Trojan! Help!

RS_MCPRS_MCP Member Posts: 352
I was surfing the web and a pop up had appeared, accidentally I clicked the run butter rather than cancel!

Now there has been a Trojan detected on my laptop after I ran a virus scan with my installed Mcafee security software.

How do I get rid of it?
«1

Comments

  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Format if you do any type of banking. It's too much of a risk imo. Other than that, update definitions, scan, pray. The Trend Micro free online virus scan is actually really good. Check it out here Also, 2 good anti-spyware utilities I like to use are Spybot and Ad-aware. Still though, if it were me, I'd format.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • hettyhetty Member Posts: 394
    Update your virus definitions.
    Run a scan.
    Quarantine it.
    Reboot to safe mode.
    Run another scan to be safe.
    Reboot.
    Fingers crossed.
    Run an anti-sypware program too & repeat.
    royal wrote:
    Format
    Id do that depending on the Trojan. But you need to get your settings off first though.
  • RS_MCPRS_MCP Member Posts: 352
    My Desktop is telling me to install a antispyware software.

    The link is linking to this website.

    [moderated]

    I need to know if this is safe?
  • hettyhetty Member Posts: 394
    Dont provide a link to it! Nobody wants to get your malware dude!

    And no its not safe.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    hetty wrote:
    royal wrote:
    Format
    But you need to get your settings off first though.

    Well of course. That's assumed.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • hettyhetty Member Posts: 394
    royal wrote:
    hetty wrote:
    royal wrote:
    Format
    But you need to get your settings off first though.

    Well of course. That's assumed.
    Sorry, I was like an overprotective daddy there! Dont you format before getting your settings!!
  • RS_MCPRS_MCP Member Posts: 352
    Shall I purchase the "PC Cleaner"???

    I ran the free scan and its telling me my condition is critical & I should purchase the product in order to remove and delete the Trojan...

    What shall I do? I am to confused...
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Well speaking of overprotective, that's why I push formatting in case of any type of infestation. Virii can spread and infect other stuff. As soon as I think I am infected, I virus scan to try to clean before I save, I then save, and then format. I just do too much stuff in investing, banking, etc. to take a risk of leaving a virus on my computer and having people access my accounts and mess with my finances. I don't care what type of virus it is. Even in the corporate world, a business really should have an image of their desktops, so when a virus hits a system, shut that machine down immediately before it spreads and re-image it. I understand the whole, well, it can be fixed argument and I know people will disagree with me with format and forget scanning, but on the other hand, there are a lot of people who agree. It's more of a matter of opinion and preference than a right or wrong.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    That stuff's a scam dude. Either use a legitimate product or format (which is preferable, as others have mentioned).
  • RS_MCPRS_MCP Member Posts: 352
    Ok, Forget the scam products!

    How do I format? Then what do I do?
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    You passed 70-270 and 70-290. You don't know how to format and install an operating system? icon_eek.gif
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • RS_MCPRS_MCP Member Posts: 352
    royal wrote:
    You passed 70-270 and 70-290. You don't know how to format and install an operating system?

    I do know how to format when installing an opearting system, must I start these steps again due to a Trojan? I have never been in this situation, so its a learning experience.
  • hettyhetty Member Posts: 394
    In agreement with you royal, its too risky to take a chance.

    RS_MCP you are going to need to know this basic stuff for your new job. And like royal is saying if you passed those exams then you should know what to do. Trojan is a virus which will take over your machine, so you need to remove it. But some Trojans are really hard to get rid off so formatting is the safest route, even if anti-virus and anti-spyware says you are safe.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Not sure what you don't get about this.

    Not format and doing a clean = higher risk of virus still being on system due to software not catching it properly
    Format and re-install OS = Hard Drive being wiped to ensure virus will not be resident when you re-install the OS

    So you have 2 choices depending on the comfort of your risk tolerance. Clean with software and taking the higher risk or format and being more comfortable knowing that you spent more time formatting and re-installing with the assurance that the virus is gone.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • hypnotoadhypnotoad Banned Posts: 915
    Like Royal said, you have 2 choices. Regardless of what you do, back up your stuff.

    By stuff I mean favorites, documents, music, movies, photos, etc. Don't back up your programs, they'll need reinstalled. Don't back up anything that might be part of this trojan. Either put it on storage on a server or an external drive or burn it to DVD.

    P.S. don't purchase that bogus antivirus software. Just close those windows or click cancel.

    Also, don't take your computer to best buy.
  • RS_MCPRS_MCP Member Posts: 352
    Well, I downloaded 'Windows OneCare Antivirus & Spyware'

    It had detected 5 Trojans & Cleaned them all bringing my laptop back to its normal state.

    Currently running a complete scan of my computer...

    If I have any problems in the future then I will have no choice but to format.

    Thank you all for your help. It is my first time dealing with an event like this & have learnt hell of a lot from it.

    "I have the necessary certifications in my back pocket but that does not make me a Technical Expert! I am at a beginning learning stage in my IT career so have hell of a lot to take in as of yet...This is why I post threads like this because not only am I recieving great help but learning at the same time. If I dont know how to carry out the most piss easy tasks like 'Open the CD/DVD drive' then I will ask..."

