Results 1 to 10 of 10

Thread: Trojan Horse

  1. #1
    3 Star Lounger
    Join Date
    Jun 2001
    Location
    Queensland, Australia
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Trojan Horse

    Hi all

    I was wondering if anyone can help
    I'm regularly getting a pop up message from my anitvirus program (AVG) which says there is a Trojan Horse Downloader Inservice.G on my system, please run AVG to remove.

    Well when I run the anti vrius program it doesn't find it. Yes I have the latest definitions. I've also run Ad Aware, Spybot S&D and Trojan Remover and they also don't detect it.

    I did a search on Google, got 2 finds both of which I tried the solutions and the message still comes up.

    Has anyone come across this trojan and if so is there a way to remove it.

    Any help would be greatly appreciated
    Dax


  2. #2
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Trojan Horse

    Did your searches perhaps take you here? If not, is there anything of value in the link provided at that site?

  3. #3
    Lounger
    Join Date
    Oct 2001
    Posts
    36
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Trojan Horse

    One of our computers at work came down with the Downloader Trojan after she searched a Tattoo Parlor Site. We have Nod32 antivirus which is supposed to be very good and a Sonicwall Firewall for our network and it still got in. Spybot didn't seem to get it either. Finally I loaded and subscribed to NoAdware which I think helped and also Spyware Blaster 3.1 which is free but you can donate Spyware Blaster screens for things coming in, Spybot looks for them after they're already in.. For good measure I installed Norton Internet Security and antivirus on it and the problem now seems under control. The trojan had taken over the homepage, added unknown favorites to the favorites list and was opening all kinds of pop-ups unsolicited. I threw everything but the kitchen sink at it because I didn't want to have to wipe the hard drive, reformat and start over but that is still a possibility. I'm sure someone has a neater solution but this worked for now.

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Trojan Horse

    Trend Micro lists one similar name in its Virus Encyclopedia, TROJ_INSRVC.B.

    You can try the company's online scanner, HouseCall and see if that works better. If you are a more experienced user, Trend Micro also has a downloadable scanner free to non-customers. Go to the Damage Cleanup Engine / Template page and look for "Sysclean." Hope you have a fast connection. <img src=/S/wink.gif border=0 alt=wink width=15 height=15> Make sure to grab the readme file for instructions.

    McAfee also offers a free "emergency" downloadable scanner, known as McAfee AVERT Stinger, but it doesn't look as though this Trojan is included in the scope of the AVERT tool, which is targeted toward big name outbreaks.

  5. #5
    2 Star Lounger
    Join Date
    May 2002
    Location
    Nr. Edinburgh, Fife, Scotland
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Trojan Horse

    Hi,
    Do you know where it is? If it is in the System Volume Folder no scanner will be able to remove it.
    You will have to turn off System Restore, reboot, and then re-enable System Restore.
    Don`t do this unless you are sure the trojan is there as you will lose all your restore points.

    Elaine

  6. #6
    3 Star Lounger
    Join Date
    Jun 2001
    Location
    Queensland, Australia
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Trojan Horse

    Hi Elaine

    Thanks very much for your reply and everyone else. I tried all the previous seggestions without any success.
    Then I tried your suggestion Elaine, I turned off the restore function and rerun AVG, Ad-Aware and Spybot S&D and it WORKED, plus got rid of some other junk that wasn't previously picked up.

    This process doesn't appear to be very well documented anywhere that I have looked, so am glad you suggested it.

    Thanks very much again everyone for your help with this piece of bloody frustration I was experiencing....keep up the good work

    Cheers
    Dax


  7. #7
    2 Star Lounger
    Join Date
    May 2002
    Location
    Nr. Edinburgh, Fife, Scotland
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Trojan Horse

    My pleasure.
    That`s what happens when SR creates a restore point when your system is infected.
    Turning off SR is enough to remove the trojan from your machine, but it is best to check it again
    Elaine

  8. #8
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,571
    Thanks
    5
    Thanked 1,056 Times in 925 Posts

    Re: Trojan Horse

    However, you lose all your restore points. If you know that the problem is in a restore point and you know that some restore points are ok you might be better off just letting it disappear on its own over time. That way you'll still have something you can go back to if required.

    Joe
    Joe

  9. #9
    2 Star Lounger
    Join Date
    May 2002
    Location
    Nr. Edinburgh, Fife, Scotland
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Trojan Horse

    Yes that`s true, and I did warn of that in my first post.
    If you just leave it though, you have to remember which restore points might be infected if you need to use SR in the near future.

    Elaine

  10. #10
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,571
    Thanks
    5
    Thanked 1,056 Times in 925 Posts

    Re: Trojan Horse

    Just wanted to expand on the point. It just depends on how paranoid/safe you want to be with restore points. A PostIt on the monitor would be sufficient keep track of the 'bad' ones. Most likely, they would disappear rather quickly.

    Joe
    Joe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •