Please help with troj_XXX.X virus/worms

Ok guys i surf the net a lot and i seem to be picking up all kinds of troj_XXX.X type of viruses or whatever they are. My PC-Cillin 2002 picks them all up but can’t delete them. I am not aware of what these are or how harmful they are.

The latest one i contracted was troj_startpage.S

they are in this format, the first word is “troj” followed by a “_” followed by some word, followed by a “.S” or “.A”

in the past 2 months i have contracted about 4 different kinds, Are these very bad for my computer or are they no worries?

EDIT: Where can i get free programs to prevent these in the future? I am really worried because i have been getting quite a few of these types of bad files.

PC-Cillin 2002 is quite old. Update to the latest version. that should help keep them out

Hi,

just enter “troj_XXX.X or whatever” into Trend’s virus search here:
http://www.trendmicro.com/vinfo/

this should tell you everything …
EDIT: like here!

Ad-Aware, Spybot, and CWSHREDDER could also help in removal

basic prevention:

  • don’ t klick everything you see !!!

-Secure your system:
change passwords, secure network/shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - and better use a secure browser like Opera or Mozilla

Links / More info in the boardsearch above
:wink:

i have he same problem, i have uptodate pcillin, spybot and this programm. none seem to be able to remove this one item which i take to be troj. as it has trj on the end. i can’t clean it, quarantine it or delete it. help.

Hi crazyfish,

some more info is required from you…:

what WIN do you have ? Are all ServicePacks and Windowsupdates applied ?

Which AV-program detected what trojan (EXACT name!) in which location ?
Where exactly was the infected File found (full path/folder/filename, e.g. c:\Windows\system32\virusfile.exe) ?

Sometimes it’s enough to

  • clear all TEMP-folders (via drive CleanUp AND best also manually)
  • empty Temp.Int.Files folder(s) (via IE->Extras-Internetoptions->Delete files, including OFFLINE files) and
  • empty java-Cache or
  • disable system restore on Win ME/XP INCLUDING a REBOOT!! ( http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm )
    to get rid of it…

test the file with OnlineScanners e.g. from Trend, RAV & KAV (see below) to get a more specific name
(you need to temporarily pause AV-Resident Shield/Monitor/Guard to be able to scan the file online)

(If they all don’t show it as infected, please send it in a password-protected zip-file to
virus (at) asw (dot) cz
Include the Zip-password and a link to this posting in the mailtext)

if it’s of the “trojan-gen”, “trojano” or “startpage” kind: spybot, ad-aware and cwshredder might also help
see www.lurkhere.com ->nicefiles and www.lavasoft.de

-remove the Virus/Malware and it’s system modifications according to VirusInfos
from Avast, VGREP, TrendMicro, Kaspersky;
you might also try searching for the virus name or filename with google

general removal procedure:

  • disable system restore on Win ME/XP
  • kill respective Backdoor/Trojan process with task manager
  • search for the file/process names in the registry; remove the malware’s startup entries in the registry
  • disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot

if you still can’t remove it, you could post a logfile of Hijackthis here

-Secure your system:
change passwords, secure shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - and better use a secure browser like Opera or Mozilla

  • scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro/RAV to check whether your PC is clean :wink:
  • If needed, reenable system restore on Win ME/XP

Further Details and Links via the board search above

hi
here is the info you asked for. am operating win. me. the virus comes up named as win32:dialer-f(trj) i think this is the file path. c:\pqsc\cps\00000\files\00100b01c.dat.

i did a check with house call and this didn’t show it up. it said my system was clean. everytime i try to move it or clean it says error occurred. or not accessible. all my windows updates are up to date. the updated pcillin also said it couldn’t be cleaned, deleted or quarantined.

PCcillin also detected it ? and called it how ?
what about RAv & KAV (PAUSE! avast shield FIRST!!)

I just wonder why a DAT-file would be detected as dialer, unless it’s an archive

boot the PC to safeMode (F8-Boot) and MOVE the file either with avast, or manually to a new, empty folder; best keep it for proof, if any problems with your next phonebill arise

do you know what this "c:\pqsc\cps"-folder is ?
Maybe belonging to your Messenger/mailprogramm ?

APPLY Windowsupdates & secure your system, please

you could also scan the file with YAW:
http://www.pcwelt.de/public/yaw35setup.exe (german)
or another dialerscanner: www.a-2.org , www.free-av.com or google

P.S.: I hope, you don’t have the AV-Guards/Monitors/ResidentShields of both AVAST and PCCILLIN running simultaneously ?
If so, that can lead to desaster: permanently deactivate one of them
:wink:

P.S.: you have powerquests “second chance” on your PC ?
read here:

"Looks as if you have PowerQuest SecondChance on your computer

The virus will have been stored in your SecondChance backup files, I’m afraid you will have to delete your back ups, run the virus check again and if it shows clear then re-start with new back ups."
:wink:
Or you might try deleting just the above file by booting from a Clean Windows-startup-disk…
Don’t know if your SC-Backups will still be intact then, however…

Thoroughly scanning your PC for Dialers and viruses still applies, as well as securing your System

Hello there well Im knew too using avast 4 home use Ive got the free downloaded one any ways it caught a virus its called win32 trojan-gen(vc) Im on windows98 now what I did was put it in the chest . now I dont know what I should do with this help me here …?? What exactly did I catch ? Will it do any more damage … I tryed looking up what kind of virus this is but can,t find it anywhere too tell me … If you can help me out will be appreciated oh I also downloaded your clean up avast

Hi bridgett,

moved in the chest is fine…
if your pc runs without any troubles, you can also delete it from avast’s chest

trojan-Gen is a general name, could have been anything

enter
TROJAN-GEN
into the board-search above, if you want more infos
:wink: