Author Topic: Virus Remains  (Read 2858 times)

Offline Gagagigo3

  • Jr. Member
  • **
  • Posts: 53
Virus Remains
« on: March 17, 2008, 03:23:18 PM »
Hello,

I need some help on the remains of a virus.

I had a virus on my computer and so far i know it is now removed. It was a trojan horse which came with a download.
The trojan horse installed a trojan.downloader and a trojan.uploader. Also it installed a pair of icons (similar to that of my virus scanner thingy) that redirected me to a site were i could buy a virus scanner to solve the problem. ( I didnt do it, really...only a fool/idiot would do it )
Now, i removed the virus from my computer but because the icon is not a virus but a installed part my virus scanner cant remove it.
Could anyone tell me how i can remove the icon from my destkop toolbar.
(Additional useless information :blush: :The icon is next to my destkop clock on the toolbar. Yust in case som1 didnt get it from the story :lol: )

PS:  :op2: rulez...had to do it  :heh:  
Extinction is just the beginning.

Check this out, it rocks

Offline BlackBox

  • Administrator
  • Hero Member
  • *****
  • Posts: 3093
Virus Remains
« Reply #1 on: March 17, 2008, 08:17:49 PM »
Try booting into safe mode and removing the icons there. Programs that automatically startup on demand (like many malware programs) will be disabled, and only the minimum needed to start up will get loaded. To do this:

Reboot your computer. As soon as you hear the beep / BIOS POST finishes loading start pressing F8 (usually you get best results if you press it repeatedly, rather than holding it down). You should get a black screen with a menu. Use the arrow keys to move the option to Safe Mode with Networking and press enter to start up.

The screen will scroll a list of drivers and then Windows will start at a greatly reduced resolution. Click yes to the prompt regarding continuing work in safe mode. (Don't try to do any "normal" tasks in safe mode like surfing the internet, writing documents etc). You should be logged on as someone with administrative access (or the Administrator account) to do these things.

Try deleting the icons from the desktop / toolbars, etc. Hopefully you should be able to delete them in safe mode. Once you've done that, reboot the computer normally and see what happens.

You might also try running the virus scanner or spyware scanners again in safe mode to see if they can clean up any loose ends. (Though they might refuse to function at all in safe mode).

Hope that helps.

Offline Eddy-B

  • Hero Member
  • *****
  • Posts: 1186
    • http://www.eddy-b.com
Virus Remains
« Reply #2 on: March 18, 2008, 03:06:55 PM »
If it's in your tasktray, it sounds like it installed itself as a service.
You can go to your services (assuming you are using XP) and disable it there... that would be step 1.

Well, no.. step 1 would be: DON'T DOWNLOAD VIRUSES OFF THE INTERNET (to quote you: "only a fool/idiot would do it")... the other day i had someone - who shall remain nameless (and NO, it was not me) - who actually clicked and installed a program off the internet called "Free windows registry cleaner".  Ten minutes later she screams " my desktop ... there's no bar at the bottom! can you help me ?!"    .. turned out there was no taskbar, explorer wouldn't run properly. Not in any account except safemode. So be warned; it's called "FreeWinRegCleaner.exe"

Anyway...   :yawn: Step 2 would be to get a good anti-virus/spyware program. Step 3, and this is important: a good firewall (i don't trust microsoft's.. hell i don't trust ANYTHING they make to work like it should, including windows itself).

Step 4, as i stated above: DON'T DOWNLOAD STUFF and expect to stay virusfree. Well you can get stuff that you absolutely KNOW is ok, like downloading a shareware version from a respected company off their OWN site (or mostly download.com & cnet are ok as well).

I managed to evade virusses and other bad stuff for 15 years now, and i have never, NEVER had a virus scanner on pc's ever. So far, the score is: virusses 3 - me nil
So, 1 virus every 5 years or so isn't bad :D

First time was the Tremor virus which was a really NASTY one. Took me a while to realize how i got it. My cousin loaned me a disk with a virus-scanner to try out, back in '94 i think it was. Turned out Tremor was embedded into McAfee. And of cource McAfee didnt even SEE the virus. I tried several virus scanners until i found one that recognized it (F-Prot). The solution: "Desinfection impossible; delete all infected files" Yeah right - 60% of all my executables were infected!   So.. i wrote a program that did something no other virus scanner could do (to this day it's still the only program that does this!): it desinfected my infested hardrive and made it 100% virus-free. (am i showing off?) [size=8]tremor info[/size]

#2 was "I love you"  .. well not so much MY fault, as it is MicroCrap's big fr*ckin holes in outlook express!  Anyway: easy to clean, just wipe your registry

virus #3, or rather adware, was this stupid clockthingy. I forgot what's called but it exploits a security leak in IE that allows it to install desktop icons, in which they install a tiny program i guess.. anyway: there was this clock and 2 other "utilities" it installed. Annoying about it is that it reinstalls them at system boot after you remove them. Took me a while to figure out how they did that!


