Trojan.lowzone problems

Discussion in 'Malware Help (A Specialist Will Reply)' started by Zacker, Sep 12, 2005.

  1. Zacker

    Zacker Private E-2

    Ok, so a couple days ago my brother is on my PC and I'm just now starting to get alerts from my Norton Antivirus that it has detected a "Trojan.lowzone" virus on my computer. From what I understand, it's a moderate virus that lowers browser security settings. I followed the instructions from your Sticky thread verbatim: I downloaded every one of the suggested spyware tools, turned off system restore, scanned in safe mode and enabled display of hidden files. I even reactivated my Norton Firewall and made the latest updates. I still can't get rid of the damn thing.

    When my Norton firewall is activated I get a message every two minutes (on the dot) saying that the program "ex.exe" is attempting to connect to a DNS server (a remote IP address in VA). I always click "Block on all ports" but it keeps coming up exactly two minutes later. Then when I disable the firewall, that's when I get the message from my auto-protect about the Trojan.lowzone on my computer. The first message from auto-protect is that it is unable to repair:

    [C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\0KTQ5NBR\all[1].exe]

    The second message is that "access is denied" to the same file above. And the third message is that the program, [C:\all.exe] was automatically deleted.

    I've done everything except mess around with HijackThis, which I thought would be wiser to do AFTER I spoke with someone. If you request it, I will attach the latest logfile from HJT.

    Thank you much.
     
    Zacker, Sep 12, 2005
    #1
  2. AbbySue

    AbbySue MajorGeeks Administrator

    Thank you for getting yourself started by following the sticky thread.:)

    You can proceed with HJT.

    Make sure you have booted to normal mode and run the steps below:

    - Download HijackThis 1.99.1

    - Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    - Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

    - Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    - Run HijackThis and save your log file.

    - Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).
     
    AbbySue, Sep 12, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds