PDA

View Full Version : Trojan Virus?


Okamii
July 9th, 2009, 01:45 PM
ok yesterday when i was on this site all of a sudden a little window said WARNING: your computer has a dangerous trojan virus! and it directed me to this one site and installed this thing called System Security but it did it by itself. i didnt agree to install it. and now it changed my background to something that has very small numbers that r 101010 all over and it says : WARNING YOUR IN DANGER YOUR COMPUTER IS AFFECTED and something popped up and scanneed my computer and it said that i have 364 trojans in 1 of my files. i know this isnt true and i think this is the thing that got me the virus cuz i havent downloaded anything harmful. and so now im screwed cuz it wont let me un install this thing it says : You must get permission from the administrator and yes, i have it set to where I am the admin. and it wont let me download or run anything. i dont have a restore disk either. I KNOW that this thing is what gave me it cuz my other computer it did the SAME thing on this website and it said the SAME thing it said on this laptop. i have no clue as to what i should do.

Spinor
July 9th, 2009, 02:12 PM
http://s2.thisnext.com/media/230x230/holy-crap-Eraser-Paper-Source_C21DD0F5.jpg

If you can't run a package as "Run as Administrator" in the right click, you may as well kiss that PC goodbye.

.little monster
July 9th, 2009, 02:16 PM
ok yesterday when i was on this site all of a sudden a little window said WARNING: your computer has a dangerous trojan virus! and it directed me to this one site and installed this thing called System Security but it did it by itself. i didnt agree to install it. and now it changed my background to something that has very small numbers that r 101010 all over and it says : WARNING YOUR IN DANGER YOUR COMPUTER IS AFFECTED and something popped up and scanneed my computer and it said that i have 364 trojans in 1 of my files. i know this isnt true and i think this is the thing that got me the virus cuz i havent downloaded anything harmful. and so now im screwed cuz it wont let me un install this thing it says : You must get permission from the administrator and yes, i have it set to where I am the admin. and it wont let me download or run anything. i dont have a restore disk either. I KNOW that this thing is what gave me it cuz my other computer it did the SAME thing on this website and it said the SAME thing it said on this laptop. i have no clue as to what i should do.
Well first of alll, that pop up was a scam. It just linked you to software that was pack full of trojans and viruses, most likely. So, now, more than likely you will have to re-install whatever operating system you are using. This is because it is not letting you download anything. But what I would do is..

1. Re-install the operating system.
2. Get an anti-virus because it's very obvious you don't have one now.
3. Get Mozilla to block pop-ups and have more security.
4. Only do things that you know are safe, if you don't know if they are ask someone.

However, I am not a computer genius. This is the way I would do it because it's the only way I know how to. I HIGHLY suggest you wait for replies from people who know more. Mine is just a last resort.

And don't listen to K9, if you cant remove them you will have to re-install the operating system. That's how you will save it, it is salvagable. :| Don't throw it away because of K9.

Zet
July 9th, 2009, 02:53 PM
Do you still have a recovery partition if you didn't get a recovery CD? if so, use it

Hotaru
July 9th, 2009, 05:40 PM
Like Ctep said, the popup was most definitely a scam to get you to download infected software. :/

It's likely that you'll be able to salvage your computer, though. Do you have any type of anti-virus software? If you do and can run a scan, there's a possibility that it will be able to remove it.

If you don't, I recommend visiting TrendMicro's free scan, HouseCall (http://housecall.trendmicro.com/). I have had extraordinary luck with this scan; it's very in-depth and has caught things even my anti-virus software left undetected. It's free and definitely worth a try.

twocows
July 9th, 2009, 05:58 PM
I'll help you VIA PM. I'll need to take remote control of your PC to help, though, as this is a virus I've dealt with before, and it was hard enough with physical access.

Eureka1
July 9th, 2009, 06:19 PM
Boot to Safe Mode with Networking by hammering F8 on startup. Run a deep scan with a-squared Free and it should be all gone, providing it is JUST trojans.

http://www.emsisoft.com/en/software/free/

But as stated above, unless you're unable to do a clean reinstall use the above method. Personally I'd just nuke the OS.

