the sneakest trojan help

Discussion in 'NOD32 version 2 Forum' started by kidkhaos, Dec 9, 2004.

Thread Status:
Not open for further replies.
  1. kidkhaos

    kidkhaos Guest

  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Can you please empty your TEMP files by doing the following:

    Open up Internet Explorer

    Click on Tools

    Internet Options

    General TAB

    Temporary Internet Files

    Delete Files

    Delete All Offline Content.

    This should clear out what you are seeing.

    Hope this helps.

    Let us know how you go...

    Cheers :D
     
  3. kidkhaos

    kidkhaos Guest

    thxs m8 for the replay but i do that everytime it keeps popping up, sometimes it says its in windows/temp, but i just cant seem 2 get rid of it
     
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Can you please follow the steps found in post number 2 here: https://www.wilderssecurity.com/showthread.php?t=47830

    This is a very comprehensive cleaning procedure that will confirm your system is clean by the end of it.

    Let us know how you go...

    Cheers :D
     
  5. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Do you have your browser set to empty the cache upon closing it? That would explain why IMON finds it during use of your browser and NOD32 not finding it during a demand scan.
     
  6. kidkhaos

    kidkhaos Guest

    i did all that but nothing came up :/


    and no i havent, i used to when i used internet explorer, but now i use firefox
     
  7. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Hi kidkhaos,

    Try navigating to the C:\Documents and Settings\kidkhaos\Local Settings\Temp folder and delete the contents. Make sure you close any browsers first. If that fails, try it in Safe Mode.

    Nick
     
  8. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    There is also a very good program that I use called Crap Cleaner for cleaning out all temp files.

    Hope this helps...

    Cheers :D
     
  9. jayt

    jayt Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    345
    Location:
    PA - USA
    If you are using Firefox (as you say you are) be sure to clear cache (Tools-Options-Clear Cache) before using Crap Cleaner. If you don't and you are using Yahoo or Hotmail email, it will screw up your settings--royally.
     
  10. kidkhaos

    kidkhaos Guest

    cheers for all your help, i discovered what it was that was setting it off, it was some zip files from sun sytems (java), i did what Blackspear, said for a 6th time (yes it was pi**ing me off that bad), and on the 6th time it picked up some java files as viruses and gave me the option to quarentine, but not delete so i had to delete the files my self in safe mode, booted up did a scan and no nod32 pop virus warning :D, thxs for all ya help,

    but still dont know why they set ot off?!, maybe the werent trojans as my system werent really sluggish or my downloads going slow o_Oo_O
     
  11. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Good to see you had a result, and thank you for keeping us in the loop as to your progress.

    You may want to take a look here for further discussion on security and how to make your system that much stronger and here for more.

    Let us know how you go…

    Cheers :D
     
  12. Gauthreau

    Gauthreau Guest

    A little late, I know, but for future reference, if you are using Sun Java, you can navigate to the Control panel, double click Java (found when viewing control panel in 'classic mode' in XP), and then click the "Delete files" button in the General tab.

    Neil
     
  13. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    See this thread which explains it completely

    https://www.wilderssecurity.com/showthread.php?t=54219

    It's because adaware is examining the files and the folder they are being found in is the adaware temp folder which is deleted as soon as adaware has finished scanning
     
Thread Status:
Not open for further replies.