Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Infection Cleaned Or Not?


  • Please log in to reply
3 replies to this topic

#1 NBP11

NBP11

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 18 November 2008 - 11:02 PM

Hello all!

This is the second time in 3 months that my computer is infected with a virus/malware....I can't believe it!

I am using WINDOWS XP Home Edition Version 2002, Service Pack 3. The anti-virus program I use is AVG Free Edition 8.0.175.

A couple days ago as I was running a routine full scan AVG found a trojan horse named "Trojan horse Downloader.Generic8.COX" inside the file path "C:\WINDOWS\System32\Tools\Regexe.exe" and moved the file to the Virus Vault.

I did a search on Google and did not return any useful result on that filename nor that trojan horse type. I supposed that was a useless file and deleted it from the Virus Vault.

I subsequently scanned my computer again with AVG, Malwarebytes' Anti-Malware, Windows Defender, Spybot Search and Destroy, Lavasoft Adaware, and 2 online scanners (BitDefender and TrendMicro) and found no virus (All scanners are up-to-date in definitions). I even used McAfee AVERT Stinger and found nothing.

The problem is I know many trojan horses created additional copies in your computer and hid those files once they landed in your system, and certain things (such as registry and other file system/settings) might be altered to compensate my computer's security. I am wondering if what I did--deleting that infected file--is enough to keep my computer clean or I have to do some more to make sure my computer is safe and secure.

Please could anyone enlighten me on this? Thanks a lot!

Edited by NBP11, 18 November 2008 - 11:05 PM.


BC AdBot (Login to Remove)

 


#2 Zllio

Zllio

  • Members
  • 1,107 posts
  • OFFLINE
  •  
  • Local time:10:48 AM

Posted 19 November 2008 - 02:44 AM

Hi NBP11,

You took the rights steps. The Antivirus program you have, picked up something bad and got rid of it and the additional scans you did confirmed that there was nothing further. If you are keeping your programs updated, your operating system updated, and your Java updated, you should be fine.

To make sure your Java is updated, please go to add-remove programs and see if you have Java ™ 6 Update 10, which is the current version. Any others should be removed except for the Developer Toolkit (you may or may not use this). If you do not have this, then uninstall any older versions and REBOOT your computer. Then go to Current Java Download for the installation program for the current version of Java and make sure to install it.

If you are missing any other updates, create a new restore point as follows and then update your various programs and your operating system.

To create a restore point go to Start / All Programs / Accessories / System Tools or System Programs / System Restore. Select Create a new restore point and give it a name like "Before Updates". After you've created the new restore point, check your various programs and make sure you have current versions and updates. If you find there are a number of them which need either upgrades or updates, do them a couple a day, rather than all at once, so you can see how each one does after rebooting your computer.

Finally, be sure that you don't have two firewalls running. AVG 8 is a Security Suite and as such, it has it's own firewall, so you don't need any other firewall. Also, make sure you don't have more than one antivirus program, as these negate the effect of each other.

Hope this helps.
Zllio

#3 NBP11

NBP11
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 19 November 2008 - 03:23 PM

Thanks for your quick response!

I found out my Java was not updated and I did uninstall the older versions and install the lastest (however I forgot to reboot before I install the new one--is that okay? The system did not prompt me to reboot after the uninstallation of the old version).

I do have a question though. My AVG is the free version and it does not contain traffic control for programs so I do have COMODO firewall installed. I see a lot of people asking about a good anti-virus/firewall combo and AVG/COMODO is always in the discussion. It should be okay to have both running on my computer right?

Thanks for helping!

#4 Zllio

Zllio

  • Members
  • 1,107 posts
  • OFFLINE
  •  
  • Local time:10:48 AM

Posted 19 November 2008 - 03:28 PM

Hi NBP11,

AVG free in version 7 was a free antivirus program. When AVG went to 8 it became a security suite which included its own firewall. It would be better if you want to use Comodo for your firewall, to switch to one of the stand alone antivirus programs like Avira or Avast, which are both free and excellent.

If the Java doesn't give you any trouble, then it's probably okay. If it does, then uninstall it in add-remove programs, reboot and then reinstall it.

Zllio




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users