After that, i have not yet seen a virus that has the cajones to nestle itself into my pc. And all i use is common sense and AdGuard (=Norton nowadays) firewall.




Oh, i totally forgot: you have a virus problem, riiiite!
You could always use the XP boot cdrom ?
Rule #1:  Eddy is always right
Rule #2: If you think he's wrong, see rule #1
--------------------

Outpost : Renegades - Eddy-B.com - Electronics Pit[/siz

Offline Sirbomber

  • Hero Member
  • *****
  • Posts: 3238
Virus Remains
« Reply #3 on: March 18, 2008, 09:30:39 PM »
Quote
Step 4, as i stated above: DON'T DOWNLOAD STUFF and expect to stay virusfree. Well you can get stuff that you absolutely KNOW is ok, like downloading a shareware version from a respected company off their OWN site (or mostly download.com & cnet are ok as well).
I'm a trustworthy source. I dare you to say otherwise.
If you have a virus, ask for help on a virus help forum if we can't help you.
That's all the advice I have for today.
"As usual, colonist opinion is split between those who think the plague is a good idea, and those who are dying from it." - Outpost Evening Star

Outpost 2 Coding 101 Tutorials

Offline Gagagigo3

  • Jr. Member
  • **
  • Posts: 53
Virus Remains
« Reply #4 on: March 19, 2008, 03:19:08 AM »
Well, the icon is removed somehow :o . Must have to do with either Avast! (Which i DO standard have on my comp) or CCleaner :lol: . Also i readed on of my dads computer magazines which was about viruses and bots and stuff. I followed some advice  :heh: and i now have IE explorer set to high security.
Anyway, thanks for helping, it was usefull you know. (thumbsup)

If i still have problems il look for a proper forum. And i'l look out better when downloading stuff with bittorrent etc.
« Last Edit: March 19, 2008, 03:20:15 AM by Gagagigo3 »
Extinction is just the beginning.

Check this out, it rocks

Offline Hidiot

  • Hero Member
  • *****
  • Posts: 1018
Virus Remains
« Reply #5 on: March 19, 2008, 03:40:13 AM »
Firefox: higher security than IE can ever reach  ;)  
"Nothing from nowhere, I'm no one at all"

Offline Hooman

  • Administrator
  • Hero Member
  • *****
  • Posts: 4955
Virus Remains
« Reply #6 on: March 19, 2008, 06:22:22 PM »
Quote
Firefox: higher security than IE can ever reach

I'm sorry, but I just have to question your reasons for stating that? It seems a little unsupported. I'm always hearing claims about how non Microsoft stuff is superior to the Microsoft versions, which may be true in some cases, but I generally find a real lack of supporting evidence associated with any of those claims. If this something you're saying mainly because you heard it elsewhere, or is there some more specific reason that you could quote (and source) or some technical aspect that you could explain?
 

Offline Sirbomber

  • Hero Member
  • *****
  • Posts: 3238
Virus Remains
« Reply #7 on: March 19, 2008, 08:32:21 PM »
Silly Hooman, Microsoft stuff is automatically inferior because they are an evil capitalist empire out to destroy the world and force us to buy their inferior products.
I mean, duuuuuuh...

That WAS sarcasm, in case people didn't realize.
"As usual, colonist opinion is split between those who think the plague is a good idea, and those who are dying from it." - Outpost Evening Star

Outpost 2 Coding 101 Tutorials

Offline Savant 231-A

  • Sr. Member
  • ****
  • Posts: 486
    • https://www.outpost2.net
Virus Remains
« Reply #8 on: March 20, 2008, 06:34:37 AM »
Also, check your computer for any new installed software. Last time i got infected by a virus, an Rogue anti-spyware/virus software installed on my computer... I think it was spy dawn

Anyway, it is a long way to clean it (infects everything, including windows, and reinstalls itself after deleting) I had to delete and reinstall windows after that

2. Buy yourself a REAL AV. Avast! is not too good by my opinion. Try to search the net to see which one is the best, than buy it. Free stuff won't help you.

3. Download Windows Defender. I know, Microsoft sucks... but, WD has a usefull utility. You can monitor which thing is getting installed, where, how, and how to disable it. It also checks for autorun programs (the programs that begin running after windows boots. Spyware and viruses usually start as a autorun program)

4. Stay away from "evil" sites :D Don't visit sierra.com :P
Gordon Freeman, and mr. Crowbar would own Master Chief in any part of the day.
"Come here citizen."

"From the ashes of the collapse we seek to build a better world for all."