How to delete this trojan?

Stephanos G. · #1 May 24th, 2005, 11:16 AM

It says that " The file can be deleted"
But how?

zashita · #2 May 24th, 2005, 11:23 AM

Try to delete your java cache

Stephanos G. · #3 May 24th, 2005, 11:27 AM

I found this file. Can i delete it?

Stephanos G. · #4 May 24th, 2005, 11:30 AM

Can i delete the whole zip file?

kjempen · #5 May 24th, 2005, 11:31 AM

Do the following:
Start --> Control Panel --> Java

In the General tab, under "Temporary Internet Files", click the "Delete Files..." button.

Stephanos G. · #6 May 24th, 2005, 11:41 AM

Thanks.

No other antispy/antitrojan app (that i have on my pc) has detected this. Not even CounterSpy.
Maybe is a new one.

But the question still remains: What does NOD mean "The file can be deleted"? but no option to delete it? It means manually?

ronjor · #7 May 24th, 2005, 12:06 PM

Did you scan in the "scan and clean" mode Stephanos?

Stephanos G. · #8 May 24th, 2005, 12:57 PM

Yes, twice, and appears that msg without to let me to clean it.

zashita · #9 May 25th, 2005, 03:35 AM

Quote:

Originally Posted by Stephanos G.

Yes, twice, and appears that msg without to let me to clean it.

Stephanos, did you try to empty your java cache, as mentionned before, and perform a scan/clean with nod32 after this ?

Stephanos G. · #10 May 25th, 2005, 03:50 AM

Yes, everything is ok now.
Well, i was thinking that by clicking the 'in depth analysis' button that nod scans and cleans. As i see now, it only scans.

rothko · #11 May 25th, 2005, 04:00 AM

i've found the same thing - i submitted a file recently to eset that looks to be a false positive - nod32 detects it and offers delete option, but if the file is put in a zip (not password protected), it says it can be deleted but there is no option to do so - as in stephanos.g's screenshot above.

Stephanos G. · #12 May 25th, 2005, 04:05 AM

Yes is like this, now i remember that i right-click scaned the zip file, but i couldnt delete it. Finally i deleted all the zip file!

#13 May 25th, 2005, 05:11 AM

Argh... i'm one single day not here and my favorite greek user has problems

Quote:

Originally Posted by Stephanos G.

Yes is like this, now i remember that i right-click scaned the zip file, but i couldnt delete it. Finally i deleted all the zip file!

Good boy

Nothing wrong with this - you and your machine will alive this

Stephanos G. · #14 May 25th, 2005, 05:20 AM

Hi Bytes. Everything ok here

Thought that my antispy softwares couldnt detect !

pykko · #15 May 25th, 2005, 07:31 AM

Couldn't be added to NOD32 cleaning engine this option: to delete entire archive if it finds a virus inside??

ronjor · #16 May 25th, 2005, 07:36 AM

I believe Marcos has mentioned this is not possible. In case you want to save some of the files in the archive.

#17 May 25th, 2005, 10:19 AM

Quote:

Originally Posted by ronjor

I believe Marcos has mentioned this is not possible. In case you want to save some of the files in the archive.

Deleting a whole archive would of course be a bad idea if, e. g., a nasty was found within a mail archive but I wonder about the java cache.
Most times one has cought a baddie there he/she is advised to clean the cache - so it seems to me nothing important is ever stored there. Wouldn't it be possible for an AV to treat findings in java cache different from findings elsewhere?
Sorry if this is a dump question but I often see ppl getting frightened of this kind of nasty because their AV cannot delete it and they don't know how to get rid of it (and as I have no use for java and therefore not even installed it, I don't know much about it).

Thanks
qs

ronjor · #18 May 25th, 2005, 10:31 AM

Quote:

Wouldn't it be possible for an AV to treat findings in java cache different from findings elsewhere?

My preference is to cache nothing. Web pages, Java, etc. I think zero cache should be the default option in any program that uses caching.
Temp files and caching are good hiding places for malware.
Most people don't know this nor should they be expected to unless told.

#19 May 25th, 2005, 10:56 AM

Quote:

Originally Posted by ronjor

I think zero cache should be the default option in any program that uses caching.

Of course, that seems to be the best way to handle this but I suppose the sun defaults aren't zero cache. Hm, maybe they could be convinced to change that in future versions - would be helpful for many users.

Thx

qs

zashita · #20 May 25th, 2005, 10:59 AM

Quote:

Originally Posted by ronjor

My preference is to cache nothing. Web pages, Java, etc. I think zero cache should be the default option in any program that uses caching.

I agree. But then, average users will tell that surfing on web becomes slower ...

Quote:

Originally Posted by ronjor

Temp files and caching are good hiding places for malware.
Most people don't know this nor should they be expected to unless told.

And most people don't know how to delete the cache when a threat was found inside, and cannot be deleted it with AV, because it is located in a 'protected' area.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search