Jump to content

TROJAN.KILLAV and the Downloader

Guest b11_

By Guest b11_
in Windows XP

 Share

Recommended Posts

Guest b11_

Guest b11_

Posted
Posted

If Trojan.KillAv and a Downloader was installed, would deleteing the

partition after shutting-down the computer eliminate them?

 

The downloader was installed to temp/exe1cb.exe

The Trojan.KillAv was installed to temporary internet

files\content.IE5\ABIGUEF7\Explorer2(1).EXE

  • Replies 8
  • Created
  • Last Reply

Popular Days

Popular Days

Guest PA Bear

Guest PA Bear

Posted
Posted

Re: TROJAN.KILLAV and the Downloader

 

Run a /thorough/ check for hijackware, including posting your hijackthis log

to an appropriate forum.

 

Checking for/Help with Hijackware

http://aumha.org/a/parasite.htm

http://aumha.org/a/quickfix.htm

http://aumha.net/viewtopic.php?t=5878

http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction

http://mvps.org/winhelp2002/unwanted.htm

http://inetexplorer.mvps.org/data/prevention.htm

http://inetexplorer.mvps.org/tshoot.html

http://www.mvps.org/sramesh2k/Malware_Defence.htm

http://defendingyourmachine2.blogspot.com/

http://www.elephantboycomputers.com/page2.html#Removing_Malware

 

When all else fails, HijackThis v1.99.1

(http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.

It will help you to both identify and remove any hijackware/spyware with

assistance from an expert. **Post your log to

http://forums.spybot.info/forumdisplay.php?f=22,

http://castlecops.com/forum67.html,

http://forums.subratam.org/index.php?showforum=7,

http://aumha.net/viewforum.php?f=30, or other appropriate forums for expert

analysis, not here.**

 

If the procedures look too complex - and there is no shame in admitting this

isn't your cup of tea - take the machine to a local, reputable and

independent (i.e., not BigBoxStoreUSA) computer repair shop.

--

~Robear Dyer (PA Bear)

MS MVP-Windows (IE, OE, Security, Shell/User)

AumHa VSOP & Admin; DTS-L.org

 

b11_ wrote:

> If Trojan.KillAv and a Downloader was installed, would deleteing the

> partition after shutting-down the computer eliminate them?

>

> The downloader was installed to temp/exe1cb.exe

> The Trojan.KillAv was installed to temporary internet

> files\content.IE5\ABIGUEF7\Explorer2(1).EXE

Guest Newbie Coder

Guest Newbie Coder

Posted
Posted

Re: TROJAN.KILLAV and the Downloader

 

B11,

 

View these pages as they tell you how to remove it:

 

http://www.symantec.com/security_response/writeup.jsp?docid=2002-090416-5038-99

 

http://www.symantec.com/security_response/writeup.jsp?docid=2002-071813-0943-99

 

--

Newbie Coder

(It's just a name)

 

 

 

"b11_" <b11@discussions.microsoft.com> wrote in message

news:16A8D29D-D66C-43E0-903E-EA6F04DF42B2@microsoft.com...

> If Trojan.KillAv and a Downloader was installed, would deleteing the

> partition after shutting-down the computer eliminate them?

>

> The downloader was installed to temp/exe1cb.exe

> The Trojan.KillAv was installed to temporary internet

> files\content.IE5\ABIGUEF7\Explorer2(1).EXE

>

Guest Patrick Keenan

Guest Patrick Keenan

Posted
Posted

Re: TROJAN.KILLAV and the Downloader

 

"b11_" <b11@discussions.microsoft.com> wrote in message

news:16A8D29D-D66C-43E0-903E-EA6F04DF42B2@microsoft.com...

> If Trojan.KillAv and a Downloader was installed, would deleteing the

> partition after shutting-down the computer eliminate them?

>

> The downloader was installed to temp/exe1cb.exe

> The Trojan.KillAv was installed to temporary internet

> files\content.IE5\ABIGUEF7\Explorer2(1).EXE

 

Deleting the partition will likely fix this, yes, but it's a bit drastic.

 

better to restart in Safe Mode, then clear those folders. ccleaner

(http://www.ccleaner.com) will do this quickly, and do a better job than the XP

disk cleanup tools.

 

Then, scan the drive with up-to-date A/V software.

 

HTH

-pk

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: TROJAN.KILLAV and the Downloader

 

From: "b11_" <b11@discussions.microsoft.com>

 

| If Trojan.KillAv and a Downloader was installed, would deleteing the

| partition after shutting-down the computer eliminate them?

|

| The downloader was installed to temp/exe1cb.exe

| The Trojan.KillAv was installed to temporary internet

| files\content.IE5\ABIGUEF7\Explorer2(1).EXE

 

Yes but that's like killing a fly with a sledge hammer.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

http://www.ik-cs.com/got-a-virus.htm

Guest b11_

Guest b11_

Posted
Posted

RE: TROJAN.KILLAV and the Downloader

 

What does the TRojan do?

What does the downloader do?

 

Should I check every TEMP and Temporary Internet File folder in the

partitions that I will not erase?

____________________________________________________________

"b11_" wrote:

> If Trojan.KillAv and a Downloader was installed, would deleteing the

> partition after shutting-down the computer eliminate them?

>

> The downloader was installed to temp/exe1cb.exe

> The Trojan.KillAv was installed to temporary internet

> files\content.IE5\ABIGUEF7\Explorer2(1).EXE

>

Guest b11_

Guest b11_

Posted
Posted

RE: TROJAN.KILLAV and the Downloader

 

Do you think only 1 partition got infected?

_________________________________________________________________

"b11_" wrote:

> What does the TRojan do?

> What does the downloader do?

>

> Should I check every TEMP and Temporary Internet File folder in the

> partitions that I will not erase?

> ____________________________________________________________

> "b11_" wrote:

>

> > If Trojan.KillAv and a Downloader was installed, would deleteing the

> > partition after shutting-down the computer eliminate them?

> >

> > The downloader was installed to temp/exe1cb.exe

> > The Trojan.KillAv was installed to temporary internet

> > files\content.IE5\ABIGUEF7\Explorer2(1).EXE

> >

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: TROJAN.KILLAV and the Downloader

 

From: "b11_" <b11@discussions.microsoft.com>

 

| Do you think only 1 partition got infected?

 

They are Trojans, not Boot Sector Infectors. Trojans do NOT infect partitions.

 

Downloader Trojans -- download files

KillAV Trojan -- Kills AV applications and stops them from running.

 

Without s[pecifics, the KillAV Trojan kills the anti virus application such that the

downloader is alowed to download more malware to really infect the PC and run its desired

payload. Such payload maybe a SpamBOT or proxy Service just turn your PC into a Ziombie.

 

Any other questions should be asked in an anti virus News Group such as;

microsoft.public.security.virus

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

http://www.ik-cs.com/got-a-virus.htm

Guest Plato

Guest Plato

Posted
Posted

Re: TROJAN.KILLAV and the Downloader

 

=?Utf-8?B?YjExXw==?= wrote:

>

> If Trojan.KillAv and a Downloader was installed, would deleteing the

> partition after shutting-down the computer eliminate them?

>

> The downloader was installed to temp/exe1cb.exe

> The Trojan.KillAv was installed to temporary internet

> files\content.IE5\ABIGUEF7\Explorer2(1).EXE

 

All temp files may be deleted will no ill effect.

 

 

--

http://www.bootdisk.com/

 Share
Go to topic listing
×
×
  • Create New...