How do you get rid of a Trojan virus that has spread?

[Kitty]

My brother downloaded a torrent yesterday and it had a Trojan virus with it. Normally we just run AVG and it'll remove it for us (or AVG picks it up and deletes it), but now we cannot open AVG, task manager or download any new programs, such as Spybot, to get rid of the virus.

Does anyone have any advise?

[Red123]

Since you have Spy-Bot go into safe mode open spy-bot
set the mode to advance and got to the settings tab scroll down to

Automatically run program on system start

then restart run the program

delete the malicious file

restart

open spy-bot check for updates again run the program

delete malicious files

[Michael8384]

HI KITTY, SO U R USING AVG HUH? SOMETIMES AVG CANNOT DELETE SOME TROJANS. I RECOMMEND U TO DOWNLOAD AND INSTALL eset NOD 32 ANTIVIRUS. it detects and deletes most of the trojans. just follow this link
http://www.brothersoft.com/nod32-antivir...60481.html
-----------hope it helped u cheers----------------------

[Ross B]

The absolute best thing you can do is to download Malwarebytes; it is a free program you can find easily on Google. Restart the computer in Safe Mode, then go online and download/install.

Once installed, restart the computer in Safe Mode again and THEN run Malwarebytes. I would say that 99% of the time, this cures my virus/malware issues. Good Luck!

[mR-DeActiVe8]

Hi

1> The virus has infected ur system.
2> It's has been able to disable ur AVG, task manager etc.
3> Now the question is y didn't ur antivirus didn't react while it was infecting.
a> Was it disabled ?
b> It was updated u didn't updated it ?
c> Or any other
4> Whatever may b d reason don't make the mistake again.

Now how to heal ur system
1> As ur system is very badly infected that even AVG is not working.Then it's very serious.
2> The only thing u can do is install a new windows.
OR TRY THIS {this method i did to clean my pc in the past}
1> Run smit fraud { now this enables ur disabled task manager and other too }
http://www.softpedia.com/progDownload/Sm...07653.html
2> Now as u can open u task manager u can c the running process {one of them is a virus}
Use internet only to do this otherwise don't even think abt entering private info on websites{virus can steal ur facebook or any other passwords too }
3> Now go to google.com and search each of the process name that's showing in the task manager.The info about the process will b available.If the info says it's a virus then right click and select end process tree.
4> Now the virus is not activate as ended that process but it is still there on ur system and will b activated on next restart.
5> Now start ur avg,update it and scan {avg was blocked by the virus so as u stopped the virus now avg should work}
6> If it's not working then install it and update it without restarting ur pc then click on schedule scan on startup.
7> After scan virus will b removed.But ur system might b corrupt as virus mostly affects windows files and files which r infected r deleted by any anti virus whether it's a normal or system file.

K now it's a bit complicated if u r new computer user.But 4 me it's easy.If u want i can connect to ur pc and try to fix it.Email me if u want.BTW I would use team viewer.

Hope u fix it soon.Best of luck.

[Shazad Khan]

Firstly back your computer up. If you don't no how to there are plenty of tutorials out there.

Then start your computer in safe mode, and run a full scan.

If this doesn't cure it you could try looking in your registry. It's danger to edit the data inside the registry, so be careful. To get into your registry in windows xp, go to start, run and type regedit.

Virus's usually reside in HEKY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion. When you see an entry which you don't recognize go to Google and see what it is. If it's a virus delete it.

Some virus will restore the entry later or reboot, even you delete the entry from System Registry Editor. Those virus needs special tools to kill them.

Another good way to remove it is to go to your processes and see whats running. To get to your processes push ctrl, alt, Del at the same time. And Google each process which you don't recognize and then Google how to get rid of the process.

If all else fails you could always do a fresh installation or get in touch with a computer expert. You could always try http://www.birmingham-computer-repairs.co.uk email them and see if they can assist you

[Harley Drive]

Sounds like a rootkit virus it can hijack your browser but without any windows open it can send you to advertising sites etc.These things can disable normal antiviruses and anti malware. Download "rootkit revealer" from Microsoft or Sysinternals and run it, Go to Task manager and under processes see if there is an oddnamed process sometimes just random letters and or numbers and end process. Then go to Start>run and type in msconfig and click OK, Look under the "startup" tab and uncheck the same process name if it appears there. The registry will need to be cleaned up but normal programs should be able to do that when you have disabled the rogue program.

These things can disable recognised anti-malware programs and system tools like task manager, so you may have to download process explorer or killprocess to stop the process, you need also to rename the malware bytes .exe file to, say for example, xxxx.exe or just copy it to the same folder when it will produce a copy called "copy of..." and run that. Instructions on the malwarebytes.org site

[ilknur K]

Follow this instructions to Remove Virus in you Computer.
Restart You Computer Safe Mode with Networking

1. Log out and reboot your machine.

2. When the machine starts the reboot sequence, press the F8 key repeatedly.

3. Select Safe Mode with Networking from the resulting menu.

4. Login. If the malware has changed your password, try logging in as
Administrator. By default, Administrator has no password.

5. The machine will continue booting, but the Windows desktop will look different.

Then in The Safe With Networking .Download by using Rkill press here http://www.bleepingcomputer.com/forums/topic308364.html

Download and Scan By Using Malwarebytes’ Anti-Malware http://download.cnet.com/Malwarebytes-An...contentAux

Download and Scan By Using Super Anti-Spyware Press here http://www.superantispyware.com/

Download ATF is a new, freeware, temporary file cleaner for Windows, IE, Firefox and Opera with a simple, easy-to-use interface.

The main screen allows the user to either clean all temporary files, or select files for cleaning. The program also knows if Firefox and or Opera is being used, and gives the option of cleaning the temporary files associated with those applications.

ATF Cleaner provides the user with a window showing the total bytes freed upon completion. The program is small (36kb), quick to run and no installation required. to Download ATF Cleaner press this link http://download.cnet.com/ATF-Cleaner/300...89432.html

Download and Scan By using
Remove Fake Antivirus 1.64 press here http://www.softpedia.com/progDownload/Re...27588.html
After Finish Scan and Remove all Virus,Restart you Computer to be Normal.

Then
Download and Scan again By using Norman Malware Cleaner Press here http://www.norman.com/support/support_tools/58732/en This is to make sure you Virus, Malware, Trojan, Worm,
Rogue Fake Anti-Virus, Hijack Web Browser, Pop up Advertisements,
Rootkit and Spyware it is not on you Computer Forever. Please give me the feedback and Rate Me

[Willow]

I use http://metoo111.blog.com/