    Thank you once again for your help! Enjoy the bank holiday! :)
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    RS_MCP wrote:
    It had detected 5 Trojans & Cleaned them all bringing my laptop back to its normal state, hopefully.

    Fixed.

    Really though, I'd still do the free online Trend Micro scan and do an Ad-Aware and Spybot scan. You can never be too sure.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • Tyrant1919Tyrant1919 Member Posts: 519 ■■■□□□□□□□
    Viruscan
    Ad-Aware
    HijackThis

    A step people overlook that I can frequently discover things that scans miss. Manually look through your Program Files, Windows, and System 32 folders. Arrange by date modified, Look through folders that have been recently changed. You'll most likely find something suspicious if you have something that shouldn't be there. Look at the files under said folders too. Most can be deleted manually if the process is killed. Others will have to be safe moded to be cleaned.

    The only 99% sure way is to format.
    A+/N+/S+/L+/Svr+
    MCSA:03/08/12/16 MCSE:03s/EA08/Core Infra
    CCNA
  • shednikshednik Member Posts: 2,005
    I'm also a fan of Spyware Terminator I use that on all of my systems now seems to do a great job of detecting anything. But also I'd honestly reformat if you had 5 trojans it doesn't take that long to do and if you've never done it then I definitely do it because when your doing desktop support level work like it sounds you new job will be. That's a very common task when there is some issue, hopefully there will be a standard syspreped image for the the workstations but at times you will still need to do a clean install. So honestly like others have said if you do anything banking related and such do a clean install and possibly change password to critical accounts.

    Just my 2 cents.
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    You really need to format so you can go through that learning experience. You have an excuse to format now, use it.
    My blog http://www.calegp.com

    You may learn something!
  • sthomassthomas Member Posts: 1,240 ■■■□□□□□□□
    Like the others have said I would recommend doing a format and reinstall the OS as well. Just put the Windows CD in and boot to it and follow the instructions from there. Make sure you do a regular format as opposed to a quick format. As a matter of fact, I would do a low level format because of rootkits. You would have to download software from the internet and burn it to a CD to do that. That probably is not necessary in your case but I am just paraniod sometimes. It is somthing to keep in mind though.
    Working on: MCSA 2012 R2
  • manny355manny355 Member Posts: 134
    I will +1 on most the posts here, and as a side note I would also suggest investing in some imaging software like Ghost or Acronis. This way after you format you can build yourself an image so that if this ever happens again you can get up and running with less of a headache.

    Just my 2 cents
  • RS_MCPRS_MCP Member Posts: 352
    Ok guys, I will have to format as it is best advised!

    Thank you.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    It's really a judgment call on your part. Some Trojans are fairly innocuous and just do things like try to sell you a removal tool while other Trojan problems are more serious and may result in things like foreign military invasions or unexpected pregnancies. A format and clean install is the safest route to take.
  • hugoluckyhugolucky Member Posts: 38 ■■□□□□□□□□
    RS_MCP wrote:
    I was surfing the web and a pop up had appeared, accidentally I clicked the run butter rather than cancel!

    just for future reference, dont click the "cancel" button either, or any other button in any popup, always right-click on the taskbar and close there, or use task manager to close, its safer, good luck
  • SieSie Member Posts: 1,195
    Mishra wrote:
    You really need to format so you can go through that learning experience. You have an excuse to format now, use it.

    +1

    Thou do bear in mind you want to do a full scan of the data you saving off the box you dont want to move the virus off and back on again.
    Foolproof systems don't take into account the ingenuity of fools
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Tyrant1919 wrote:
    Viruscan
    Ad-Aware
    HijackThis

    A step people overlook that I can frequently discover things that scans miss. Manually look through your Program Files, Windows, and System 32 folders. Arrange by date modified, Look through folders that have been recently changed. You'll most likely find something suspicious if you have something that shouldn't be there. Look at the files under said folders too. Most can be deleted manually if the process is killed. Others will have to be safe moded to be cleaned.

    The only 99% sure way is to format.
    +1,000

    That's the approach I usually take if I have a strong need to not reformat. Because when it comes down to it, you really can't depend on automated scanners to clean EVERYTHING off your system anymore. I've also found some nasty stuff on the root of C: and in the All Users profile folder.

    One other thing I use is the utilities from Microsoft's Sysinternals site. Particularly, TCPView and Process Explorer. TCPView will give you all programs that have attempted TCP connections and to which host the connection is being attempted (or successfully connected). A lot of these malware programs will execute a script that will download nasty stuff to your computer, and you can often catch it in action using this approach. Process Explorer can tell you all the dll files associated with a particular executable.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Of course, if you can format, do.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    RS_MCP wrote:

    "I have the necessary certifications in my back pocket but that does not make me a Technical Expert! I am at a beginning learning stage in my IT career so have hell of a lot to take in as of yet..."

    I've lost all respect for those certifications if this is the case.
    I thaught the xp exam was about installation and all that fluff, if you have the cert, i expect you to be able to do.Formatting a harddrive does not require any expertise.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • undomielundomiel Member Posts: 2,818
    It's possible to pass the exam without doing any installations. He could be a troubleshooting and administration wizard after all. So no reason to be too harsh on him, after all he has a brilliant learning experience right here in front of him! As I recall it took 4 tries to pass the exam? Or was that for the 290. I might be confusing the two.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
Sign In or Register to comment.