Solved

VIRUS ALERT TURNS OUT TO BE A TROJAN

Posted on 2011-09-30
6
452 Views
Last Modified: 2013-11-22
A friend clicked on a virus scanner alert saying he was infected, and click now to activate.  Unfortunately, his system is royally screwed now.  What would be the best way to remove this bug?
0
Comment
Question by:LEECHIPTURNER
6 Comments
 
LVL 17

Assisted Solution

by:Spartan_1337
Spartan_1337 earned 50 total points
ID: 36893823
Boot into safe mode with networking

Download ComboxFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Allow this to run unimpeded.

Once back into desktop, test to see if virus has been completely removed.

0
 

Author Comment

by:LEECHIPTURNER
ID: 36893926
Clicking on that link, only a FreeScan button, some ads, and "how to use combofix" but nothing else.  No instructions.  It wants me to join.

Do you know if Malwarebytes’ Anti-Malware would work?  Otherwise, I'll Bleepingcomputer and see if more info appears?
0
 
LVL 17

Expert Comment

by:Spartan_1337
ID: 36893940
Depending on the type of virus, MalwareBytes may not be able to remove the infection completely.
Is there another PC you can go to the site and download the combofix.exe from?
You would only then have to copy it to your desktop with either a flash drive or external drive.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:LEECHIPTURNER
ID: 36893965
Got it.  Will give this a shot, will wait for call back if it is successful.
0
 

Assisted Solution

by:sevlar
sevlar earned 50 total points
ID: 36893983
I also find that a lot of these Fake A/V infections also include a rootkit infection known as TDSS.MBR. You can download a tool to scan and cure from Kaspersky's site here.,,

http://support.kaspersky.com/faq/?qid=208280684

After that I run Combofix and then follow up with malwarebytes. All of this being done in safemode.

Combofix may ask you to install the Windows Recovery Console. If so then make sure you do let combofix install it.

I deal with Fake A / V's all the time and I find that the above proceedures tend to take care of most issues.
0
 
LVL 8

Accepted Solution

by:
hello_everybody earned 400 total points
ID: 36898104
Try Remove Fake Antivirus 1.80 at http://majorgeeks.com/Remove_Fake_Antivirus_d6323.html

It works well for supported fake A/Vs.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Local Drive Access Denied 5 72
Possibility of Outlook running on Linux 6 115
Adding Mail server to SPF record 5 68
Checkpoint Endpoint Managment 3 66
These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now