Armaina
July 9th, 2009, 07:28 PM
As many others said you will need to run a scan on your computer, usually in safemode. If you install an antivirus program, a legitimate one, usually they will scan your computer after install before the OS loads, before you even get into Safe Mode, which is honestly, the best way to scan and get rid of the virus. However there is still a chance you may not get rid of it all and you might need to reinstall.

http://www.avast.com/ this is a great free anti-virus, and my personal favorite, better than AVG IMO. You could even at least try the free trial of NOD 32, http://www.eset.com/, one of the best anti-virus out there, though you would have to pay for it later, but at least the free version can help clean the computer. There are also other programs you can use to clearn your registry but unless you know what you're doing, they can be tricky and could mess up the OS if you're not careful.

Zet
July 9th, 2009, 07:35 PM
I wish people could read, TC said they can't run or download anything

Mr.Silver
July 9th, 2009, 08:03 PM
You might have to reinstall windows

Eureka1
July 10th, 2009, 12:26 AM
I wish people could read, TC said they can't run or download anything

But they haven't tried Safe Mode with Networking.

Corvus of the Black Night
July 10th, 2009, 05:41 AM
I'll help you VIA PM. I'll need to take remote control of your PC to help, though, as this is a virus I've dealt with before, and it was hard enough with physical access.
I met Twocows on another forum - he's very knowledgeable and you'll definitely be able to trust him.

A lot of scams popped up on my compy as well when I used IE, and let me just give you a hint of advice - never, EVER click what is in those popups (unless it isn't your computer of course). Also, keep your recovery disk with you at all times, which may be a bit late to say now though. :\

Captain Fabio
July 10th, 2009, 10:08 AM
There are a few things that Twocows should cover with you in that PM.
However, how are you going to take control of his computer, if it is incapable of doing anything?

Any way, if that fails, you will have to format your HDD. =[

twocows
July 10th, 2009, 10:17 AM
There are a few things that Twocows should cover with you in that PM.
However, how are you going to take control of his computer, if it is incapable of doing anything?

Any way, if that fails, you will have to format your HDD. =[

I was going to try safe mode with networking first to see if I could get remote access that way. If that fails, I can try to go through the process of removing it; it sounds like the MS Antivirus/Vundo malware (also known as Antivirus 2009), which is one of the most painful to remove, but I've had experience with getting rid of it. What really tipped me off was that it changed the wallpaper; every instance of it that I've dealt with has had this exact same symptom. VundoFix (http://vundofix.atribune.org/) by Atribune has helped me in a few situations of this malware; after VNCing in, that's the first thing I'll try.

Glitchfinder
July 10th, 2009, 11:52 AM
Why does no one here seem to realize that part of this problem is an embedded rootkit? Honestly, that's the first thing you need to get rid of. That's what is downloading more and more viruses and trojans, and, until you get rid of it, you'll never be free of this issue. There are several solutions, and they vary depending on exactly what rootkit you have. You can usually figure it out with a quick search of rootkit along with whatever software they forced you to download.

twocows
July 10th, 2009, 11:57 AM
Why does no one here seem to realize that part of this problem is an embedded rootkit? Honestly, that's the first thing you need to get rid of. That's what is downloading more and more viruses and trojans, and, until you get rid of it, you'll never be free of this issue. There are several solutions, and they vary depending on exactly what rootkit you have. You can usually figure it out with a quick search of rootkit along with whatever software they forced you to download.
If I'm correct, Vundo is what's downloading all the stuff. Technically, Vundo's a trojan, though it is rootkit-like in that traditional anti-virus programs can't get rid of it.

Zet
July 10th, 2009, 05:28 PM
Why does no one here seem to realize that part of this problem is an embedded rootkit? Honestly, that's the first thing you need to get rid of. That's what is downloading more and more viruses and trojans, and, until you get rid of it, you'll never be free of this issue. There are several solutions, and they vary depending on exactly what rootkit you have. You can usually figure it out with a quick search of rootkit along with whatever software they forced you to download.
And how would one go about running something when they can't run anything?

twocows
July 10th, 2009, 05:46 PM
And how would one go about running something when they can't run anything?
The necessary programs will probably run in safe mode, even if they don't run normally.