I got a trojan that came into me via yahoo. It is trying to go out via yahoo. I've deleted yahoo to close the door, but McAfee is not seeing it. Anybody else been wormed?
Moved this to the correct area. It's a bit difficult to know what to suggest without any details such as a name for the trojan, your operating system and service pack plus what versions of McAfee you have installed, but.....
Try downloading, updating and running the free version of these two tools:
Let them remove everything they find and reboot immediately when asked to.Message was edited by: Ex_Brit on 12/4/09 6:49 PM
No sir, that didn't work. It is still doing it. I think it is trying to go out via the IMs. I have Vista SP2 installed, and the McAfee is the McAfee Internet Security via Toshiba. Not certain how to find the Trojan Horse/Worm. Content.IE5\VBP3BDLT\2Tq.zip was blocked once. Not certain what is getting through the IM program.
Download Hijackthis and post its log along with the symptoms you are seeing on one of the following forums for expert advice:
Do not post the log here, we can't help!
Post the logs at a specialist Forum:
Be sure to read all the sticky announcements/instructions at the top of each malware forum!
The program, 2tq.ZIP IS running thru YAHOO IM.
An IM from a friend (infected) popped up and asked how I liked the new glasses she picked out (and YES, she wears glasses)
I have two separate computers running McAffee and another running NAV. Both identified, reported 2TQ.zip and repaired same yet YIM continues to send IM's to each individual in the address book. Apparently the ZIP file is SFX and the trojan file names have been changed since 2004. tHE TROJAN IS STILL RUNNING ABOUT EVERY 30 MIN.