On this topic: http://www.trap17.com/forums/Help-Running-...mize-t8569.html I was told that I have a Trojan. I downloaded a program called ScanSpyware and am scanning for Trojans. Is this a good program for me to keep, or is there something better?

Reply

Hi gunbound,
The info you recieved in the previous thread of posts is accurate. (ie. re: the processess Id's running on your computer). It appears that you MAY have a trojan pgm named "system" (the one without a .exe extension). Before you do anything manually you should identify the offending critter first using a scanner program. The one I've found to be absolutely the best is called "Trojan Hunter" . It isn't free but there is a free trial available.
If you can't find the offending critter using a scanner, then you can always go to a friends (clean) computer & printout the processes running & then compare it to yours. Then very carefully (do backups of your msconfig file to floppy disc first) test by disabling one "suspect" process (see the previous list for which ones are essential to be left alone) at a time.
In the event you make a mistake & your Windows crashes, you can always restore/copy of the msconfig file using DOS commands.
Hope this Helps.
RGPHNX

Reply

That program didn't find anything related to this "System" process. I'm skeptical if it is actually a Trojan, but if it is I want to figure it out and get rid of it. I have searched the internet for a while trying to learn about this, but I couldn't find out about a Trojan that has this exact name.

Since I don't know much about Trojans in general, can someone help me to figure out what this actually is?

I can't end the process. I can't find it by searching my C: drive. I looked in Registry Editor and under HKEY_LOCAL_MACHINE there is a SYSTEM folder... but could this be normal?

Could someone maybe tell me what possible file extentions is could have or what folders a Trojan could be in?

Reply

It's quite likely that the trojan is still in your computer, i highly recommend that you get a Virus Removal Tool such as Norton or McAfee, the spyware removal program you downloaded isn't liekly to have found the trojan, as it only has a spyware definition list, and not a virus one. If you don't want to go into the burden of buying an anti-virus program, a good free anti-virus program called Avast Anit-Virus, they're really reliable and should be able to find the trojan (assuming that there is one). download it at http://www.download.com/Avast-Home-Edition...ml?tag=lst-0-11

Reply

I have Norton Anti-Virus and have had it for a long while. I updated everything and still cannot find anything. So I guess that there's no virus? I dunno, but it's agravating. My computer has had these occasional moments every once and a while where it hangs, and that keeps bothering me. So when I was told that this Support thing is a Trojan, I figured that that was the problem... but I can't find it! Ugh.

Hopefully someone will eventually read this post who will be able to offer some different solutions, but I still appreciate the help so far.

Reply

Well, in this case, there's only two possible points, either

a) there is no trojan

this is a really evasive trojan that even Norton can't find.

I'm pretty sure it's a)

Reply

For some reason I was under the impression that norton didnt find trojans...... Guess so.

Reply

Maybe thats why they are called Trojans? They get into your comp disguised as something else, maybe that is why you can't find it I mean the virus scans might think its something else that isn't harmful because it's well a Trojan.. lol

Reply

yeah norton is worst antivirus and it makes your system much slower and slower and i dont recommend it anyway.
try pc cillin 2005 it is good antivirus and its internet security is good to fight with spyware.

Reply

Hi gunbound,
The reason a trojan is called a trojan is that it's HIDDEN from normal viewing methods( thanks Becca). That INCLUDES some anti-virus & remover programs. Also if it is a brand new trojan, even the best anti-virus/scanner programs may not be able to pick it up at all untill they're updated. Some virusus/trojans etc. are out there for many months before the anti-virus programmers catch up with them.
If you've tried this program & that program that have all failed to find the problem, then the time to do some manual investigating is NOW- before more potential damage is done to your system.
First, the HKEY_LOCAL_MACHINE registry folder and the SYSTEM folder in the registry is a normal windows OS folder - DO NOT DELETE OR MODIFY IT IN ANY WAY !!! << IF YOU DO WINDOWS WILL CRASH.
Second, the only way you're going to find out if a malicious "bug"/trojan (that the scanners can't find) has installed itself at this point is to MANUALLY COMPARE the registry on your machine to the registry on a known "clean" machine using the same Windows OS as yours.
This is a slow, pain in the B*TT process- just do it. Check(compare) the registry entrys- go line by line & folder by folder.
Make sure that you have set windows to show all files (even the "hidden" ones) & extensions before you go looking.
The only other option you might have is to boot into "safe" mode & use a DOS based anti-virus program to attempt to identify the potential bug. This sometimes works because some bugs depend on Windows to hide themselves.
If All else fails, the last option you have is to re-format & re-install Windows to "clean" the system.
Hope this helps,
RGPHNX

 

 

 

Reply