theconrodkid
|
| posted on 23/8/04 at 10:07 AM |
|
|
troj simali.a
my virus thingy says ive got this virus,not too deadly but i,d like to get rid of it,any ideas troj simali.a 
who cares who wins
pass the pork pies
|
|
|
|
|
Peteff
|
| posted on 23/8/04 at 10:50 AM |
|
|
Got to Trend micro and do an online scan.
http://housecall.antivirus.com/housecall/start_corp.asp
Won't your AV program get rid of it for you John? If it found it it should disinfect it.
yours, Pete
I went into the RSPCA office the other day. It was so small you could hardly swing a cat in there.
|
|
|
theconrodkid
|
| posted on 23/8/04 at 01:09 PM |
|
|
pete,housecall found it and says it cant delete it cos its connected to a prog that is needed,there are a couple of mentions on various sites about it
but its all in swahili or summat 
who cares who wins
pass the pork pies
|
|
|
pbura
|
| posted on 23/8/04 at 02:00 PM |
|
|
Here's some more info about it:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.simali.html
Suggest trying to kill the running trojan process and running AV again. Probably the process will be one of these:
Loader.exe
Main.exe
Lass.exe
Msmsg.exe
Do CTL-ALT-DEL and see if one of these is running (or anything else that looks dodgy) and End Task. Then run the AV again.
Good luck!
Pete
Pete
|
|
|
theconrodkid
|
| posted on 23/8/04 at 03:40 PM |
|
|
did that,stil there
who cares who wins
pass the pork pies
|
|
|
pbura
|
| posted on 23/8/04 at 09:14 PM |
|
|
Sorry I was late getting back, Conrod.
IIRC, you run Windows 98? Try downloading this process viewer:
http://www.xmlsp.com/pview/prcview.htm
It will show everything that's running, including the trojan, so that you can kill the process and re-run AV. If that doesn't work, in
PrcView you can do File>Save As, and save the process list to a text file. You could then cut-and-paste the process list here if you like, and we
can try to figure out what to kill off.
Hope you read the link in my last post thoroughly. Getting rid of the bugger may involve editing your registry, which you might want to get some help
with.
Pete
|
|
|
theconrodkid
|
| posted on 24/8/04 at 06:07 AM |
|
|
ive got XP,ta for yr help but thats all beyond me
who cares who wins
pass the pork pies
|
|
|
pbura
|
| posted on 24/8/04 at 11:20 AM |
|
|
Well, most likely the target of the trojan was a server and not a personal box. When these hackers get into a server they have a party with it. It
can wait until you have a visitor who can clean it for you.
Damned writers of these things ought to be hung up by their balls 
Pete
|
|
|
theconrodkid
|
| posted on 24/8/04 at 11:45 AM |
|
|
yup agree with your last sentance
who cares who wins
pass the pork pies
|
|
|
JoelP
|
| posted on 24/8/04 at 07:18 PM |
|
|
cheers for the links pete, its time i had a tidy out myself!
|
|
|
theconrodkid
|
| posted on 24/8/04 at 07:42 PM |
|
|
just run housecall again and its cleared it
who cares who wins
pass the pork pies
|
|
|
mangogrooveworkshop
|
| posted on 27/8/04 at 07:56 PM |
|
|
may still de lurking in system restore!
|
|
|
