aca 21:25 12 Mar 2006

Discovered I had Doly, a trojan, kept trying to connect to website Used Hijackthis and found 2 start up references to Kernal32.exe (note the A and not E). Removed. Hopefully before any damage. Concerned that this got through unnoticed through Avast/Ewido/MS Spyware all up to date.

Followed online instructions for manual removal. Also downloaded Tauscan. Did scan in Safe Mode and used "Advance Trojan Analyser". Came up with warning saying thsi should be used for only suspiscious files as may find false positives. However though a thorough check in order so used.

Found Backdoor Orifice 2000 Lovebeads in my ATI Support Folder!

Is it likely that this a false positive and anyone have any advice views on Tauscan?

Would Sygate have saved me? Did a Sygate Trojan Port Scan and came up clear.

  gudgulf 22:17 12 Mar 2006

The Doly trojan has been around in one form or another since it's odd that your current scanners didn't pick it up...a new variant maybe?

The problem with trojans is that you are often tricked into accepting wrong "ok" click and you are effectively bypassing your security by agreeing to the intruder.

However your security regime must be spotted the culprit,didn't you.

As for the findings in yout ATI support folder....almost certainly false positives.It wont do any harm to delete the folder though....just to be sure.It's only used by the ATI driver installers to unzip their installation files to prior to installing on your pc.

  aca 18:44 14 Mar 2006


Thanks. I was surprised that Avast and Ewido didnt pick it up.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

These brilliant Lego posters show just what children's imaginations are capable of

Mac power user tips and hidden tricks

Comment réinitialiser votre PC, ordinateur portable ou tablette Windows ?