I have a trojan horse, short of having to bring the pc to a fix-it shop for quite a few quid I was hoping someone has a suggestion that I can do myself.
HELP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
TROJAN HORSE - I need a nerd
It was identified by a norton scan, but damn I can't remember the name, I installed this software "the cleaner" which I found through google to get rid of the sucker, however my system is running slower than a snails pace. I hope you're the nerd that can help, I'll gladly send you your allowance for the pub.
If you can do that scan again and find out the name that would help more than anything...
but to find out what's making things go slowly, press ctrl-alt-delete at the same time and then when you get the window popping-up, click on "task-manager". Then you'll see 4 tabs, click on "processes" and then "CPU". Look at the list that's showing and you'll see the program that's hogging everything as it will show that's it using something like 99%. Post the name of that process and that will also help to sort you out...
but to find out what's making things go slowly, press ctrl-alt-delete at the same time and then when you get the window popping-up, click on "task-manager". Then you'll see 4 tabs, click on "processes" and then "CPU". Look at the list that's showing and you'll see the program that's hogging everything as it will show that's it using something like 99%. Post the name of that process and that will also help to sort you out...
Dump Norton anti speed (I mean anti virus) as soon as possible...
Norton was great up to about 3 years ago & now it's just a systems hog with very little in the way of protection...
I mean c'mon, you got a trojan whilst using it right.
Kaspersky anti virus is what I use myself (Pro version) & once set up right it's great...
Most ppl I know will say to use NOD32 as it's free & is pretty streamlined too.
As for the trojan etc...
First start by removing the spyware crud you installed (both of them), no offence but most of those programs do more harm than good.
Pop along to PCPITSTOP & use their virus scan, if you have anything on your PC it will not only detect it but will also give you links / help in removing it.
PCPITSTOP.COM is a trusted site... never did me any harm in the many years of use.
Ohhh also... Norton has a habit of showing certain applications & even web media as trojans
Post a screen shot of the 'trojan' (in nortons window) if you can... it would help.
Norton was great up to about 3 years ago & now it's just a systems hog with very little in the way of protection...
I mean c'mon, you got a trojan whilst using it right.
Kaspersky anti virus is what I use myself (Pro version) & once set up right it's great...
Most ppl I know will say to use NOD32 as it's free & is pretty streamlined too.
As for the trojan etc...
First start by removing the spyware crud you installed (both of them), no offence but most of those programs do more harm than good.
Pop along to PCPITSTOP & use their virus scan, if you have anything on your PC it will not only detect it but will also give you links / help in removing it.
PCPITSTOP.COM is a trusted site... never did me any harm in the many years of use.
Ohhh also... Norton has a habit of showing certain applications & even web media as trojans
Post a screen shot of the 'trojan' (in nortons window) if you can... it would help.
Face, in following your directions I see alot of shite, in particular the following; svchost.exe, lsass.exe, CCSETMGR.exe, PDUDServ.exe, explorer.exe, Magickey.exe. Idon't understand how to Post, and does 6ULD also have the answer. I will not send you your pub dosh until all is sorted as I don't want to have my card compromised, LOL
cori - give that site 6uldv8 mentioned a shot and see if that sorts you.
www.pcpitstop.com
there's also https://housecall.antivirus.com
www.pcpitstop.com
there's also https://housecall.antivirus.com
-
major.tom
- Macho Business Donkey Wrestler
- Posts: 1970
- Joined: Sun Jan 21, 2007 7:07 pm
- Location: BC, Canada
There are a couple other useful programs out there for finding trojans -- Lavasoft AdAware and Spybot Search & Destroy.
Here's what *I* do when I suspect a system is infected:
- run CodeStuff Starter (my preference) to see what programs run automatically when booting windows
- look for anything suspicious; you can tell by a) the folder where it is located (eg. random-looking folder names under c:\windows\system32 or under c:\documents and settings -- no programs should be located here) b) the program name, and c) a little knowledge of what hardware and software is in your system.
- with any suspicious-looking files, open windows explorer and go to the folder where the file is located, right-click and select properties. Pay attention to the creation dates (to see if it coincides with when you think the problem started) company and version information. Anything listed as Microsoft might not be. The best way to tell is to compare it to other program files under c:\windows, as M$ is pretty consistent. Trojans sometimes try to pass themselves off as M$, but leave the version as 1.0.0.
- If you find any that don't look right after this inspection, disable them in CodeStuff Starter and reboot your machine.
Once everything seems to be "normal" and you're satisfied that the system is working, you can delete/rename the files you disabled.
Good luck!
Here's what *I* do when I suspect a system is infected:
- run CodeStuff Starter (my preference) to see what programs run automatically when booting windows
- look for anything suspicious; you can tell by a) the folder where it is located (eg. random-looking folder names under c:\windows\system32 or under c:\documents and settings -- no programs should be located here) b) the program name, and c) a little knowledge of what hardware and software is in your system.
- with any suspicious-looking files, open windows explorer and go to the folder where the file is located, right-click and select properties. Pay attention to the creation dates (to see if it coincides with when you think the problem started) company and version information. Anything listed as Microsoft might not be. The best way to tell is to compare it to other program files under c:\windows, as M$ is pretty consistent. Trojans sometimes try to pass themselves off as M$, but leave the version as 1.0.0.
- If you find any that don't look right after this inspection, disable them in CodeStuff Starter and reboot your machine.
Once everything seems to be "normal" and you're satisfied that the system is working, you can delete/rename the files you disabled.
Good luck!
Okay to make a long story short over several days I tried quite a bit of your more than helpful suggestions, did alot of googling and finally after installing a combo of spyware detector & max registry, found a trojan identified as vundo, apparently it's some kind of advertising bug? I have run these programs for several days and it seems thaat I'm clean. Will pay a bill today online and track to make sure that's the only transaction that goes through. Hopefully, I'm in good shape, should it work fine that'll be a couple three pints sent to Face from all who helped out!