Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Trojan.Downloader.BAT.Ftp.c

Trojan.Downloader.BAT.Ftp.c 11 years 10 months ago #6801

  • chandak76
  • chandak76's Avatar
  • Offline
  • Distinguished Member
  • Posts: 98
  • Karma: 0
Hi,I've got this virus that keeps poping up on 4 of my workstations"Trojan-Downloader.BAT.Ftp.c" with "C:\windows\system32\o".I've symantec antivirus with the most recent defs but it doesnt seem to go away.I've tried using f-secure as well but it keeps poping up.I does'nt spread to other workstations,but just these 4.Tried google but to no avail.Please help.
Chandak76
The administrator has disabled public write access.

Re: Trojan.Downloader.BAT.Ftp.c 11 years 10 months ago #6802

  • Cool_Spot
  • Cool_Spot's Avatar
  • Offline
  • Frequent Member
  • Posts: 61
  • Karma: 0
Firstly go to task manager and kill the process, called "o" or whatever.

Secondly go to c:\windows\system32 and delete the exe file called "o" the trojan has created.

Thirdly, open regedit, go to HKLM\Software\Microsoft\Windows\CurrentVersion\Run and delete the entry found in this hive

You have just manually done what the antivirus should be doing automatically!

Next, do a full Windows Update. Get service Pack 2 if you are running XP.

I'd also dump IE in favour of Mozilla Firefox. and try grisoft.com as an alternative antivirus product.

Good Luck amigo!
The administrator has disabled public write access.

Re: Trojan.Downloader.BAT.Ftp.c 11 years 10 months ago #6870

  • gl0bal
  • gl0bal's Avatar
  • Offline
  • Distinguished Member
  • Posts: 83
  • Karma: 0
oh and one more thing..

I've found that I needed to clear the Windows restore hsitory on XP in some cases as my corporate AV (McAfee) keeps identifying the virus in the restore point files.


Don't know if you are having this problem but thought it might be something of interest
The administrator has disabled public write access.

Re: Trojan.Downloader.BAT.Ftp.c 11 years 10 months ago #6961

  • Fireball
  • Fireball's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Hi,I've got this virus that keeps poping up on 4 of my workstations"Trojan-Downloader.BAT.Ftp.c" with "C:\windows\system32\o".I've symantec antivirus with the most recent defs but it doesnt seem to go away.I've tried using f-secure as well but it keeps poping up.I does'nt spread to other workstations,but just these 4.Tried google but to no avail.Please help.
Chandak76

Hi , I' ve got the same problem, this trojan keeps coming back. I followed the instructions that were given but it didnt seem to work.
"C:\windows\system32\o" and "Trojan-Downloader.BAT.Ftp.c".
I have tried with F-secure which has found the Trojan but is unable to destroy it. Has anyone some strait foreward solution? I use Windows XP. Help would be highly apreciated! :?
The administrator has disabled public write access.

Re: Trojan.Downloader.BAT.Ftp.c 11 years 8 months ago #7991

  • MIB
  • MIB's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Try use Kaspersky 5.0 with updated def file 8)
The administrator has disabled public write access.

Trojans 11 years 8 months ago #7996

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
I've seen similar things with trojans and adware that regenerates itself. The basic method for getting rid of them is:
1) Identify the running process (task manager)
2) HKLM\Software\Microsoft\Windows\CurrentVersion\Run and find the entry that runs the process. Make a note of the location and name of the file that it runs
3) When the disk is quiet, yank the machine's power lead (some trojans/adware rename themselves when you shut down to stop you following this process!)
4) Boot in safe mode (or you might be able to use BartPE or a Knoppix CD)
5) Find the above mentioned file and delete it
6) Delete the registry entry from the run key
7) Reboot nornally and hope it works
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.082 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup