| View previous topic :: View next topic |
| Author |
Message |
ladoga
Cadet
Joined: Jul 07, 2004
Posts: 4
Location: Finland
|
 Posted: Thu Jul 08, 2004 5:25 am Post subject: AVG detects trojan in the control panel |
|
|
Here is AVG log file:
| Code: | Results of Complete Test, date and time 8.7.2004 6:44:37 :
Testing C:\WINNT\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D} serial 7C37-E763
C:\WINNT\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}\CE_CMBB.ZIP:\CE_CMBB.exe Trojan horse Dropper.Mimail.E
C:\WINNT\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}\sasweetemotions.zip:\sasweete.exe Trojan horse Dropper.Mimail.E
Test finished, duration 00:00:00.6 s
7 objects tested, 2 found infected |
These should be the only infected files left on my system.
My problem is that i can't find above mentioned files on my HD. And so I can not delete them. If I go to C:\winnt\control panel folder and nothing out of ordinary seems to be there. Stinger or other virus removal tools dont seem to find anything wrong.
OS is windows 2000pro sp4.
How can i disinfect my system?
|
|
| Back to top |
|
 |
jillian_evenstar
Lieutenant
Joined: Apr 12, 2004
Posts: 195
|
| Posted: Thu Jul 08, 2004 11:00 am Post subject: |
|
|
Enable showing of hidden files and protected operating system files in the folder options of the control panel.
Well I got a question, how is screenshot done? I forgot the key actually..
|
|
| Back to top |
|
|
ladoga
Cadet
Joined: Jul 07, 2004
Posts: 4
Location: Finland
|
| Posted: Fri Jul 09, 2004 12:47 am Post subject: |
|
|
I have system files and hidden files visible (directory listing at left of screenshot shows it).
To take a screenshot just hit "print scrn key" then go to any graphics app (PSP, Photoshop, IRfanview, MSpaint) and choose edit->paste.
|
|
| Back to top |
|
|
ladoga
Cadet
Joined: Jul 07, 2004
Posts: 4
Location: Finland
|
| Posted: Fri Jul 09, 2004 2:21 am Post subject: |
|
|
!!! 
Ok..got it sorted out in quite unconventional way.
If files are copied into \WINNT\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D} directory, they cant be found with explorer (it even reports files dont exist) or windows find tool. Most virus scanners don't find those files either. (Well AVG did but couldnt delete)
By "normal" means i found absolutely no way to display these files. So i made a little test. i made duplicate named exe files of ones detected by AVG and zipped them into control panel directory. And voila! They overwrote "unexisting files" thus removing the virus.
Isn't this bit security threat?
Having such a safe bay folder for viruses and trojans?
Last edited by ladoga on Fri Jul 09, 2004 6:07 pm, edited 1 time in total |
|
| Back to top |
|
|
jillian_evenstar
Lieutenant
Joined: Apr 12, 2004
Posts: 195
|
| Posted: Fri Jul 09, 2004 1:07 pm Post subject: |
|
|
Oh well no, but I got rid of AVG since it is affected by a worm agobot, so I actually installed avast. Anyway both AVG and avast are good in detecting viruses, trojans, etc. You might as well try avast and see if it will delete the file, for avast gives an option of permanently deleting the file infected.
|
|
| Back to top |
|
|
mrsrebeccaestes
Private
Joined: Feb 10, 2004
Posts: 35
Location: USA
|
| Posted: Fri Jul 30, 2004 3:50 am Post subject: |
|
|
affected by a whatwhat? a worm agobot? i have never heard of this thing. what does it do? Or is there a place where you reccomend for me to read it? Currently I have a situation here, and you have me curious...intrigued, even!
_______________________________________
NOTE FROM FORUM HOSTS: This thread is now closed. Should you need it reopened, please PM a Host/mod. Everyone else having a similar issue, please launch a new topic for yourselves. Thank you.
_________________
A toast to alchohol...the cause of, and answer to, all of life's problems. ~Homer
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
