Hit by trojan virus

[serverandenforcer 33]

I was following a link to download a mod from another site for a game and it ended up being infested with a trojan virus that has pretty much compromised my entire system. I can't gain acess to the task manager, spybot, or any other free anti-virus programs. There's a system tools icon that pops up for me to download a payware anti-virus program, but I'm not sure if that's an additional trap setup by the trojan. Are my only options to re-format that hardrive or just buy a new one?

[+JonathanRL 973]

Re-Formating will do it. And yes, the Payware option is a trap. They charge you money to get rid of the VISIBLE signs of the virus. They keep a hidden version to activate and keep pumping for money.

Getting rid of it ALL is very difficult tought. Hence, Reformating is the option.

[Gr.Viper 131]

Get a free Kapersky Rescue Disk or AVG Rescue CD or something else of that type. Burn to a CD (maybe on a different PC) with ImgBurn, boot the infected PC from that CD, run a full scan.

But first check if that particular trojan ad is known around the Internet, searching for text it shows, maybe there's a smaller utility from a well known AV developers providing a cure for that particular type.

Edited January 24, 2011 by Gr.Viper

[Guest rscsjsuso5]

you could try a system restore as it might restore your pc to the original workable state, doing a system restore will wipe out anything you worked on from the time your computer was good to the time it hit the trojan. after you do system restore make sure you install a good anti virus and anti spyware with anti trojan and firewall in on . then do a overnight scan , not a quick one but a comprehensive/full one.

 

also if you have a desktop computer not a laptop , you could purchase a new harddrive and make that a new clean windows install ( this would be master harddrive), the one infected with trojan can be the (slave) . this way you can just copy paste and save you some time in file migration making sure that the computer boots to the clean window install and that it detect both harddrives.

 

these are my suggestions if you know what you are doing.

Edited January 24, 2011 by rscsjsuso5

[serverandenforcer 33]

Can't do a system restore because this thing has locked me out from doing that. I think reformatting of what I'm going to have to do. That sucks because I'm going to lose some projects. Oh well.

[Gr.Viper 131]

Isn't that a bit of an overkill?

[Guest rscsjsuso5]

what about a windows xp repair not the clean install option which will wipe out all info. , maybe the repair will break some coding of that trojan and let you salvage with what ever you have to a external harddrive.

 

like i said this my suggestion if you know what you are doing.

 

it breaks my heart a fellow sim pilot's computer has to go this way.

 

i hope all ends well especially with recovering with what ever you can get .

 

useful link to scan and delete trojan http://housecall.trendmicro.com/ http://free.antivirus.com/rootkit-buster/

Edited January 24, 2011 by rscsjsuso5

[Slartibartfast 153]

There is a way to clear the registry I need to remember how to do it and remember which software to use I have done it before with one of these trojans...

 

also download something called Rootkit Revealer as it should show you what extra software is running in the root so you can go looking for it and delete them this may allow you time to run Task manager once you have deleted the evil parts. Or I can PM you Rootkit revealer its free software so no issues on sending it over. Let me know by PM or on here...

 

Link for the software

 

http://technet.microsoft.com/en-us/sysinternals/bb897445

Edited January 24, 2011 by Slartibartfast

[MaverickMike 10]

can you boot into safe mode? If you can have a look at your startup programs and see if you can find one that relates to the trojan. If you can stop it from runnning at system startup then a scan using antivirus software should find it. I have gotten rid of a few of these in the past so if you need any more help let me know.

 

Only reformat as a last resort

 

Mike

Edited January 24, 2011 by MaverickMike

[Twizard 1]

I know your pain!!!! Have had a similar malware attack and had to reformat. What i do now. Have a separate General account that allows no executables. Only open the internet through that account. With downloads, before I extract, I scan them individually with Norton, Spysweeper and Malwarebytes. My main pretection is the new Norton but I have Spysweeper monitoring my system as well. Have them running in both administrative and general but do major sweeps in administrative. You may also need to run your games in administrative as well as older programs. This, I know is not foolproof but I have already stopped at least two viruses this year by this method. Good luck!!!

[+Jimbib 733]

Malwarebytes is not a bad idea at all, have used it at times when I've had a virus that would not allow me to start any programs. You should be able to use safe mode if needs be to get it. Some decent illustrated instructions here.

 

http://www.bleepingcomputer.com/virus-removal/how-to-use-malwarebytes-anti-malware-tutorial

[FastCargo 412]

Isn't that a bit of an overkill?

 

"I say you log off and nuke the entire computer from orbit. It's the only way to be sure."

 

FC

[Caesar 305]

My parents got hit last week with a somewhat nasty trojan very similar to the one you describe. I countered with HijackThis! followed by MalwareBytes and it killed the malicious program, found and destroyed the trojan, and some 900 of the fake files it created. Said program disabled AVG, so I had to go around with the more serious tools. The computer is back up and running.

 

EDIT: Is the fake program found in the "ProgramData" folder, with a three-letter filename, and a new icon on the desktop, kind of looking like a blue orb on a gray base? If so, that's the same fake program and Trojan.

Edited January 25, 2011 by Caesar

[GwynO 16]

A big part of the PITA with trojans, viruses and all that stuff, is trying to heal a sick computer, by using that same sick computer.. once your OS is compromised with a Trojan or Virus that locks you out from using things like anti virus or task manager.. don't panic! Just find a friend who has an encloser, or shell out £20 for one.. basically they're plug and play boxes for you to put a hard drive in, and connect it to a PC or laptop via USB cable just like you'd do with an external drive or USB memory stick. So physically remove the sick, infected hard drive from your PC, put it in the enclosure and connect it to another PC or laptop that has antivirus working, when the thing connects and you get the dialogue box asking to check the drive for viruses, voila. At least this has worked for me in the past, and similar issues with unmovable corrupted files which were making it impossible for me to re partition my drive how I wanted.. defrag while in an enclosure worked like a charm.

[Gr.Viper 131]

Ask someone to burn you an anti-virus rescue disk like Kaspersky's or AVG's. That thing boots from CD into Linux, mounts you hard drives without letting anything from them to run and scans the contents.