Click here to go to the NEW College Discussion Forum

Is there any way to remove incessant trojan horses from your computer? I have a really bad trojan on my PC that's wreaking havoc on my system. I've ran the PC-cillin virus scan in safe mode and regular mode. I've removed all spyware (using ad-aware, spybot, spysweeper, and hijack this) from my computer. I've done everything, but the problem persists. Is there anything else left to do, instead of reformatting my hard disk?

By Mruncleramos (Mruncleramos) on Sunday, October 03, 2004 - 05:22 pm: Edit

Get a firewall. Stop outside access to your computer.

By Jess17 (Jess17) on Sunday, October 03, 2004 - 05:31 pm: Edit

A firewall will only prevent further trojans from being installed onto your computer, but it won't do anything about the ones already present.

By Vancat (Vancat) on Sunday, October 03, 2004 - 05:41 pm: Edit

ur gonna have to reformat your hard disk. if it lets you start up into desktop, at least you can make a backup of all of your important files. Then, uninstall the Operating System and reformat the hard drive.

By Socialpariah (Socialpariah) on Sunday, October 03, 2004 - 06:53 pm: Edit

create a l337 c++ program to counter the trojan

By Sagar_Indurkhya (Sagar_Indurkhya) on Sunday, October 03, 2004 - 07:27 pm: Edit

no. the 31337 would handcode an assembler program to wage war with the trojan horse. That is what happens when you don't install every electronic defense mechanism known to men.

By Jess17 (Jess17) on Sunday, October 03, 2004 - 08:34 pm: Edit

Ok, I don't know how to write any c++ programs.

By Fighterpilot (Fighterpilot) on Sunday, October 03, 2004 - 09:30 pm: Edit

download the AVG Anti- Virus


The best free program tp get rid of trojans.

By Massdad (Massdad) on Sunday, October 03, 2004 - 09:35 pm: Edit

Before you do a clean install, have you gone on line to see if there is any expert advice regarding removal of the trojan? I would start with a google search.

Did Adaware find it?

How do you know you have the trojan?

If you're running win xp, have you set a system restore point?

Without knowing more, it is hard to help.

By Jess17 (Jess17) on Sunday, October 03, 2004 - 09:58 pm: Edit

I ran the PC-cillin virus(made by Microsoft) scan and it said that I have 8 Trojan horses on my computer. It also said that I have one malicious javascript. I've removed all spyware (using ad-aware, spybot, spysweeper, and hijack this) from my computer. I've done everything, but the problem persists.

The trojans will not let me restore my computer. I've already tried that.

By Vancat (Vancat) on Sunday, October 03, 2004 - 10:24 pm: Edit

gahhhhh, DON"T do a system restore. Trust me it won't get of trojans as bad as you described.\

My question to you is: specifically what problems are the trojans causing? Can you run and open prgrams? Can you save data?

If you can, immediately make a back-up of all your important files using CD-RWs. It'll take long, but its worth it.

Then, uninstall Windows and do a complete hard disk reformat.

By Jess17 (Jess17) on Monday, October 04, 2004 - 12:26 am: Edit

vancat,

Although i have a nasty infection, I can still run and open most programs. But everything is excruciatingly slow. I can also save data.

How exactly does one reformat thier hard drive? Is it guranteed to get rid of the persistent trojans.

-thanx

By Fighterpilot (Fighterpilot) on Monday, October 04, 2004 - 01:41 am: Edit

i told you to use avg anti virus

it will work

try it and it will be done with no more worrying

By Sagar_Indurkhya (Sagar_Indurkhya) on Monday, October 04, 2004 - 10:03 am: Edit

To reformat your harddrive, go to my computer, right click on C:, click format, and then do a full format of C:. Formatting will basically wipe out the entire Harddisk of everything. Then you boot from WinXP cd. If this is an old cpu that can't boot from cd, than post back. I would seriously suggest posting in the lounge forum at Gamedev.net, because the computer geeks on CC aren't true geeks.(majority of them at least) and the people at Gamedev.net are basically a collection of the smartest geeks on the net.

By Massdad (Massdad) on Monday, October 04, 2004 - 12:50 pm: Edit

Yea, and if you follow the advice of those who recommend a reformat, you will find yourself spending days tracking down software you had on the machine, trying to recreate settings, finding you forgot to copy an important file to cd, etc. etc.

Long before that, I would do two things:

1. Uninstall all programs you don't use or need. If you find one that you cannot uninstall, make a note of its name and go on line looking for a fix - or post here.

2. Run msconfig and stop junk from automatically starting up when you start your computer. This would include things like real player tray, AOL IM, Netscape fast startup etc. You really only need a handful of things running on startup: your antivirus software; your mouse driver; your office toolbar if you use MS office; (others?) Most other startup stuff is junk and can really slow down your computer. There is other microsoft stuff that runs under windows xp (such as indexing service) but the microsoft processes are a bit trickier to turn off.

