5
Contributors
12
Replies
13
Views
7 Years
Discussion Span
Last Post by PhilliePhan
0

Simple!

Use an Antivirus, there are many freely available anti-viruses on Internet just search for it in google.

0

Simple!

Use an Antivirus, there are many freely available anti-viruses on Internet just search for it in google.

Of course there are many antivirus programs, but the trojan may have stopped the anti-virus program from working, read some more and you may find an answer, failing that back up your data and format the hard drive, that will sort out everything for you, then reinstall your programs as I will have to do, I am speaking from personal experience in dealing with a trojan called "Install_Patch.exe - Trojan - Downloader Win32. bagle.bxn. Why was it me? What did I do to deserve a trojan, what do the perpetrators get out of it I wonder, please enlighten me, I am all ears. I wonder who is behind these viruses?

0

Well in your instance..I'd recommend 'a-Squared Free' you can download it at:

http://download.cnet.com/A-squared-Free/3000-8022_4-10262215.html

A-squared free will most likely find it but not be able to remove it. The problem lies in the fact the nasty trojan you have is probably a root kit. So basically its embedded itself in your critical windows registries and removing it would destroy not only the trojan but the criticla system registries.

In that case I'd recommend backing up your files and doing a System Restore.

0

Well in your instance..I'd recommend 'a-Squared Free' you can download it at:

http://download.cnet.com/A-squared-Free/3000-8022_4-10262215.html

A-squared free will most likely find it but not be able to remove it. The problem lies in the fact the nasty trojan you have is probably a root kit. So basically its embedded itself in your critical windows registries and removing it would destroy not only the trojan but the criticla system registries.

In that case I'd recommend backing up your files and doing a System Restore.

What if the system restore points are not available and neither is the safe mode option. What do I do then?

0

What kind of computer do you have?

Whatever computer you have there is probably a complete system restore option which will reset your computer like it first came out of the box. This is usually not Windows specific but is an option that manufacturers will include in their Windows Build.

I was in your position and was forced to do this. I tried everything and I mean EVERYTHING to get rid of it and couldn't so I thinking nuking the site from orbit is the only way to be sure.

Did it come with a boot disk?

0

What kind of computer do you have?

Whatever computer you have there is probably a complete system restore option which will reset your computer like it first came out of the box. This is usually not Windows specific but is an option that manufacturers will include in their Windows Build.

I was in your position and was forced to do this. I tried everything and I mean EVERYTHING to get rid of it and couldn't so I thinking nuking the site from orbit is the only way to be sure.

Did it come with a boot disk?

It is Windows XP, laptop model 558, x86 based pc. I was supposed to have been protected by my anti-virus program from Avast, but it just demolished that as well as my registry cleaner, I could not access the Avast web site because of the virus so I emailed them and asked them what to do, they suggested backing up my data and formating the hard drive, which a friend is going to do for me as I do not have the Windows XP program plus the other programs that I had installed on there.

0

....... which a friend is going to do for me as I do not have the Windows XP program plus the other programs that I had installed on there.

That is not a good idea because, in essence, you will be pirating Windows and if you and your friend are sharing the same product key, you'll not be able to get the critical patches from M$ and you'll likely get re-infested quickly.
Windows updates are the first line of defense against malware and you won't be able to get them.....

PP :)

0

That is not a good idea because, in essence, you will be pirating Windows and if you and your friend are sharing the same product key, you'll not be able to get the critical patches from M$ and you'll likely get re-infested quickly.
Windows updates are the first line of defense against malware and you won't be able to get them.....

PP :)

Ok, please tell me what I should do now.

0

Ok, please tell me what I should do now.

If you are going to re-format and re-install windows, you'll need to buy a legal copy of XP (or whatever OS you desire) in order to get all the critical updates and patches.
M$ has really cracked down on piracy in the last few years with Windows Genuine Advantage . . . .

As for Avast! being demolished by the malware - You really need to have some sort of good anti-malware program running in conjunction with your AV to be properly protected.
Some AV products deal with Trojans / Worms and other "non-viral" malware better than others. The Kaspersky Security suite is pretty solid in this regard.

-- Have you tried running MBAM or combofix to address your infestation?

PP:)

0

If you are going to re-format and re-install windows, you'll need to buy a legal copy of XP (or whatever OS you desire) in order to get all the critical updates and patches.
M$ has really cracked down on piracy in the last few years with Windows Genuine Advantage . . . .

As for Avast! being demolished by the malware - You really need to have some sort of good anti-malware program running in conjunction with your AV to be properly protected.
Some AV products deal with Trojans / Worms and other "non-viral" malware better than others. The Kaspersky Security suite is pretty solid in this regard.

-- Have you tried running MBAM or combofix to address your infestation?

