?
Solved

Download.trojan + Trojan.StartPage

Posted on 2005-03-22
11
Medium Priority
?
799 Views
Last Modified: 2010-04-11
I formatted my hard drive to try and make my computer like new. However, these viruses have stayed on my computer. I was wondering if anyone out there could give me advise on how to get rid of them. I am no computer expert which i hope wont pose a problem. If anyone could give me step by step advice i would greatly appreciate it. My computer is basically useless because of these viruses.  It always freezes and things keep getting installed on it.
richard
0
Comment
Question by:richardmastroianni
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +3
11 Comments
 
LVL 3

Expert Comment

by:jltari
ID: 13609304
If you're running Windows XP, start by protecting yourself with ICF (Internet Connection Firewall).
Install an anti virus and get the latest updates.
Then download http://hijackthis.de/downloads/hijackthis_199.zip, execute the program and scan your computer.
Copy the log and paste it on this site :  http://hijackthis.de
Validate it, wait a sec, and scroll down the list to see what could be wrong.

Don't hesitate to ask if you need further help performing theses tasks
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 13609658
I would stop using Internet Explorer as Browser but use firefox instead.

http://www.mozilla.org/products/firefox/

Then I would install an antivirus realtimescanner like http://www.grisoft.com/doc/40/lng/ww

A personal firewwall like http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp is also handy

---
Download these  programs.

If you system is already broken, reinstall it again, but without accessing the internet.
Then install these 3 programs and after that directly connect to windowsupdate.microsoft.com to install the latest patches.
Update the antivirus virii patterns.

Surf the web just with firefox, use IE only to get updates from microsoft. You should have a lot less hassle.

Best would be if you would use an account w/o admin rights to access the internet.
So install all programms with administrator right, now go to user management create a new account like "surfer" with user rights.

Use this surfer account as default, most spyware and virii should be blocked, because they can no longer add themselves to the registry or write in the windows directory at all.

Tolomir



0
 
LVL 12

Accepted Solution

by:
rossfingal earned 1500 total points
ID: 13610893
Hi!

If you want to be sure that you have completely removed any virus/trojans
from your hard drive(s) -
go to the web site of the manufacturer of your drive and download their
utility to perform a "low-level" format.

fujitsu
http://www.fcpa.fujitsu.com/download/hard-drives/#diagnostic

IBM and Hitachi
http://www.hgst.com/hdd/support/download.htm#DFT

Maxtor/Quantum
http://www.maxtor.com/en/support/products/index.htm

Samsung
http://www.samsungelectronics.com/hdd/support/utilities/utilities_index.html

Seagate
http://www.seagate.com/support/seatools/index.html

Western Digital
http://support.wdc.com/download/
www.westerndigital.com

Remember: these utilities are manufacturer specific -
don't use a Western Digital utility on a Seagate drive!!  :)

Good luck!

RF
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Expert Comment

by:kneH
ID: 13610944
>>Download.trojan + Trojan.StartPage

Those are spyware.
So remove it accordingly.

Install antispyware program many mentioned above.

Also:
scan in safemode (hit F8 (a couple of times) when you startup your puter)
do not connect to the internet when scanning
just before you start a scan (in safemode!) press ctrl+alt+del, click the processes tab, right click explorer.exe and choose end task
0
 
LVL 24

Expert Comment

by:Mohammed Hamada
ID: 13617279
You can download the TrendMicro below... Follow the steps.

Trend Micro Sysclean Package - Download + Virus Pattern File - Home Page
A Virus Removal Tool for Virus infections that can not be cleaned or deleted by the online scan. This is not an AntiVirus Program.

Instructions - Download the Sysclean Package (sysclean.com) and the latest Virus Pattern File (lptXXX.zip). Create a folder on your C: drive (C:\Sysclean), download both files to this folder, unzip the "lptXXX.zip" pattern file into this folder, then run "sysclean.com", check "Automatically clean or delete detected files", left-click "Scan". If there are still Virus infections left that can not be removed, reboot your computer into safe mode, In safe mode do another Sysclean scan and remove the remaining Virus infections.
Also... Download Trojan Hunter It is a 30 day free trail. Download it, install it, updtae it and run a complete system scan
http://www.misec.net/trojanhunter/?aff=19616 .

Just try and tell us if one of the posts work
0
 

Author Comment

by:richardmastroianni
ID: 13642235
So i went to the web site of the manufacturer of my hard drive. i have a FUJITSU MHS2030AT hard drive. I found this:
------------------------------------------------
Erase Utility
Software Name       Description
Fujitsu Erase Utility
fjerase.zip (31 KB)       Note: This program works only with any FUJITSU IDE/ATA hard disk drives

This procedure performs a pseudo-formatting to the drive. It erases all of your previous data and reinitializes it to "00" pattern. By performing this task, you will be able to erase the whole user area including your Master Boot Record, Partition Table, FAT (File Allocation Table), and all the files and data it refers to. Use this program if you want to be sure your drive is clean.