By Vancat (Vancat) on Monday, October 04, 2004 - 03:37 pm: Edit

If you don't feel like doing it yourself, call the customer support from the computer where u bought your computer. Have them walk you through it.

By Jess17 (Jess17) on Tuesday, October 05, 2004 - 02:53 pm: Edit

thank you all so much. I'll work on my computer 2nite, and see if it works.

By Magoo112 (Magoo112) on Tuesday, October 05, 2004 - 04:56 pm: Edit

watch it not even be a trojan....

Here's the best way to fix it:

1. Uninstall windows
2. Pick a flavor of linux
3. Install
4. Make love to tux.

By Sirhcv (Sirhcv) on Sunday, October 10, 2004 - 02:40 pm: Edit

alright.. don't need to uninstall if you're willing to get rid of it yourself... its really an over reaction to a small problem. Let me first address a few issues.

A firewall (depending on what function it has) may block out going attempts of this trojan, however its still going to remain present on the system.

Removing software you don't use isn't going to do anything. And software you can't "uninstall" isn't going to show up as having an option to uninstall. Its not like trojans leave a little "uninstall me" button. However this can speed up your system.

Its usually pretty easy to identify trojans and then remove them. However my question is WHY do you think you have a trojan, describe the symptoms. Its always best to let doctors make the diagnosis or far to many people would be on chemotherapy :-P

With that out of the way

run msconfig, look for anything suspicious and take note of the directory its in, something like \winnt\ (or windows) is an immediate candidate, however various imporant GOOD things run there too. Anything in \Program Files\Common Files\ or \Documents and Settings\ (NT architecture) are also suspicious.

Of course Trojans don’t nesscarily have to startup in a way that can be seen from msconfig, or they might not even be executables. A run of “netstat –an” at the terminal can list ports your computer is listening on (or other addresses it’s trying to connect to if it’s a reverse connect trojan), but the windows issued netsat doesn’t show the individual programs responsible for this TCP activity… TCPView from sysinternals if a great utility that will however. (http://www.sysinternals.com/ntw2k/source/tcpview.shtml)

Of course now I’m kinda getting out there and will probably have lost you anyway, so if you really want some help I think you need to state why you think you have what you have. Are you sure it’s a TROJAN, not a worm, virus, or some other piece of malicious software…

By Starman (Starman) on Monday, October 11, 2004 - 01:52 am: Edit

Set your entire hard disk to "read only". That way nothing can mess up your pc, even you!

You won't get to have much fun though, you probably couldn't even boot up to windows.

By Schemer (Schemer) on Monday, October 11, 2004 - 09:37 am: Edit

here is what you do, if the virus thingy is what is making your computer slow.

type ctrl+alt+delete

look through the processes tab to find the program(s) that you don't recognize and that aren't labeled as system programs.

write down their names. end those processes
search the computer for files with those names, and if you are positive that they aren't legitimate files, delete them.

Its worked for me in the past when antivirus software couldn't find/delete stuff

By Justice (Justice) on Monday, October 11, 2004 - 10:03 am: Edit

if you do what schemer does you may end up deleting essential system files that have been masked--and you may not be able to even boot up after deleting them!

By Schemer (Schemer) on Monday, October 11, 2004 - 11:44 am: Edit

note I said, delete only if you can determine positively that they aren't system files, such as by the fact that the file isn't in a system directory

By Sagar_Indurkhya (Sagar_Indurkhya) on Monday, October 11, 2004 - 05:30 pm: Edit

Ok. First of all, Linux is not the answer. I don't think you want to make the switch, especially if you haven't already planned the switch. Trust me. No for this trojan thingy. You can't possibly have more than 2-3 cd's(1-3gigs) worth of data on your cpu. The majority of the other stuff will be programs. Now, you simply burn all your data onto some cd's. On the weekend, you reformat your entire harddrive. You then reinstall windows.

Here is the important part:

You create an extra user name: whatever, but make sure it is limited. Give it virtually no access to the harddrive.

Now you make administrative account. You install all this crap. Use the limited account for surfing dangerous stuff and checking crap. Also, use firefox, not IE, unless you have installed SP2.kkk

The problem here I can see is that you have a false sense of security: you are at no time safe. The only way you can prevent yourself from things like viruses and trojans is to disconnect completely from internet. Trust me. If you have any doubts about a word document, open in using notepad. Check the content.

You also have to realize that true, elite hackers are 10 times smarter than the average programmer. In fact, they often work for large corporations like MS and IBM. You have to browse carefully. I can not stress this enough. If you are doubtful of any email, don't open it. Use email addresses like Yahoo, and GMail, not your ISP's email. Yahoo, etc, use industry level virus scanners.

The steps above may be a little over reactive, but they will work. Just burn the cds with all your data stuff. Then make a windows boot disk of the internet. Next, you can fiddle all you want with msconfig.sys. Make sure you are completely disconnected from the internet. Next, make a log file of all outgoing requests on the stack.

Just post back for more help, and make sure you burn those cd's!!!