Jump to content


Photo

Trojan Horse Backdoor Help.


  • Please log in to reply
8 replies to this topic

#1 Jets

Jets

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 14 July 2004 - 08:37 AM

Hi. I'm a first timer here. Also, I'm not exactly what you call a computer wiz. I use my computer primarely for work and college. (Making a website, research, etc.) I don't have much free time for fun. I believe I got the virus from a infected email my wife got from a friend stating they may have a virus or from a website I visited. That's when things started to pop up literally.

I know a little about viruses and trojans but am looking for help on this one and looking to learn something in the meantime.

I came across a Trojan that I can't seem to get rid of with CW-Shredder, HiJackthis, AVG or Spybot. The programs did get rid of a lot of spyware and other trojans however, I'm still getting a AVG warning stating that I have the following.

"Trojan Horse Backdoor. Ruledor.C"
It's telling me to run the AVG for Windows.

It says it's located at

C:\System Volume Information\_restore{F03BC7CA-958E-4E73-B64E-7D9F75261CF2}\RP163\A0011762.exe"

The thing is, I have no such directory in C: called "System Volume Information".
I can't even fine the "A0011762.exe" file anywhere.

"My guess" is it's somthing in the registry that needs to be deleted?


Can anyone shed some light on this? Thank you in advance.

John (aka Jets.)

#2 therock247uk

therock247uk

    247fixes.com

  • Ambassador
  • PipPipPipPipPip
  • 870 posts

Posted 14 July 2004 - 09:57 AM

What Operating system do you have?

#3 Jets

Jets

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 14 July 2004 - 10:17 AM

Yah, that would help wouldn't it? Duh!
Windows XP. Just bought the system March of 03.

#4 therock247uk

therock247uk

    247fixes.com

  • Ambassador
  • PipPipPipPipPip
  • 870 posts

Posted 14 July 2004 - 10:21 AM

Ok what you need to do is to disbale system restore and renable it to get rid of that virus for instructions on how to do that go here http://service1.syma...src=sec_doc_nam

Good luck :D

#5 Jets

Jets

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 14 July 2004 - 10:54 AM

Ah, I see. I'm not good with forums like this. So I apologize in advance. I'm learning.

As for the info, thank you very much. I'll let you know how things work out.
Thanks again.

#6 Jets

Jets

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 20 July 2004 - 09:14 AM

Therock247uk

Just wanted to say that the advice you gave worked. (knock on wood.) Thank you for your help! I learned something.

The only thing I'm having fun dealing with are Explorer pop-ups. I have found that these things have a "dfn" extension (if I remember correctly). I delete them and they go away for a while. Trying to learn more about this problem between work, school and other priorities.

Thanks again, I'm very greatful!
Kind regards-
Jets

#7 therock247uk

therock247uk

    247fixes.com

  • Ambassador
  • PipPipPipPipPip
  • 870 posts

Posted 20 July 2004 - 01:32 PM

Ok no problem go here for Infomation on how prevent reinfection http://forums.net-in...?showtopic=3051

#8 Jets

Jets

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 20 July 2004 - 08:13 PM

Wow! Are you and this site for real? You just point people in the right direction.
Because I don't always know where to begin.
As Elvis would say. Thank ya, Thank ya very much.

#9 Jets

Jets

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 20 August 2004 - 12:56 PM

O.k. Just did an AVG update, ran a scan and came across the following as a virus, but am unable to delete or heal.

c:\program file\autoupdate\autoupdate.exe


I tried doing research on this file coming up as a virus and can't seem to find an answer as to what , what to do, is it lagit, etc. I didn't seem to find anything that gave me a clear answer or anything that I could understand. I'm stumped.

Advice from the experts again please!
Thanks in advance once again.
John




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button