my PC is INFECTED with a trojan horse...

Discussion in 'Windows, Linux & Others on the Mac' started by whyrichard, Jun 7, 2007.

  1. whyrichard macrumors 68000

    Joined:
    Aug 15, 2002
    #1
    I think i just got my first trogan horse...

    running avast and adaware. avast cought it, adaware is picking up critical objects, both scans pending...

    ...my background is red, i keep getting balloons telling me that i should buy this anti spyware software... etc...


    ... how do i save my pc? i have been so careful, but it's been compromised!@



    thanks,
    r.
     
  2. kwood macrumors 6502a

    kwood

    Joined:
    Jun 26, 2006
    Location:
    In the Great White North.
    #2
    Easiest thing to do is back-up then wipe the drive. Or if you are ambitious some virus scans will tell you where the virus is located. You can then hunt it down and try to delete it. It will take a bunch of restarts to finally get it but it can be done. Personally, when it does happen to me (and it hasn't in at least 2 years) it is quicker to erase the drive then restore from a back-up.

    Options:
    Spend over an hour hunting down the virus and removing it.

    or

    Spend 30 minutes formatting the drive (quick) and go with a fresh install of Windows.

    I go for the latter, less stress and more time to deal with important things.
     
  3. SMM macrumors 65816

    SMM

    Joined:
    Sep 22, 2006
    Location:
    Tiger Mountain - WA State
    #3
    Most of this stuff can be corrected by the programs. If not, you will have to identify WHAT you have, then research how to esponge it. You may be screwed.
     
  4. kwood macrumors 6502a

    kwood

    Joined:
    Jun 26, 2006
    Location:
    In the Great White North.
    #4
    This is why I always keep a constant back-up ready for a restore at a moments notice. Who actually wants to research on how to get rid of the problem when it can be corrected within an hour. I had to learn the hard way many a time.:cool:
     
  5. e²Studios macrumors 68020

    e²Studios

    Joined:
    Apr 12, 2005
    #5
    Before you blow away the drive see if you can go back to a restore point. Chances are if you installed something or didn't mess with the backup utility in XP and Vista it makes regular restore points that you can go back to. This would allow you to go back to a previous date when the virus wasn't there rather than wiping the HD.

    http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx

    http://www.microsoft.com/windows/products/windowsvista/features/details/backup.mspx

    Ed
     
  6. PCMacUser macrumors 68000

    PCMacUser

    Joined:
    Jan 13, 2005
    #6
    Dude, dude dude *shakes head*... What did you run to get that? Don't tell me you clicked on one of those popups that says 'install this anti spyware software'...
     
  7. whyrichard thread starter macrumors 68000

    Joined:
    Aug 15, 2002
    #7
    nononono! it was a strange program installation... not some popup... something from china...


    anyways...


    ...when using avast's bootup scan, it finds a few files, gives me the option to delete them "press 2", but i can't with my keyboard. do i need a ps2 keyboard to select 2 in the bootup scan?


    r.
     
  8. pjarvi macrumors 65816

    pjarvi

    Joined:
    Jan 11, 2006
    Location:
    Round Lake, IL
    #8
    Download Hijackthis, boot Windows into Safe Mode (press F8 before Windows starts to boot), run Hijackthis and select the 2nd option to do a scan and save a logfile. Post or attach the logfile to this thread, and I'll type up some instructions on what to do if you want to manually remove it.

    It takes me less than an hour to remove viruses from PC's at work, much better than spending 4+ hours reinstalling Window+Drivers+Updates+Software.
     
  9. contoursvt macrumors 6502a

    Joined:
    Jul 22, 2005
    #9
    Agreed on the Hijackthis. Takes care of most things. I also find the AVG anti-malware to be a pretty good software.
     
  10. kazkom macrumors newbie

    Joined:
    Jan 7, 2008
    Location:
    scotland
    #10
    are we effected by trogans?

    i am a macuser, am i effected by it? my friend says i have one and it is sending itself to other people via msn. i dont think it effects me. but it may be a long term problem...
     
