Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » Can't get rid of Trojan Horse

[Fixed] Hijackthis! Logs - Can't get rid of Trojan Horse posted in the Security & Safety forums; Norton Anti-Virus reports the following. File: C:\WINDOWS\system32\AppCert\wsil32.dll Location: C:\WINDOWS\system32\AppCert Action taken: Clean failed : Quarantine failed : Access denied I have tried everything I know to get rid of it ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 01-11-2008
Bronze Member
  
Join Date: Dec 2007
Posts: 19
PC Experience: Experienced
LostinMT - See this Members User comments on their Profile page
Default Can't get rid of Trojan Horse
Norton Anti-Virus reports the following.

File: C:\WINDOWS\system32\AppCert\wsil32.dll
Location: C:\WINDOWS\system32\AppCert
Action taken: Clean failed : Quarantine failed : Access denied

I have tried everything I know to get rid of it but nothing works. Can anyone help?
  #2  
Old 01-12-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,088
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: Can't get rid of Trojan Horse
Hi...

Please download The Avenger to your Desktop and unzip it.
Copy all the text contained in the code box below ( including the words "files/folders to delete" ) by highlighting it and right clicking and selecting "Copy"

Files to delete:
C:\WINDOWS\system32\AppCert\wsil32.dll
Folders to delete:
C:\WINDOWS\system32\AppCert
Now, start The Avenger program by clicking on its icon on your desktop. Look under "Script file to execute" and click on "Input Script Manually". Next click on the Magnifying Glass icon and a blank dialogue box will open called "View/Edit script". Position your mouse inside the box, rightclick and choose Paste. All the text above in the code box should now appear there. Click Done and click on the Green Light to begin execution of the script. Answer "Yes" twice when prompted.
The Avenger will restart your computer. (if the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
When you have rebooted, a black command window briefly opens on your desktop, this is normal. A logfile will be created that records all actions that The Avenger performed. This log file is saved to C:\avenger.txt. The deleted files will be backed up and saved to C:\avenger\backup.zip.
Once your computer has rebooted, please post back the contents of C:\avenger.txt.


__________________
  • An Australian Member of
  • and
My real name is Eddy
Last edited by Pancake; 01-12-2008 at 12:50 AM.
  #3  
Old 01-12-2008
Bronze Member
  
Join Date: Dec 2007
Posts: 19
PC Experience: Experienced
LostinMT - See this Members User comments on their Profile page
Default Re: Can't get rid of Trojan Horse
Here are the is the results file you asked for. Should I do anything to check and see if the virus is gone?
Attached Files
File Type: txt avenger.txt (1.2 KB, 3 views)


  #4  
Old 01-12-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,088
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: Can't get rid of Trojan Horse
Yes you can do a check but I think you will find it is an ex virus


__________________
  • An Australian Member of
  • and
My real name is Eddy
  #5  
Old 01-12-2008
Bronze Member
  
Join Date: Dec 2007
Posts: 19
PC Experience: Experienced
LostinMT - See this Members User comments on their Profile page
Default Re: Can't get rid of Trojan Horse
You were half correct, it was gone when I did the scan after running avenger. Some time last night the virus reappeared on a new file. Here is the report from Norton Antivirus provided, however this time Quarantine succeeded do I need to do anything else?

+++++++++++
Scan type: Realtime Protection Scan
Event: Virus Found!
Virus name: Trojan Horse
File: C:\System Volume Information\_restore{E6195AEA-FC14-4114-8146-1A0142759763}\RP6\A0000162.dll
Location: Quarantine
Computer: WOODY
User: SYSTEM
Action taken: Clean failed : Quarantine succeeded : Access denied
Date found: Fri Jan 11 22:31:07 2008
  #6  
Old 01-12-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,088
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: Can't get rid of Trojan Horse
No you should be fine now...all done.


__________________
  • An Australian Member of
  • and
My real name is Eddy

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!

Bookmarks

« Various issues | Trying to remove mrofinu77.exe file »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 10:48 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
Loans
Loans information and advice from the experts at Norton Finance.

Low Interest Credit Cards
Find and compare low interest credit cards.

Cheap Car Insurance
Get car insurance quotes and compare the market at Moneyexpert.com