Infected With A Trojan

system · 2007-12-20T03:31:08.000Z

I have Avast home edition and today I decided to do a Boot-time scan and Avast detected 3 Trojan and they were:Win32:Klone-rx and moved it to chest.I was wondering, why couldn’t avast block these threats in the first place. ???

polonus · 2007-12-20T08:08:21.000Z

Hi Splinterhell,

Here are the manual removal instruction, and the way to evaluate the traces of the malware are gone:

Klone manual removal:
Kill processes:
paradise.raw.exe, symsvcsa.exe, winlogon.exe, .exe
HELP:

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nvchost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\nvchost

Delete files:
paradise.raw.exe, symsvcsa.exe, winlogon.exe, .exe, winuqw32.dll

polonus

Announcements