Help please with trojan

Discussion in 'Trojan Defence Suite' started by patti9, May 22, 2004.

Thread Status:
Not open for further replies.
  1. patti9

    patti9 Registered Member

    Joined:
    May 22, 2004
    Posts:
    1
    I ran a virus scan on my pc and it found a 'back door trojan' it has quarantined it and given me an option of deleting/saving/restoring. I tried restoring it the first time (probably not the wisest thing to do?) any way when I rebooted my pc I got the captured file which said 'C:\windows\system32.fclcqlld.ll and ended with 'The specified module could not be found' I typed misconfig and unchecked the box as it was in my start up. Then when i rebooted i got a message saying I had changed a configuration and I have started in diagnostic mode. I should now change to normal start up. I did this and got the system 32 error message again. Can someone please explain what to do. I am learning tech stuff so please bear with me.
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Patti,

    Question first if you don't mind ;) This is the TDS support forum. Are your running TDS?

    regards.

    paul
     
  3. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hello patti9, Please go to http://tds.diamondcs.com.au/index.php?page=download and download the trial bersion of TDS3, you will also need the latest update: http://tds.diamondcs.com.au/index.php?page=update and follow the instructions.
    When you have done this open TDS3, open the scan window click all the tick boxes and select Scan all hard drives in Available Scans - Then start scanning.
    This will take some time but should find any trojans, these will be shown in a lower console window, right clicking on any found Trojans will allow you to take actions. If you can isolate any found files please zip them up and send to submit@diamoncs.com.au for analysis then delete them.


    HTH Pilli
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Paul you posted when I was replying :)
     
  5. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands

    Apologies :D

    regards.

    paul
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi there Patti and welcome!
    Looking forward to your finds after running TDS scan.
    Do make sure while doing so the other scanner is really closed completely or it might block access to the files for TDS.
    If you in the end please can rightclick on one of the alarms, save as TXT and copy that in your next posting so we can help you better.
    Guess after that we'll advice you to post a HijackThis log as well in the HJT forum, as you had those startup changes which sounds kind of suspicious, so let's do step by step and see what you're dealing with.
     
Thread Status:
Not open for further replies.