Trojan affecting internet?

Discussion in 'malware problems & news' started by BCbear, Nov 6, 2005.

Thread Status:
Not open for further replies.
  1. BCbear

    BCbear Registered Member

    Joined:
    Nov 6, 2005
    Posts:
    11
    Location:
    BC, Canada
    Hello, first post and I hope its' in the right forum.

    I have had this problem forover a week now and I seek some help. My daughters computer is connected to the net via a Netgear wireless system with a USB adapter. I at first thought the problem was with the wireless but she still received MSN Messenger while the net ceased working after a few minutes.

    I have scanned her computer with Avast and ewido and they found different spyware and trojan viruses. Some of these were found in the temp internet files... JS:Istbar [trj]. They were moved to the "chest" in Avast. As well eight items with similiar paths were found in C:Windows\system32\aujfyg\csrss.exe and they were labelled as the Win32:Virkel [Trj] trojan. The "aujifyg" represents about 7 other variations of letters with every other part of the path the same. Make sense?

    When I go into her "My Computer" I cannot find the path "...local settings\temp internet" file anywhere. Any suggestions on how to get this computer back on the net?

    PS running Windows XP and I have ZA as a firewall.

    Any suggestions? Thank's for any help!
     
  2. Beef

    Beef Guest

    If you are using sun java (an you are on xp) be sure to Disable Caching..but before doing so Clear The Cach....that may remove some of that grabage.

    Consider installing MRU BLASTER if you haven't done so an allow it to clean your temp folder

    if you want to see the temp folder just go to Start > RUN > an type

    c:/windows/temp

    you will no doubt find alot there an if you don't know what things are just let them be an use a Program to do the cleaning,,,,like mrublaster or one of your choice


    you may want to re-check your security setting if you are using internet explorer......do not allow jave applets except in your trusted zone no where else.............do not allow "install on demand"
     
  3. Beef

    Beef Guest

    An don't forget the you can lock your firewall to internet traffic before shutting down
     
  4. Beef

    Beef Guest

    BC

    the following is a copy/paste from another question being replyed to....an I asked for an opinion on your problem:


    __________________
    Quote:
    Originally Posted by Beef
    Snowbound

    if you would be so kind to look at this thread....my guess is that the poster will also need a HiJackThis done as well..........


    https://www.wilderssecurity.com/showthread.php?t=105319

    If i had that problem i would post a HJT log(not here at Wilders though)

    It's a tool i rely on when i have any suspicion of malware on my comp.


    snowbound
    __________________


    snowbound gives good advice so here is the link provide bt snowbound if you care to use it regarding the hijackthis matter:


    Gladiator forums
     
    Last edited by a moderator: Nov 6, 2005
  5. bigbuck

    bigbuck Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    4,877
    Location:
    Qld, Aus
    It'll be in a hidden file. You will need to go tools/folder options/view/ and check show hidden files and folders. On my box it's C:\Documents and Settings\Me\Local Settings.
     
Loading...
Thread Status:
Not open for further replies.