trojan virus

  peterh1 17:03 09 Oct 2008
Locked

I have mcaffe security on my laptop do full scan's every night and today i made my self a member of hacker watch. On there web page which is accessed through my Mcaffe security centre they provide in formation on your port's which told me "unassigned/ic killer trojan was recently usein port 1027 i phoned the tch guys who tryed to block my port usein the fire wall has we could not find any other info on this trojan and the port involved or any sign it was or had been there.NOT had any problems with comp but did get rid of a yahoo toolbar 2 week's a go has the techguy said it was searchin the web on it's own so possible spy ware installed any advice would be appreciated on this matter,i've scaned with mcaffe and the window's one care can't find a bean so what is the best route now.i did a restore last week could that of got rid of it from my system???????? help don't know what to do next

  kindly 17:22 09 Oct 2008

Sometimes the trojan will end up in system restore so likely is you will just bring it back out after cleaning up. You usually have to turn off restore to clear it out from there BUT bear in mind you loose ALL restore points.
Try downloading a FREE checker called Superantispyware Free adition. I have used it when i had a virus norton could not find and it worked. Just do a google for it. Also try Maleware bytes. If you can try to do the scans in safe mode.Hope this helps.

  peterh1 19:35 09 Oct 2008

i've found the superantispyware and i'm gonna run the scan thankyou for you'r help and appreciate you'r advice. Will let you know what come's up

  skidzy 20:28 09 Oct 2008

First bit of advice is NOT to turn off system restore just yet.
Though this is common practice is it not advisable as an infected restore point is better than no restore point at all.

The advice to run Mbam and SAS is good,here are the links.

Mbam click here
SAS click here

These programs are best downloaded,updated and run in safemode.
To access safemode,reboot the computer and continually tap F8 on startup and select Safemode,then run the above programs.

Also download Dr Web Cureit click here


If the trojan in question is;

Trojan.Win32.ICKiller

This is classed as dangerous and you may require specialist help.There are manual removal instructions but this can be a bit daunting.

Is your isp AOL by any chance ?

If problems persist,download HiJackthis click here and post the scan results at Malwareremoval click here please be patient as it can be busy.You will need to register (its free).

This is an old Trojan and should be dealt with b most Anti's,this is an AOL exploit and i find it remarkable that AOL have not yet dealt with this vulnerability (if im correct on the trojan).

Meanwhile,you can check your ports and verify if any are open by using Shieldsup click here

  peterh1 21:58 09 Oct 2008

Ihave used aol to listen to music so???my isp is sky and the message that came up on hackerwatch the built in thing on my Mcaffe security is sayin it's used the port and could still be there.I have a techguy suscription and one of them turned my firewall up has it was set low so we both thought that is what it had done and for some reason we could not find it still in my system and we checked the ports that were open on the mcaffe list we could'nt find port 1027???so im now waitin on the damage rearin up on me will follow your advice and let you know how i go i tryed microsoft's scan and it did'nt pick any thing up so?? bye for now and thanks alot!!! oh worried about this now you say it's a bugger to shift.

  peterh1 22:01 09 Oct 2008

It said unassigned/ic killer on my hackerwatch port

  peterh1 04:33 10 Oct 2008

I have completed all scane's and come up clean!!? i couldnt scan in safe mode my laptop would'nt let me so i restarted and went ahead with all three scanes one after the other dr web knocked all my wireless network out and my defender too i had made a restoe point perposely in case of problem's so know worrie's thank you for all your help scidzy and kindly i'm assuming this treojan is not there now for some reason so am i right in thinking i am in the clear has far has my port being infectered oh my isp is sky!!!!

  birdface 10:05 10 Oct 2008

[i couldn't scan in safe mode]Just keep tapping F8 as the computer starts it sometimes works Tapping F5 as well.Just keeping your finger pressed on the F8 button will not work.

  pcgeeek 10:51 10 Oct 2008

good luck mate sure it will all come right :)

  peterh1 11:35 10 Oct 2008

the lap top let me go into safe mode but would'nt let me run the program's to scan with???anyway's thank's to you all,yet again i received good advice from the guy's who know there stuff.thank's alot "from what the scan's said i only had 8 adware cookie's so must of got rid of it some how" I hope........

  kindly 14:07 11 Oct 2008

Lets hope you got rid. Anyway, just make sure when you download ANYTHING, save it in a folder and ALWAYS scan it before opening. I have been caught out a couple of times like that. In a haste to get what I want and knack myself up doing so.
Just a thought, have you looked at your "task manager" to see what is running in there. If you see something that you dont know what it is, why dont you do a google search then you can stop any thing running by pressing end tsk button. This will not hurt your sytem.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best phone camera 2017

Stunning new film posters by Hattie Stewart, Joe Cruz & more

iPad Pro 10.5in (2017) review

28 astuces pour profiter au mieux de votre iPhone