PP:)

Hello my friend, thank you so much for the information, I really do appreciate it of you to take the time to write.
No, my friend had a look at it, he could not run it in safe mode, he took it away to do some checks on it, brought it back and suggested that the hard drive needed to be formatted so that the system files could be reinstalled free of viruses, Avast also said the same thing. I would like to know what happens with my Win XP licence if I reformat the hard drive, version 3 update has already been installed, with that and Avast the trojan was able to destroy my files. I contacted Kapersky to use their program to scan the pc but Avast has to be removed first, which is impossible to do as things stand at the moment, the virus seems to detect Avast and the other cleaner but not registrysmart, I also cannot run Hijackthis or other malware programs. I would prefer to have a genuine copy of Windows XP than a pirated program, I had a look in the PC World website for one but could not find one. Is it worth buying a new copy because it will be obselete fairly soon. I am not paying £46 to ask Microsoft a question, it is a ridiculous situation. When I get it sorted out I think I will change to Kapersky for their anti-virus program also their service and support is much better, instead of waiting 24 hours for Avast to respond, Kapersky responded within a couple of hours. It is true what they say "you don't get anything for nothing" It is ironic that Avast database was updated nearly every eight hours but still did not detect the virus. I will have a look at what you suggest with MBAM and Combofix. I will let you know how I get on. Thanks again.

0

Hello my friend, thank you so much for the information, I really do appreciate it of you to take the time to write.
No, my friend had a look at it, he could not run it in safe mode, he took it away to do some checks on it, brought it back and suggested that the hard drive needed to be formatted so that the system files could be reinstalled free of viruses, Avast also said the same thing. I would like to know what happens with my Win XP licence if I reformat the hard drive, version 3 update has already been installed, with that and Avast the trojan was able to destroy my files. I contacted Kapersky to use their program to scan the pc but Avast has to be removed first, which is impossible to do as things stand at the moment, the virus seems to detect Avast and the other cleaner but not registrysmart, I also cannot run Hijackthis or other malware programs. I would prefer to have a genuine copy of Windows XP than a pirated program, I had a look in the PC World website for one but could not find one. Is it worth buying a new copy because it will be obselete fairly soon. I am not paying £46 to ask Microsoft a question, it is a ridiculous situation. When I get it sorted out I think I will change to Kapersky for their anti-virus program also their service and support is much better, instead of waiting 24 hours for Avast to respond, Kapersky responded within a couple of hours. It is true what they say "you don't get anything for nothing" It is ironic that Avast database was updated nearly every eight hours but still did not detect the virus. I will have a look at what you suggest with MBAM and Combofix. I will let you know how I get on. Thanks again.

I tried the MBAM but I did not have any luck, the nearest I got to the site was the click on the link and the screen just went blank, I have downloaded other virus detectors but they will not work when I open the download page they flash on and off as though they were blinking at me or laughing. I expect it may be the same with Combofix. Thanks for trying.

0

he took it away to do some checks on it, brought it back and suggested that the hard drive needed to be formatted so that the system files could be reinstalled free of viruses, Avast also said the same thing.

A reformat is probably the best course of action in your case.
In some cases, though, that is problematic - not having a copy of your Windows CD is one of those cases....

I would like to know what happens with my Win XP licence if I reformat the hard drive, version 3 update has already been installed,

Because of the Windows Genuine Advantage software, you would not be able to get the critical updates needed to keep your system secure.
Also, you would be unable to receive support in many security forums due to an "illegal" OS....
You might be able to contact M$ for assistance - if you do have a valid product key, they might be able to help.

I would prefer to have a genuine copy of Windows XP than a pirated program, I had a look in the PC World website for one but could not find one. Is it worth buying a new copy because it will be obselete fairly soon.

That depends on a number of factors. Personally, I have some programs that run optimally with XP and they are no longer supported - So I'll keep XP for those.
If you do decide to move up to, say, Windows 7, you might need a bump up in RAM as well.... 'Course that would also be the most expensive path....

It is ironic that Avast database was updated nearly every eight hours but still did not detect the virus. I will have a look at what you suggest with MBAM and Combofix.

I did not ask you to run Combofix - only if you had already tried. There are certain procedures that need to be completed beforehand....

-- Your issue is probably not a "virus," which your AV is geared toward stopping. More likely you have some rootkitted trojans / backdoor bots that are messing things up. I couldn't tell you for certain without seeing some scanlogs.

I tried the MBAM but I did not have any luck, the nearest I got to the site was the click on the link and the screen just went blank, I have downloaded other virus detectors but they will not work when I open the download page they flash on and off as though they were blinking at me or laughing. I expect it may be the same with Combofix. Thanks for trying.

As I mentioned, there are some additional procedures we would need to take in order to try to get those tools to run.

If you would like to give them a try, let me know.
I am really busy these days with work and the holidays, so if you are going to reformat anyway, I'd rather not commit my time to trying to clean this.

Cheers :)
PP

Edited by PhilliePhan: n/a

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.