Help, can't get rid of the Trojan TalkStalk virus

Discussion in 'Trojan Defence Suite' started by MayG, Dec 9, 2003.

Thread Status:
Not open for further replies.
  1. MayG

    MayG Guest

    When i run the trace scan on TDS it says in teh little box : "RegVal: Possible Trojan" but i can't delete those two. I've already gone through the steps to get rid of this virus by deleting b.exe files but when i run my AVG virus scan it doesn't pick anything up. but then a window will pop up saying that i have the Trojan virus TalkStalks.F When i ran Mcafee nothing came up. But whenever i reboot my computer my System 32 folder always pops up. Help please!!!
     
  2. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    Have you tried this after booting in Save Mode ?
    Dolf
     
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Few possibilities, AVG finding the "trojan" in System Restore, so you could turn it off and reboot, then turn it back on. This deletes any previous restore points however.

    I would say there is a "system32" registry startup key which instead of starting an EXE file, it opens that folder. Just open the Autostart Explorer and delete those entries manually if they exist, which should look like this. You can refer to the alarm TDS gave about it to get the exact entry name

    system32 = system32.exe

    Send us your ASViewer results if you like, which helps with working out what is happening. Download and use ASViewer, and email support@diamondcs.com.au

    http://www.diamondcs.com.au/index.php?page=asviewer

    Turn on the options labelled SHOW (show services) and click SAVE, then email us and attach the file
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Found these two discussion threads which you might like to look into, what and how others worked with it.
    This does not replace Gavin's advice of course, do both!
    http://www.annoyances.org/exec/forum/win2000/t1058798369
    http://www.computing.net/windowsxp/wwwboard/forum/80577.html
     
Thread Status:
Not open for further replies.