Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Reoccuring "Trojan" Problem


  • Please log in to reply
1 reply to this topic

#1 swilly_wallace

swilly_wallace

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 19 June 2005 - 10:51 PM

For the past day and a half AVG ant-virus has detected what it says is a "Trojan horse Proxy.HK". The file, mcm.exe, allows me to delete, repair, or quarantine it. I tried all three however the file returned to the Temp folder (Every thirty seconds AVG would redetect this file). I then ran virus scans, registry cleanups, as well as many antispyware programs (including ad-aware and spybot). I also searched for related files. All failed. I tried stopping the process system.mcm in the task manager and that stopped AVG from detecting it, however when I restarted the computer AVG continued to detect it. I have searched google for several hours on a solution to my problem and have failed. This site, along with others, says that mcm.exe is a ShopAtHome/SAHagent adware variant, however there are no indications that this mcm.exe has any revalence to the SAHagent. There are no files or registries related to it. Any help on this would be greatly appreciated! Thanks!

BC AdBot (Login to Remove)

 


#2 TEB

TEB

  • Banned
  • 449 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 20 June 2005 - 12:12 AM

Do this,

reboot your computer, and when its at the boot screen quickly and repeatedly press the f8 key

In the menu that comes up select safe mode

while in safe mode your graphics will be temporarily distorted and internet and some applications wont work.

Run avg antivirus and all of your spyware detection utilities and delete anything that comes up.

After the successful deletion of the virus in safe mode you should be restored to your virus free state in regular mode.

Booting in safe mode will make it so that the active x controls that keep reinstalling the virus will be inactive allowing you to end it.


May i also reccomend spyware blaster.....handy little tool that disable plent of active x controls that viruses use to install them selves.

Spyware, adware, browser hijackers, and dialers are some of the fastest-growing threats on the Internet today.
By simply browsing to a web page, you could find your computer to be the brand-new host of one of these unwanted fiends!

The most important step you can take is to secure your system. And SpywareBlaster is the most powerful protection program available.

# Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
# Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
# Restrict the actions of potentially unwanted sites in Internet Explorer.


SpywareBlaster can help keep your system spyware-free and secure, without interfering with the "good side" of the web.

And unlike other programs, SpywareBlaster does not have to remain running in the background.

http://www.javacoolsoftware.com/

Edited by Techsomething, 20 June 2005 - 12:13 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users