The Mother Board

Motherboards.org forums. Free tech support, motherboard ID, and more.
It is currently Mon Sep 24, 2018 11:30 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Trojan SHeun.FWM (AVG)
PostPosted: Tue Dec 16, 2008 5:29 pm 
Offline
Brown Belt
Brown Belt

Joined: Wed Aug 24, 2005 8:40 am
Posts: 369
Location: Oregon
Okay so avg detects this trojan several times throughout the day.
Image
But appearenly the trojan is part 16 bit because it will pop up with this

Image

at about the same time avg find it.
Dunno if this is linked to the same virus but I also can't get to folder options. I know its from a virus but can't remember what one it was, because I've had it before but didn't get rid of it so i formatted.

But yeah if someone knows how to remove this virus it would be a great help. Thanks

_________________
GIGABYTE GA-M57SLi S4
AMD Athlon 64 X2 6000+
6 gigs o' Ocz reaper pc6400 (2x1gb 2x2gb)
2x Nvidia 8800GT 512MB Fact. OC'ed
3xWD 500Gb 16mb cache sata2
MX518
G15
IceMat Siberia Headset
650 W PSU
Gigabyte 3D Mars (case)
Acer AL2223W (monitor)
Windows Vista 64-Bit SP1


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Dec 17, 2008 3:10 pm 
Offline
Mobo-fu Master
Mobo-fu Master

Joined: Wed Nov 12, 2003 11:57 am
Posts: 20862
Location: 07438
You cannot remove or access active files when the OS is in 'normal' mode. Restart in 'safe' mode, then redo the scan. Should be easy to clear out the nasties.
If it is a stealth Trojan, it may have embedded keys in the Registry. They will need to be removed. HijackThis is very effective and quick about killing off infections.. but use with discretion, as the result is permanent.. and can cause other problems. If unsure, post a log of the scan so the "pros" can advise.
Good advice is to make a backup of the Registry beforehand.

_________________
F@H.. to solve mankind's maladies.. in our lifetimes!


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Dec 24, 2008 6:19 am 
Offline
Black Belt
Black Belt

Joined: Fri Jan 23, 2004 3:18 pm
Posts: 741
Location: over there...
I just completely restored a networked desktop at a client's office (6 hours, reinstalled 10 extra business programs). A pop-up window appeared asking if they would like to "update the antivirus definitions for AntiVirus2009".
So, they clicked "Yes", and BOOM!
When I got there, they had 175 Trojans in the 'My Documents' folder and 95 Trojans elsewhere, and was still counting. When it got over 300, I shut the desktop down.
Rebooted, and could not log-in to Windows.
FUBAR!
It removed their AntiVirus program completely, they were wide open!

Funny, isn't it, say that pop-up window appeared asking them to update an antivirus program that was not the antivirus program they were using.
People don't think twice about clicking "Yes" to something like this.
If you use Norton A/V, don't click on a pop-up window suggesting you are at threat and please update your antivirus definitions for a totally different antivirus program........DON'T DO IT!!!!!!!!!
Think twice.

_________________
"Common sense is not so common." - Voltaire


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group