Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Oct 7th, 2008, 12:25pm
   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Guard (Moderators: Helena, Gavin_Coe, Magnus)
   definition not found to my trojan virus		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: definition not found to my trojan virus  (Read 499 times)
foofala
Newbie
*





   


Posts: 3
definition not found to my trojan virus
« on: Nov 16th, 2005, 1:44pm »		 Quote Quote  Modify Modify
Hi there-
 
  I bought the Trojan Hunter software, because an online Kaspersky scan found this on my machine: Trojan.Win32.Qhost  and mainly because the good folk at TomCoyote recommend your product.  
 
  But a few things:
 
1) TrojanHunter failed to work around the limitations of my resident trojan-  it couldn't access your site and successfully download definitions.  That's one smart trojan, but naturally I hoped your software would beat the trojan's nefarious means.
 
1b) When I noticed this, and sent an email to your support email address asking what to do- there was no response for 2 days, and still counting.  I'm a little disappointed by that.
 
2) After taking the advice offered at TomCoyote, I gave up trying to fix it myself, and completely reinstalled Windows after backing up my files.  That seems to have eradicated the virus.
  Now that the Trojan is (seemingly) gone, Trojan Hunter loads up, loads definitions, and finds nothing on its full system scan.
  HOWEVER-  the trojan virus kaspersky.com identified on my system is not listed in the Trojans definition list.  I would feel a lot better knowing that you have the one I've been struggling with, and that if there are any vestiges left, your program will clean it up.  
 
  Again, Kaspersky identified it as:  
Trojan.Win32.Qhost  , and TomCoyote called it by another name: Backdoor.Landis.C, and provided this reference:  http://www.k7computing.com/virusinfo/BackdoorLandisC.htm
 
 
  Thoughts?
  Thanks,
  ..Von
IP Logged
Randy_Bell
Global Moderator
*****




TrojanHunter is the Best!

40416585 40416585   randybell_98   atmrover
WWW   Email

Gender: male
 Posts: 2883
Re: definition not found to my trojan virus
« Reply #1 on: Nov 16th, 2005, 6:49pm »		 Quote Quote  Modify Modify
Hello Von, welcome to TH forum.  Do you have a sample of this malware? If so you can send it in to submit@misec.net if it is not being detected, or you can send a copy to me at randybell_98@yahoo.com and I will take a look at it and submit for you if needed.  If you submit to misec, make sure you password protect and include in the body of your email: (1) the password to open the zipped attachment; (2) a link to this thread, with brief explanation of your problem.  if you want me to take care of all that, just send the file to me at my Yahoo addy above.  HTH .. good luck .. Wink
« Last Edit: Nov 16th, 2005, 6:50pm by Randy_Bell » IP Logged
Randy_Bell
Global Moderator
*****




TrojanHunter is the Best!

40416585 40416585   randybell_98   atmrover
WWW   Email

Gender: male
 Posts: 2883
Re: definition not found to my trojan virus
« Reply #2 on: Nov 16th, 2005, 7:01pm »		 Quote Quote  Modify Modify
Also permit me to address these comments:
 
Quote:
1) TrojanHunter failed to work around the limitations of my resident trojan-  it couldn't access your site and successfully download definitions.  That's one smart trojan, but naturally I hoped your software would beat the trojan's nefarious means.

Well unfortunately, this is common with malware {worm, trojan} -- when it becomes resident it will put entries in the HOSTS file to block access to security sites {AntiVirus, AntiTrojan sites} to prevent or hinder people from accessing the sites and updating their security product.
 
Quote:
1b) When I noticed this, and sent an email to your support email address asking what to do- there was no response for 2 days, and still counting.  I'm a little disappointed by that.

If you will kindly PM me, I think I can offer further explanation but let me say publicly I am sorry for your inconvenience and we will try our best to do better and to be more reponsive to your needs.
 
Hang in there and don't be discouraged by the internet criminals who have victimized you with this badboy.
 
Warmly, Ran
IP Logged
foofala
Newbie
*





   


Posts: 3
Re: definition not found to my trojan virus
« Reply #3 on: Nov 17th, 2005, 9:19am »		 Quote Quote  Modify Modify
Hey there,
 
  Thanks for your comments.  I would hope that if what my trojan did is common behaviour, that your software will find a way to get around that.  For instance, if the updater can't access your site for definitions, a CleanHostFile function in your updater would defeat the trojan's little tactic.  
  I bet most people who buy TrojanHunter have a trojan already, and they shell out $60 so that it will go away without them reinstalling their OS.
 
