Need help to remove a trojan, please.

Discussion in 'Malware Help (A Specialist Will Reply)' started by DAT111, Jul 15, 2006.

  1. DAT111

    DAT111 Private E-2

    Has anyone ever heard of sploit[1].anr, and how do you remove it.
    McAffee found it when I went to softpedia and stated that it could not remove it, or could not quarantine it. I disconnected the computer from the internet, jumped on another, and googled the name. To my suprise there appeared to be a site with information about it. I clicked on the site, and guess what happened. Yep, McAffee showed the same thing on that computer! I downloaded another virus scanner and it showed nothing wrong.
    If anyone has any suggestions I would really be interested in some real information about this.
    I use Sygate, McAffee, and Spybot as protection.
     
    DAT111, Jul 15, 2006
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Did the scan or Mcafee tel you the location of the infected file, I would imagine its in the Temporary Internet folder, so in that vain and as alot of these website exploits tend to drop their payload into your Temp Folders do follow the below guide, especially section #5 in cleaning malware, and use the likes of CCleaner to delete the temp folders and files.


    but do run through the whole guide below to make double sure all is clear.



    - Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    Make sure you check version numbers and get all updates.


    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

    Downloading, Installing, and Running HijackThis


    When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
    • Bitdefender
    • Panda Scan
    • HijackThis
     
    DavidGP, Jul 16, 2006
    #2
  3. DAT111

    DAT111 Private E-2

    I am a newbee with this so please excuse me if I seem stuip!
    McAffee showed the location at "C:\ documents & settings\tim\local settings\temporary internet files\content. IE5\ ufohq9q5". I triedto locate it but was unable to do so. I then deleted all temporary files, history, and cookies. I then ran Avast and Spybot, they showed no problems.
    I then ran McAffee again and it showed no problems. I have never had any type of trojan or virus before and do not know much programming or software to really dig in and find out what is going on. My computer acts normal, starts normal, and works normal. Could it have been a McAffee glitch or is sploit[1].anr a real trojan?

    Where do I get the bit defender,and other programs that is on the sticky?

    Thanks for your help Halo.
     
    DAT111, Jul 16, 2006
    #3
  4. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    I suspect that the trojan was only in your Temp Internet folder and as McAfee seemed to have caught it, DID McAfee show a popup windows and alert you to this trojan right away as soon as you went on the website in question?

    If so it has blocked it for you and deleting your Temp Interent Folder contents will have removed that file.. hence its not shown on further scans.


    Bitdefender and the other online scans and downloadable software are all linked to in the guide Bitdefenders online scan is located in section #6 of the guide.

    What now worries me more is you seem to have two antivirus software applications installed in McAfee and AVAST? Please uninstall one.. IF McAfee is a paid for app then keep that. Two antivirus apps as with two Firewalls will confict with each other and cause issues and slowdowns as they both are fighting to scan the same file.


    I do suspect your clear of any trojan as your not experiencing that same alert as you did, but I would follow the guide I posted above and run the online Bitdefender and Panda scans plus HJT to double check, attach the results BUT do follow the instructions in the guide to installing and running these applications closely.

    So also give this a read How to Protect yourself from malware!
     
    DavidGP, Jul 16, 2006
    #4
  5. DAT111

    DAT111 Private E-2

    Thanks Halo,
    I only run one antivirus at a time to avoid any conflicts, and I sort of thought that McAffee did stop it.
    I will start to find the programs that you have told me about and will learn more about this type of situation for future reference.
    I try to keep all updates current and stay away from any site that might be a haven for such things as virus, trojans or the such. I always clean out temp files, history and cookies every day and I do scans at least 2 times a week. My wife thinks I get to cautious about the internet, but I have done this for the past 12 years and this is the first time I have had a problem.
    If you know what sploit[1].anr is or find out please let me know. It seems that nobody knows what it is or where it came from.


    Thanks again, Tim
     
    DAT111, Jul 16, 2006
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds