trojan horse virus, can't delete, please help?

stolt

Standard Member
Joined
Oct 19, 2003
Messages
333
Reaction score
1
Points
116
Location
rayleigh, essex
Hi I've recently had the following virus alert and its becoming more frequent that the following virus alert pops up on my screen....
Trojan Horse Krepper.B

Found in file C.Windows\42j3mbc7vb.exe

pls run AVG.


Firstly apologies if this is in the wrong forum...
I've run AVG and it finds it but can't delete it saying access denied, I've tried spybot and Adaware aswell and it's still there,
Also had a look in the C drive under windows and can see file 42j3mbc7vb and tried right clicking and deleting but again shows access denied.

Can anyone offer anyhelp, do I need another programe to download and get rid of it, I think it's affecting the cds I'm trying to burn of family photos etc but these have been taken from a digital camera not from the net, I left a slideshow burning beforwe I went to bed last night when I came down this morning, there was the trojan horse alert plus adaware had been on aswell but the burning had failed I've had this same error message many times before, although playing the disc back this morning alot of the pictures were on there so not sure of what point it failed, because I didnt hav a enough time to watch the disc all the way through.

Can anyone help.. I'm a novice when it comes to PC's anyway, so anyhelp would be greatly appreciated.
 
hi chris thanks for the reply, this will only detect the virus without removing it, does anyone know of any freeware I can dowwnload...
 
Try turning off System Restore, run AVG to make sure all is clean, then restart System Restore.
 
mattb be where do I go to turn the off the system restore? perhaps I should have said I was an out an out beginner rather that novice when it comes to pcs...
 
Originally posted by stolt
mattb be where do I go to turn the off the system restore? perhaps I should have said I was an out an out beginner rather that novice when it comes to pcs...

Its in Control Panel / System / System Restore Tab :)
 
AVG probably can't remove it because the virus/trojan is running.
Identify the executable and then look for its process in the task manager.
Kill it in the task manager to stop it running then run AVG and it will likely now be able to remove it .

You might need to be in as admin to do this.
 
Keith, one more post missing :)

stolt, if nothing else helps there is always way arounf if you have enough space at the end of the hard drive - install another OS (winNT ot Win2000), boot from that one and clean your standard partition.
as keith said , you might need to localize which file is running as trojan.

you might also try to see if it is activated thru registry startup:
HKEL_LocalMachine/Software/Microsoft/Windows/CurrentVersion/Run and delete suspicious inputs
If it is not there but in NTUser.DAT you hardly have chance to clean it

Have Fun! :rolleyes:
 
From what I recall ....

The link I sent does appear to tell you how to implement manual removal.
It tells you which processes to close and what to remove in the registry.

It also says that Pest Patrol will remove it.

Chris Muriel.
 
many thanks for the reply, been searching round the net while at work today for different programs that could do it rather than trying to do it manually, bearing in mind I have no computer (well very little!) computer experience really wouldnt know where to start and worried I'll end up causing more problems, I have booted it in safe mode and tried to delete the file, but it said access denied.. once gain thanks for all the suggestions going to spend my evening now trying to download more programs/freewares to delete it and the others... i did go on the pest control website and did a free online scan, apparently found 61 different viruses... scary...
 
ok I've turned off the system restore, wheres the task manager, can't seem to find it? I think you guys are going to get fed up with me before the night/weeks out!!
 
Originally posted by stolt
found 61 different viruses...

Woah!

Don't worry about Task Manager lol (which, incidently, can be accessed by pressing Ctrl+Alt+Delete). I'd backup any important files you have on your system (like documents, drivers etc) and do a complete reformat of your hard drive...

Then invest in an Anti-virus package ;).

Alex
 
well after I did that I ran the AVG again and it found the following

c:windows\svhost.exe can not be removed
(trojan horse startpage eq -- still infected)

c;windows\42j3m6~1.exe can not be removed
(trojan horse krepper.b - still infected)

program files\global dialerzdomer00084\gd-dial.exe can not be removed
(trojan horse dialer - still infected

does this mean anything to anyone, any clues there....

insertnamehere... I wouldnt know where to start with refomating the hard drive, is it something I could do with info off the internet or maybe by a book.... is it something a beginner should try..
 
Well I'm not sure what operating system you have, but to give you an idea of the procedure, heres a pretty decent step-by-step tutorial on how to install Windows XP (and reformat a Hard drive, of course):

http://www.winsupersite.com/showcase/windowsxp_sg_clean.asp

From this you'll see whether this is out of your depth or not. However, if you know how to change the booting order in your BIOS (have a look at your computer manual) and can install the necessary drivers / updates afterwards, then I'd say you won't have too much trouble doing this. BUT, only you will know if you're confident enough to carry this out. If you decide do go ahead with it, just make sure you backup all your important files beforehand (documents, drivers, downloads, e-mail, game saves etc) and you have all the installation discs at hand (Windows, Office etc).

If you don't feel confident in doing this yourself, perhaps you know a friend that can help you with it? Either way, having 61 viruses on my system would scare me...

Alex
 
Surely you run the risk of backing up the virus if you follow those steps ?

I would imagine you can get the virus off the system without a major re-install.
 
once again thanks for the replies, insertnamehere, thanks for the info but being sucha beginner I've leave reformatting to the very last option, I'm just downloaded the free sone alarm firwall (which seems a bit late now but also I'm going to buy the pest control virus jobbie about $20.00 when I did the free scan that seemed to show alot of them, one thing I now have the AVG resident sheild keep poppin gup shhowing trojan virus startpage.eq found in c:\windows\svhost.exe, this seems the only one that is causing me greif, anyone know where I should look for this, again if i run AVG it finds it but says access is denied, feels like I'm running round in circles... thanks
 
There is a free anti trojan program at http://www.emsisoft.com/en/ Look for a2free. You must manually update this. Try this before you shell out money for something that may not work the way you expect it to.
 
Originally posted by FoxyMulder
Surely you run the risk of backing up the virus if you follow those steps ?

Sure. But it looks like the viruses he's obtained are executables which reside in the 'Windows' folder – something which you obviously wouldn't backup. I highly doubt any of these viruses have manipulated any of the files he's downloaded and provided they were obtained from a reputable source, they aren't going to contain any in the first place. However, there might be a few in your email (in the form of attachments). Either way, after carrying out a reformat, you'd have completely cleaned your hard drive, and once some anti-virus software has been installed, you can determine what files are safe to put back on your system (which should be most of them). Either way, you haven't lost anything (i.e. you still have your data on disc) but I wouldn't be comfortable knowing there were (and still could be) 61+ viruses on my system. Not to mention any spyware, keyloggers etc there might be as well. But that’s just me…

Alex
 

The latest video from AVForums

TV Buying Guide - Which TV Is Best For You?
Subscribe to our YouTube channel
Back
Top Bottom