Warning:
All the previous data will be lost when performing the 'Erase' task.
Please backup all your important files and data before running this program.

-----------------------------------------------------------------------
Is this the "low-level" format?
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 13643518
Hi!

Yes it is.

RF
0
 

Author Comment

by:richardmastroianni
ID: 13646086
RF,

when i get home from school tonight i will run the "low-level" format, then i will post the result.

thanks again for the help,

Richard

BTW,
i downloaded trojan hunter and it detects trojans,
 says it removes them but yet they are still there each time i scan.
0
 

Author Comment

by:richardmastroianni
ID: 13648598
I have been trying to call fujitsu technical support for a while now but  they are busy......i dont understand the process to run this low-level format.....the note pad that came with the erase utility says this.......

USER'S GUIDE


 Running the program
1. Boot from a clean DOS disk.
2. Change to the drive/directory where FJERASE.EXE is located.
3. At the DOS prompt, type FJERASE to execute the program.


4. Inside the program
      At the startup routine, the program tries to identify all IDE drives
      connected in your system (Primary and Secondary Port). This procees
      may take some time.
      Afterwhich, all the drives found will be displayed in the Main Menu
      window with the corresponding valid product ID. Port with no drive(s)
      connected will also be displayed with 'NONE' as its product ID.
      Hotkeys are indicated in the taskbar. Use the up and down arrow keys
      to move the current highlighted drive.
          Hotkeys Definition:
          F1 - Displays the Help Window
          F4 - Reinitializes the whole hard disk user area to '00' data
                 pattern effectively erasing all its previous contents.
              
             **  Once this task is started, and even if you abort the
                 procedure, your hard disk data may already be lost and
                 irretrievable. Please remember that MBR, Partition
                 Tables and FAT are located in the first few cylinders
                 of your hard disk and this ERASE functions starts writing
                 from this area of your hard disk.
             **  The completion time for this task depends on the capacity
                 of your drive and the clock speed of your host processor.
                 (e.g. For a Pentium 133Mhz processor, it takes
                 approximately 10 minutes to erase the whole drive with
                     1 GB capacity.
                 This completion time doubles as your CPU clock speed
                 reduces to half. --- 66Mhz -> 20 minutes for 1Gb cap.)

             ------------------------------------------------------------
                                WARNING!!!
             ALL DATA ON THE DRIVE WILL BE LOST. PLEASE BACKUP ALL YOUR
             IMPORTANT DATA BEFORE PERFORMING THIS TASK.
             ------------------------------------------------------------
             
          Enter - Displays basic information about the drive
          Esc - Prompts to quit the program.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------
does anybody know how to do this?
Richard
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 13650005
Well, it simply doesn't format your HD but writes "00" to each sector.

Of cause all data is overwritten, even your trojans...

---
A real low level format is NOT done. This would actually kill your HD. A low level format was needed/possible for harddisks at least 5 years ago:

What does "low level formatting" an ATA (IDE) drive mean?

Actually the term "low level" is a bit of a misnomer. The low level process first used years ago in MFM hard drives bears little resemblance to what we now call a "low level format" for today's ATA (IDE) drives.

More details here: http://www.pcguide.com/ref/hdd/geom/formatLow-c.html

Low-level formatting is the process of outlining the positions of the tracks and sectors on the hard disk, and writing the control structures that define where the tracks and sectors are. This is often called a "true" formatting operation, because it really creates the physical format that defines where the data is stored on the disk. The first time that a low-level format ("LLF") is performed on a hard disk, the disk's platters start out empty. That's the last time the platters will be empty for the life of the drive. If an LLF is done on a disk with data on it already, the data is permanently erased (save heroic data recovery measures which are sometimes possible).
...
Warning: You should never attempt to do a low-level format on an IDE/ATA or SCSI hard disk. Do not try to use BIOS-based low-level formatting tools on these newer drives. It's unlikely that you will damage anything if you try to do this (since the drive controller is programmed to ignore any such LLF attempts), but at best you will be wasting your time. A modern disk can usually be restored to "like-new" condition by using a zero-fill utility.

---
So it would be enough to boot from CDRom and simply format your entire HD, using windows setup  and all (malware-) data is gone or at least unaccessable.

Tolomir
0
 

Author Comment

by:richardmastroianni
ID: 13650065
I keep tyring to copy this zero-fill utility onto a floppy and it copies it, however when i Type A: dir it shows that fjerase.exe  is 0 bytes and i dont know why....can you please help me figure out how to copy it right?

thank you for the advice everyone....were making progress

richard
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question