  11. The Flashing Fi macrumors 6502a

    Joined:
    Sep 23, 2007
    #11
    Affected by what? Viruses?

    I can't look at your computer and tell you. If your friends say that they're getting messages from you that attempts to put a virus on their computer, then you probably are affected by a virus. Do you have any virus protection? Do you actually USE it (run virus scans)?
     
  12. Dmac77 macrumors 68020

    Dmac77

    Joined:
    Jan 2, 2008
    Location:
    Michigan
    #12
    Download clamX and run a scan of your drive. I will tell you if you have any infected files. There aren't any known viruses for Macs, but you can pass viruses along to Windoze users.

    Don
     
  13. Macloven macrumors regular

    Macloven

    Joined:
    Aug 25, 2008
    #13
    there are many app's now that give false virus messages and offer to sell you something to fix them. the viruses are b.s. A buddy had this problem last week...he researched the messages and turns out a fix was on the Microsoft website on how to get rid of the p.o.s. software that was messing with his system.

    Mark
     
  14. BrownPlopz macrumors regular

    Joined:
    Feb 25, 2008
    Location:
    Behind you, I'm your shadow...
    #14
    Something useful (not only now, but also in the future) for you would be Hiren's Boot CD. It's choc'd full of Disk Utilities, diagnostics, virus-removers, etc, and it all fits on one CD.
     
  15. Zaeyde macrumors member

    Joined:
    Jun 26, 2008
    #15
    I think I got hit with the same thing you did. (My fault, I wasn't running antivirus and I was pirating a program. I had bought the program but lost the disc. Oh well.)

    That thing installed keyloggers and stuff that crippled my computer so bad I couldn't access anything online, couldn't go to my computer, couldn't even shut down. Completely took over the whole thing.

    I must say, it was a nicely done virus.

    Anywho.
    I just wiped it and started over. But I don't think yours is so extreme.
     
  16. jaikob macrumors 6502

    jaikob

    Joined:
    Jul 1, 2008
    Location:
    Freeland, MI
    #16
    download the trial of Trojan Remover, the trial is a full trial, so you get full functionality.

    http://www.simplysup.com/

    That should take care of it for you.
     
  17. toolbox macrumors 68020

    toolbox

    Joined:
    Oct 6, 2007
    Location:
    Australia (WA)
    #17
    go to google and type in malware bytes download that, i have had huge success with that
     
  18. 7031 macrumors 6502

    7031

    Joined:
    Apr 6, 2007
    Location:
    England
    #18
    Sounds to me like you've given out your password somewhere and something is hijacking your account. Change your MSN password and see if it stops.
     
  19. chrono1081 macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #19
    Lol for future reference its just called a Trojan. A Trojan Horse is different but has the same concept.

    Sounds more like you have a desktop highjacker but you could have both easily. For antivirus I like Kaspersky or NOD32 (no norton please, its freaking terrible but thats another story)

    Antispyware like Webroot Spysweeper is pretty good to have as well.
     
  20. xlii macrumors 68000

    xlii

    Joined:
    Sep 19, 2006
    Location:
    Millis, Massachusetts
    #20

    Just for the record. I like Nortons. I've used it for over 10 years and while I don't get that many viruses... the ones I have gotten have been trapped, contained, cleaned... no problems with my machines in all those years.
    I have it on both my PC's and my kids MBPRO at school. While her machine has had a few in college that were for PCs... they have been trapped and stopped so she is not the one who will pass it on to someone else.
     
  21. pwn247 macrumors 6502

    pwn247

    Joined:
    Aug 30, 2008
    Location:
    West Virginia, USA
    #21
    Just to clarify: is this virus in your Windows environment, or your OS X environment? I would expect it to be on the Windows side of your computer, as there aren't any live viruses out for OS X at the moment. ;)
     
  22. toolbox macrumors 68020

    toolbox

    Joined:
    Oct 6, 2007
    Location:
    Australia (WA)
    #22
    Also one more tool to add, download smitfraudfix, update date that once downloaded. Rebooted into safe mode and run the tool then - This tool has to be run in safe mode
     

Share This Page