• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Question regarding Trojans

I

ImMrPete

n00b
Joined
Dec 2, 2006
Messages
15
Hey guys, I’m not sure if this is the right forum but I have a question regarding Trojans. I normally use Spybot Search & destroy and Ad-Aware on a weekly basis. I also run AVG Anti-Virus every night. I decided to give the AVG Anti-Spyware a try. After a full scan I got a report that I had 11,000 Trojans on my pc. That’s right, eleven thousand. Now, is this a false positive? If these are real, how did my other spyware checkers miss them?

Here is a small sample of what the report said.

C:\WINDOWS\system32\1024\ld1136.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld114.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld1142.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld1150.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld1154.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld1156.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld1159.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld115F.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld1162.tmp -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld1165.tmp -> Trojan.Small : Cleaned.
 
Wow, eleven thousand. That is amazing.
Honestly, I can't answer your question, but I will comment by saying that I don't really see how you could have possibly had that many problems. I certianly could be wrong, but that just seems a little outrageous to me. I would have to guess that many of those must have been false positives. But, like I said, I could be wrong...
 
It is believable that you had than many positives, but most of them will be stupid temp files with a trace of the trojan or code that resembles it. You can get numbers like this from the system restore files. Windows is great at just storing viruses away for future reference. Let it clean them all or delete them by hand, i dont think you have too much to worry about with that trojan, i have cleaned it successfully before.

Morphius
 
That's an odd directory to have a lot of temp files...

It might be residue of a trojan your main AV kept from going active. Also, do you have your main AV set to only scan executable files, or to specifically exclude .tmp files? It's fairly common to be set that way since machines don't execute files with .tmp extensions by deault and if they are excluded your AV performs a lot faster. Not much reason to scan files with .tmp extensions since they can't go active on their own without a modification to the executable extensions list.
 
Yeah, it looks like my av wasn't checking those types. I just ran a trojan remover and it came up with this. Could this be the culprit?

petertrojan1.jpg
 
Might want to run a more robust antivirus..AVG isn't that strong in trojans. Run an online at Kapersky and Trend Micro. Kapersky has it's free scanner avail through AOHell...it's a manual scanner only, but great for cleaning systems...Kaperskys fantastic strong detection.

Also give SuperAntyspyware a go...a free ad/spyware scanner...very good in detection and removal. Much stronger than Spybot and Adaware.
 
maybe your hello kitty app on the desktop is the one downloading it !! LOL :eek:
 
mac_cnc said:
maybe your hello kitty app on the desktop is the one downloading it !! LOL :eek:
Click to expand...
Uh oh, busted!

Honestly though, were I to post a screen shot of my desktop, I'd be just as guilty; I have three little girls that routinely use my system for their games.
 
Yeah, I have a little girl. She loves that game. I knew someone would say something about it. lol
 
You must log in or register to reply here.
Back
Top