  I don't know how I would go about sending you more information on the trojan I had.  Perhaps you can guide me?  
 
  As far as I can tell, reinstalling my system has cleared up the problem.  
 
  I did finally receive a reply from the Support team, however their only reply was to ask whether I'd given the updater permission to pass the firewall.  Um.  yeah, thanks.
 
  I will try to help you get the trojan definition if it's possible.  In the meantime, here's a link to the TomCoyote forum, where I was guided a detailed description of what "my" trojan was doing, and solid advice for how to clean it up.  
http://forums.tomcoyote.org/index.php?s=05d445d5e053b2c6cc6dfd3ccaa285b8 &showtopic=51243&pid=230087&st=0&#entry230087
 
 and,
http://www.k7computing.com/virusinfo/BackdoorLandisC.htm
 
  ..Von
IP Logged
Randy_Bell
Global Moderator
*****




TrojanHunter is the Best!

40416585 40416585   randybell_98   atmrover
WWW   Email

Gender: male
 Posts: 2883
Re: definition not found to my trojan virus
« Reply #4 on: Nov 17th, 2005, 10:49am »		 Quote Quote  Modify Modify
Hello Von,
 
Well if you don't have a sample of the malware there isn't much we can do because we don't even know what it is.  TH may or may not have been detecting it {KAV calls it one name, TrendMicro another, just because you can't find the same name in TH list is inconclusive because they all use different names for the same malware}
 
I looked at your thread there at TomCoyote forum, and good for them to provide the HijackThis analysis and the help -- although realistically, they did end up telling you to reformat in order to make sure your system is clean.
 
After reviewing what happened, I don't think TrojanHunter {or any of your security apps} is to blame for your problem since you tried it AFTER the fact, i.e. after you were infected.
 
Once you become infected with a badboy, all bets are off, and it can be very difficult to get cleaned up, no matter what security apps you use.
 
Again I/we am sorry you had to reformat but from the Tom Coyote thread it appears they would have counseled you to do that no matter what security apps {including TrjoanHunter} you were using, because you were already infected.
 
Other than that, really I don't think blaming TH {and Support} for an infection you already had beforehand is going to accomplish much.  I'm sorry if you feel you made a bad investment, you can email Magnus at support<at>misec.net or magnus<at>misec.net to see if you can get a refund.
 
Take Care,
Sincerely, Ran
IP Logged
Matt_Day
Senior Member
****




Apparently I love YaBB 1G - SP1!

   


Gender: male
 Posts: 317
Re: definition not found to my trojan virus
« Reply #5 on: Nov 19th, 2005, 3:26am »		 Quote Quote  Modify Modify
Have you tried manually updating the definitions?
http://www.misec.net/trojanhunter/updating/
« Last Edit: Nov 19th, 2005, 3:26am by Matt_Day » IP Logged
Matt Day
foofala
Newbie
*





   


Posts: 3
Re: definition not found to my trojan virus
« Reply #6 on: Nov 19th, 2005, 7:05am »		 Quote Quote  Modify Modify
Hi Matt-
 
  Thanks for this useful advice!  I could have solved my original problem with this technique.  
 
  After reinstalling Windows, TrojanHunter was able to update its definitions.  Then my issue became that the named trojan Kaspersky's online scan found wasn't in the definitions list.  It's been mentioned though, that various trojans have various noms des plume.
 
  Thanks very much!
  ..Von
IP Logged
Matt_Day
Senior Member
****




Apparently I love YaBB 1G - SP1!

   


Gender: male
 Posts: 317
Re: definition not found to my trojan virus
« Reply #7 on: Nov 19th, 2005, 9:17am »		 Quote Quote  Modify Modify
No problems.
 
One thing I might add, many Antiviruses label non-viral malware "trojans" even if they aren't actually trojans.
 
I'm not a qualified to give an authoritative answer, but Qhosts to me doesn't sound like a trojan in the true sense of the word.  Qhosts and landis seem to me to be two seperate things.  Also, TH does have some definitions for landis.
« Last Edit: Nov 19th, 2005, 9:19am by Matt_Day » IP Logged
Matt Day
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register