGET.EXE. It will
simplify the process of using; Sophos, Trend, Kasperski and McAfee Anti
Virus Command Line
Scanners to
remove viruses, Trojans and various other malware.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode. This
way all the components can be downloaded from each AV vendor's web site.
The choices are;
Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files
or you can
download the files and perform a scan in Normal Mode. Once you have
downloaded the files
needed for each scanner you want to use, you should reboot the PC into
Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want
to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal
Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help
file.

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to
go through your
FireWall to allow it to download the needed AV vendor related files.

* * * Please report back your results * * *
Click to expand...

This is a silly answer. The User already has an Antivirus program that
alerted him to the presence of a Trojan on his system, and you want him to
jump through the hoops you listed above just to have another product verify
that he has a Trojan that requires manual removal?
I have seen you recommend this product in other responses, yet I can find
not a single reference to it
in any review (on-line or in print) of AV programs. This fact alone makes
me suspect it to not be a very reputable product, but what really turned me
against it was your claim that you may have to turn off your firewall to let
it access it's website. This is a big no-no/ Any product that requires a
bypass of any firewall is something that should not be installed on any
computer.

Bobby


Bobby
Click to expand...
 
Back
Top