Archived from groups: microsoft.public.win98.gen_discussion (
More info?)
Thank you David. Before Avast caught it (not on the fly, I'm sorry to say) I
ran scans with Spybot and AdAware, which were negative. I then downloaded
and ran T-M SysClean, which I'm familiar with. I then ran HJT and posted the
log to AUMHA forum, and of course I'm hoping they'll respond shortly. So I'd
like to see how that plays out for starters.
Thanks for the newsgroup recommendations. I'll use them for future problems,
and possibly this one as well, depending on how it goes from here.
In answer to your question (I think), the write up in Quarantine says:
Original File Name: Shellexp.exe
Original Folder: C:\WINDOWS\System\
Size of file: 303616
David H. Lipman wrote:
> From: "Roger Fink" <fink@*****.net>
>
>> Hi, according to Avast, I've been infected with "Win32: Trojan-gen
>> (Other)".
>> Can someone please tell me where to post the HiJack This log? And
>> feel free
>> to throw in any advice as well. Thanks.
>>
>
> There are anti virus News Groups specifically for this type of
> discussion.
>
> microsoft.public.security.virus
> alt.comp.virus
> alt.comp.anti-virus
>
> That sounds like a Generic Trojan detection.
>
> Did it flag a particular file ?
> If so what is the fully qualified name and path to that file ?
>
> In the mean time, you can do the following which has modules for;
> McAfee, Sophos and Trend Micro scanners...
>
>
> Download MULTI_AV.EXE from the URL --
>
http://www.ik-cs.com/programs/virtools/Multi_AV.exe
>
> It is a self-extracting ZIP file that contains the Kixtart Script
> Interpreter {
http://kixtart.org Kixtart is CareWare } three batch
> files, five Kixtart scripts, one Link (.LNK) file, a PDF instruction
> file and two utilities; UNZIP.EXE and WGET.EXE. It will simplify the
> process of using; Sophos, Trend and McAfee Anti Virus Command Line
> Scanners to remove viruses, Trojans and various other malware.
>
> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in
> C:\AV-CLS}
> This will bring up the initial menu of choices and should be executed
> in Normal Mode. This way all the components can be downloaded from
> each AV vendor’s web site.
> The choices are; Sophos, Trend, McAfee, Exit the menu and Reboot the
> PC.
>
> You can choose to go to each menu item and just download the needed
> files or you can download the files and perform a scan in Normal
> Mode. Once you have downloaded the files needed for each scanner you
> want to use, you should reboot the PC into Safe Mode [F8 key during
> boot] and re-run the menu again and choose which scanner you want to
> run in Safe Mode. It is suggested to run the scanners in both Safe
> Mode and Normal Mode.
>
> When the menu is displayed hitting 'H' or 'h' will bring up a more
> comprehensive PDF help file.
>
> To use this utility, perform the following...
> Execute; Multi_AV.exe { Note: You must use the default folder
> C:\AV-CLS }
> Choose; Unzip
> Choose; Close
>
> Execute; C:\AV-CLS\StartMenu.BAT
> { or Double-click on 'Start Menu' in C:\AV-CLS }
>
> NOTE: You may have to disable your software FireWall or allow
> WGET.EXE to go through your FireWall to allow it to download the
> needed AV vendor related files.
>
> * * * Please report back your results * * *
)
Facebook
Twitter
Instagram