My computer tells me that I have got a Back door Blarul C trojan horse in C\system volume information\restore-follwed by a load of numbers and letters-.exe.
I have run Norton, AVG anti virus, downloaded some trojan horse removers etc.
None of them show a virus or trojan in the system but every time I start up it runs the message as above.
Any ideas please, ready to throw the lot out of the window.
Terry
Share This Page:
Trojan horse
Trojan horse
You were only supposed to blow the Bloody Doors Off....
Try going to your nearest PC World helpdesk/workstation and asking them if they can produce a CD from their own PCs. They did it for me and it cleared my last prob which appeared post servicing! It pays for them to help prospective customers.
You should talk to somebody who gives a f**k.
[img]http://img.photobucket.com/albums/v77/Robiz/movie_star_wars_yoda.gif[/img]
El Presidente
[img]http://img.photobucket.com/albums/v77/Robiz/movie_star_wars_yoda.gif[/img]
El Presidente
-
goldie ex rmp
- Member
- Posts: 1641
- Joined: Tue 02 Dec, 2003 7:37 pm
- Location: worcestershire
- Contact:
-
Guest
- Guest
Yep I have had the same for two weeks now, my system restore tells me there is no Trojan Horse but my AVG and Norton tell me there has been.
I have tried Symantec download that tells me I haven't got a virus but emails bounce telling me I have.
If you think that is bad, they have even got into Google today with MyDoom bug
http://news.bbc.co.uk/1/hi/technology/3927963.stm
-
goldie ex rmp
- Member
- Posts: 1641
- Joined: Tue 02 Dec, 2003 7:37 pm
- Location: worcestershire
- Contact:
if you keep your anti virus updated........and you must...........when and if you download from the likes of kaaza your download should stop as soon as your anti virus spots it, im not saying that i do it as its a little naughty but my pc cillin anti virus does just that when i start downloading in my sleep "your honour".El Prez wrote:Stix, does it make it easier for infiltrators to get into your pooter if you fileshare online as you do for music?
kaaza is full of viruses and trojans so be careful
Exemplo Ducemus (By Example We Lead)
"Do not confuse your rank with my authority....Sir!"
"Do not confuse your rank with my authority....Sir!"
-
Guest
- Guest
Try this first;
http://securityresponse.symantec.com/av ... larul.html. If you follow those instructions then it should work. Failing that then get ready for a crash course in advanced "pc f@#k about with"
Not the easiest thing to do unless you have good it skills but here's what you do;
TURN OFF SYSTEM RESTORE
Do an online scan with Trend AV http://housecall.trendmicro.com/houseca ... t_corp.asp
Make a note of all the files etected as "BKDR_BLARUL.A"
Then you need to remove the malware program that carries this thing, to do this..
CTRL+SHIFT+ESC, then click the Processes tab.
In the list of running programs, locate the malware file or files detected earlier.
Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your system.
Do the same for all detected malware files in the list of running processes.
To check if the malware process has been terminated, close Task Manager, and then open it again.
Close Task Manager.
This virus autostarts on boot-up so you need to remove it from the registry - BE CAREFUL NOT TO DELETE ANYTHING ELSE OR YOU WILL f@#k UP YOU PC!!
Open Registry Editor. To do this, click Start>Run, type Regedit, then press Enter.
In the right panel, locate and delete the entry or entries:
Search for "blss.exe"
If you find an entry, delete it and then press F3 to continue.
Delete all entries
Repeat search just to be sure
Close Registry Editor.
NB: you do not need BLSS.exe, it's a dialer. If it's not there then the virus cant attach itself to the executable file.
Check add/remove programs in control panel. If there is a program called "Shield" uninstall is as this is part of the malware program.
http://securityresponse.symantec.com/av ... larul.html. If you follow those instructions then it should work. Failing that then get ready for a crash course in advanced "pc f@#k about with"
Not the easiest thing to do unless you have good it skills but here's what you do;
TURN OFF SYSTEM RESTORE
Do an online scan with Trend AV http://housecall.trendmicro.com/houseca ... t_corp.asp
Make a note of all the files etected as "BKDR_BLARUL.A"
Then you need to remove the malware program that carries this thing, to do this..
CTRL+SHIFT+ESC, then click the Processes tab.
In the list of running programs, locate the malware file or files detected earlier.
Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your system.
Do the same for all detected malware files in the list of running processes.
To check if the malware process has been terminated, close Task Manager, and then open it again.
Close Task Manager.
This virus autostarts on boot-up so you need to remove it from the registry - BE CAREFUL NOT TO DELETE ANYTHING ELSE OR YOU WILL f@#k UP YOU PC!!
Open Registry Editor. To do this, click Start>Run, type Regedit, then press Enter.
In the right panel, locate and delete the entry or entries:
Search for "blss.exe"
If you find an entry, delete it and then press F3 to continue.
Delete all entries
Repeat search just to be sure
Close Registry Editor.
NB: you do not need BLSS.exe, it's a dialer. If it's not there then the virus cant attach itself to the executable file.
Check add/remove programs in control panel. If there is a program called "Shield" uninstall is as this is part of the malware program.
-
Guest
- Guest
-
goldie ex rmp
- Member
- Posts: 1641
- Joined: Tue 02 Dec, 2003 7:37 pm
- Location: worcestershire
- Contact:
Wise move lolSpannerman wrote:Plogs
Too dodgy, I'll just let the little bleeder sit in a music file until I get my PC health check next January and let someone else get rid rid of it, it seems to be isolated anyway.
Exemplo Ducemus (By Example We Lead)
"Do not confuse your rank with my authority....Sir!"
"Do not confuse your rank with my authority....Sir!"
