~ the storytellers' tales ~ - Troja has been defeated.

Troja has been defeated.

Sep. 29th, 2008 at 11:49 PM

Ever since Saturday night, I've been irritated with my Sygate Firewall because it always deactivated itself right after startup.

I first repaired, then re-installed Sygate, but to no avail.

So I scoured Google today, which finally led to some results when I figured out that I supposedly had the same process asking to access the internet twice - svchost.exe. One of them turned out to be a Trojan that hid in the C:\WINDOWS\system32\drivers\ directory.

I manually deleted it with a lot of savage satisfaction.

Then, after a good deal of preventative registry-cleaning, mainly with CCleaner v2.12.660, I downloaded and ran Malwarebytes' Anti Malware 1.28 which found the corresponding Trojan-infected key in the registry and deleted it. And let's just say, for the record: I'm seriously unimpressed with AntiVir. I've ran it three times since Saturday, and each time it found nothing amiss. Hah.

Boo, hiss!!! So much for my good impression of you, AntiVir!

Also helpful was this article.

Mood: triumphant

Comments

( Leave a comment )

theficklepickle.livejournal.com wrote:

Sep. 30th, 2008 08:29 am (UTC)

Thank you

Inspired by this, I downloaded Anti Malware and ran it too. It found 250 rogue items deposited there by something which I *thought* was a piece of clean-up software but which turned out to be exactly the opposite. I run Norton Personal Firewall and a thing called ESET 32 which is very good although not well-known, but whatever this was just sauntered right past both of them. Too soon to know what effect this will have, but just doing it makes me feel better!

Link | Reply | Thread

allaire.livejournal.com wrote:

Sep. 30th, 2008 03:13 pm (UTC)

250? Wow, that's a lot.

As long as your computer still boots up alright, I wouldn't worry too much. :-)

I'll have to jot down a reminder somewhere so I repeat the Malwarebytes' Anti Malware check in, say, another two months' time or so.

:::invites