I have the above Virus on my machine but Avast wont remove it. When windows loads it says that it is infected with the virus, I move it to the chest and then its there agian when i turn the machine on. I’ve deleted it and renamed it, but still, its there again.
What was the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
What is your OS ?
If you have XP or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, Menu, ‘Schedule boot-time scan…’
It is likely that this Trojan (not virus) is a multi-part trojan and is being restored but other elements.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode, Ewido anti-spyware If using winXP. or a-Squared free if using win98/ME.
Im on Windows XP Professional, i’m just doing the boot time scan, which seems to be moving them to the chest ok. The file is in C:\windows\system32\taskdir.dll
Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.
Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.
Hi,
I have been infected by the same Trojan yesterday…
I keep getting the message that the file taskdir.dll in windows\system32 is infected by win32:lager-t.
I tried following the advice you gave here but it still comes back
does someone have any more ideas?
What is your OS ?
Can you explain What actions have you taken to try and resolve the problem ?
Not that we/I don’t believe you but there were a lot of options and if we don’t know exactly what you did we might either suggest something you tried or not suggest something because we THINK you have tried it.
For instance, did you run Ewido or a-squared from safe mode ?
Hi,
I’m running win xp pro sp2.
I’ve tried a couple of boot-time scans, a couple of scans using ewido in safe mode
one scan of adaware deleting of temp files and dissabling system restore.
most of them (not adaware) found lots of trojans, mostly in c:\windows\system32\taskdir.dll and files called something like vx2.game in various places and deleted them - but they all come back.
Plus my task manager is unavailable - i get the message: “task manager was dissabled by your system administrator”
This puts a whole different slant on things with Task Manager disabled it could be other virus/worm at work. This although not directly related mentions other viruses that can disable task manager, regedit and msconfig http://forum.avast.com/index.php?topic=23589.0
Something could well be doing a good job of hiding things, see Hidden things http://invisiblethings.org.