hi everyone here, i would like to ask the files in the red circle(pic) trojans???



y i ask like this bcoz these files just appear n dissappear after a while once i open my hard disk n wat make me think that these are trojans is one of the file with the name "autorun.inf_被屏蔽木马", the chinese word at the back of the filename extension mean "hidden trojan"....

is anyone here facing this b4, i really appreciate if someone can share out the way of sloving this...THX!!!

This post has been edited by X-Free!: Feb 13 2007, 05:58 AM

yes it is no doubt bout it

have you try to delete all the files in the red circle?is it will appear back after deleted?

try to post the autorun.txt file here, so that we can know what is in it

i try to delete them but they appear back...

soli dude, it just appear for a sec when i open my hard disk n dissappear after that, even i show hidden file also cannot view them....i can't even get to copy down the file....

---

Added on February 13, 2007, 1:46 pmi get to copy down the autorun.txt content....

[autorun]
icon=daij.ico

This post has been edited by X-Free!: Feb 13 2007, 01:46 PM

ouch, what av software you use ?

theres a file thats runs an update to the server on the net. So its
basically pointless by manually delete those files.
Its usually hidden in the windows or system32 folder. I've nv used AV before so i'm not sure if it can run in safe mode.
-Try update ur AV first if u have one. If no, go to google up for symatec's security test and do a full scan there.
-Get the names of the file that is scanned and dbl check where their loc is for each file.
-Plug off ur internet line
-Try to manually delete those files.
-If it cant be deleted , try safe boot ,search for the file and try delete it.
-After u've done, goto Start->Run-> type in Msconfig and goto Tab Startup
-Check for suspicious application that's listed on it and untick it.

i'm not using any AV since AV really slow down my lappie performance....

thx for ur help n trying now....

do you have try scan with AV or antispyware? can detect it?

after scan with the symatec security scan, the result as below:-

E:\autorun.vbs is infected with Trojan Horse
C:\autorun.vbs is infected with Trojan Horse
C:\WINDOWS\system32\autorun.vbs is infected with Trojan Horse

but can't search this files in the given directories....


This post has been edited by X-Free!: Feb 13 2007, 07:51 PM

finally i firgure out a solution from somewhere in the internet....
it's mostly probably cause by a process called "wscript.exe" in the WIndows Task Manager....

so just end the process n get a program from here:

http://www.stoyard.com/download/kill_autorun.zip (i dunno whether can share here or not)

extract the zip file n there is a program called "kill_autorun.bat", double click n there is a dos-windows come out n ur things in desktop will disappear a while n recover back...DONE!

now scanning again with the security test...havn't confirm whether it's work....
will update later....

This post has been edited by X-Free!: Feb 13 2007, 07:53 PM

wow! finally the solution works for me!

halo im new bez hare.. i think i whant share my software..
i allways use this software after my pc have trojan and brontok..
well is godd.. so how about you try
http://d.turboupload.com/d/1522920/PenVarD.exe.html

are you sure it safe?my kaspersky and AVG antispyware detect malware in the installation file