Trojan ruling the computer !!
Submitted: Saturday, Sep 20, 2008 at 20:50
ThreadID:
61862
Views:
4107
Replies:
15
FollowUps:
25
This Thread has been Archived
Member - Pesty (SA)
Need a little help here with a trojan who has taken control of my desktop.
Desktop running XP with full version of trend micro, which is updated and scanned daily. Also have free version of AVG running as
well.
Thus i dont get too much trouble with these intruders.
But one has crept in.
Noticed last night that holding down mouse key to highlight a couple of URL's that were on here and it wouldnt highlight them.
Didnt think much of it and thought a reboot would fix it, wrong.
Today i had a notice with AVG saying there was a trojan and I hit the buttons to fix it, and it has got worse from then on.
It is loading normally to desktop stage and the pointer is moving around normally, but nothing will respond to mouse buttons, and it goes to busy when you enter the toolbar.
I also tried to hit delete when first switched on to try safe mode, not sure if XP even has safe mode, but no responce, so it seems that the keyboard isnt working either, it just loaded up as normal.
So have no mouse operation and no keyboard, and at one stage i managed to get a window saying that the task manager has been turned off by the administrator.
Hard to operate a fix without keyboard and mouse!
The only way i can move is reset or off via the switch, but several reboots have done nothing.
Any sugestions would be apprecited.
Cheers Pesty
Reply By: Member - Cruiser (NSW) - Saturday, Sep 20, 2008 at 21:04
Saturday, Sep 20, 2008 at 21:04
Pesty,
I assume you have posted this on a different computer.
Anyway, try a system restore.
To boot into Safe Mode, press the F8 key and choose Safe Mode
When (and if) you get to safe mode, try doing a system restore. Go to
Start
Accessories
System tools
System Restore
Choose a date earlier than when the problem started and perform a system restore.
At completeion the system will reboot into the normal desktop and see if that restores the use of both keyboard and mouse
If that all fails, then you might need to seek professional advice.
Cheers,
Cruiser
AnswerID:
326328
Follow Up By: Member - Nev (TAS) - Saturday, Sep 20, 2008 at 21:21
Saturday, Sep 20, 2008 at 21:21
Hi there Pesty,
press F8 during a restart to bring up boot menu. From that select safe mode. Once running safe mode then run a full scan with your antivirus software. By the way running two antivirus programs at once can (in some cases) cause slowness problems and sometimes they tend to fight each other. Personally I would try this before doing a sytem restore but your call.
Best of luck,
Nev
FollowupID:
593405
Follow Up By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 21:23
Saturday, Sep 20, 2008 at 21:23
Thanks Cruiser, i had forgotten about F8, and that did get me into safemode area, but the up and down feys wont respond to shift the highlight from normal up to safe mode, so still unable to access system restore.
Yes, fortunately I replaced my laptop a few weeks ago so am not right off the air.
Thanks for your help, Pesty
FollowupID:
593409
Follow Up By: Member - Christopher P (NSW) - Sunday, Sep 21, 2008 at 18:52
Sunday, Sep 21, 2008 at 18:52
AVG, you use AVG, Quick somebody slap Pesty very very hard! I have seen and heard people using AVG and they have so many problems from the free version that i could fill out a entire discussion with out drwing breath and wearing my fingers down to the stub!!!
if you want a free anti virus google avast antivirus, by alwil. it's free and it's very good. or don't go on the web!
on another note are you a pet control technician?
FollowupID:
593543
Follow Up By: Member - Cruiser (NSW) - Sunday, Sep 21, 2008 at 19:03
Sunday, Sep 21, 2008 at 19:03
Christopher,
I agree that avast is a good program, but have to disagree about AVG.
I have spent the last 20 years in the IT game as a technician and have found on almost very occassion that AVG picks up and dealt with all manor of infections that all the major Virus programs (Nortons/McAfee/Trend etc) have failed to identify let alone deal with.
I wouldnt pay a single cent for any of the mainstream Anti Virus programs.
I guess we have just had different experiences with AVG, but must admit that Avast is my second preference.
Cheers,
Cruiser
FollowupID:
593546
Follow Up By: Member - Christopher P (NSW) - Sunday, Sep 21, 2008 at 19:15
Sunday, Sep 21, 2008 at 19:15
Well every machine i have worked on in the last few years has had AVG free on and i've had nothing but trouble. I do agree i have used avg in the past but had trouble after trouble, now i just use the scan tool for servicing. Mainly i use norton 360 now, get it at a discount, and haven't had too much trouble with it, but then i know norton really
well and can cofigure it properly!
well doing my cert III in IT support, and getting 100%, min mark i allow myself is 100%.
FollowupID:
593550
Reply By: Member - Bentaxle - Saturday, Sep 20, 2008 at 21:16
Saturday, Sep 20, 2008 at 21:16
Pesty
Go to google an call up programme called XoftSpy and download as per instructions , 99% sure it will rectify your problem if not the staff will help you get rid of your unwelcome lodger.
Mike
| May the fleas of a thousand afghan camels infect the crutch of your enemy and may their arms be too short to scratch.
Lifetime Member
My Profile Send Message |
AnswerID:
326330
Follow Up By: Member - Cruiser (NSW) - Saturday, Sep 20, 2008 at 21:22
Saturday, Sep 20, 2008 at 21:22
Mike,
If he has no keyboard and mouse it might be a bit difficult to run the program, but worth a go for sure.
Cheers,
Cruiser
FollowupID:
593408
Follow Up By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 21:28
Saturday, Sep 20, 2008 at 21:28
Thanks guys, but after F8 i am unable to use keyboard or mouse, I can open the site and download the repair on the laptop, but cant get it to the desktop without first getting the operation going some how.
Need to get into safemode without needing keys???
Cheers Pesty
FollowupID:
593415
Follow Up By: Member - Nev (TAS) - Saturday, Sep 20, 2008 at 21:36
Saturday, Sep 20, 2008 at 21:36
Hi Pesty,
have you tried a full power down and then turn on again, just in case something is sitting in memory.
FollowupID:
593416
Follow Up By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 21:44
Saturday, Sep 20, 2008 at 21:44
Hi Nev, do you mean shutdown or disconnect from power point? Have shut down several times, but comes back the same.
Cheers Pesty
FollowupID:
593419
Follow Up By: Member - Nev (TAS) - Saturday, Sep 20, 2008 at 21:54
Saturday, Sep 20, 2008 at 21:54
Hi Pesty
I normally do a full powerdown including unplugging power cord in these situations. Odd you have lost dos drivers for keyboard etc. Cruisers idea of trying a different interface of keyboard has merit and is good thinking. If you are currently running USB keyboard/mouse then trying the round plug PS2 type may be a winner.
Rgds
Nev
FollowupID:
593426
Reply By: Member - Cruiser (NSW) - Saturday, Sep 20, 2008 at 21:34
Saturday, Sep 20, 2008 at 21:34
Pesty,
You dont by any chance have a USB keyboard and mouse you could use instead of the standard PS2 ( I am assuming thats what you are using) and see if that helps.
Cheers,
Cruiser
AnswerID:
326337
Follow Up By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 21:38
Saturday, Sep 20, 2008 at 21:38
Am using usb corded keyboard and usb cordless mouse, but have an array of different stuff around the joint?
Cheers Pesty
FollowupID:
593417
Follow Up By: Member - Cruiser (NSW) - Saturday, Sep 20, 2008 at 21:42
Saturday, Sep 20, 2008 at 21:42
Pesty,
If you have the PS2 keyboard and mouse then its worth a try.
Cheers,
Cruiser
FollowupID:
593418
Follow Up By: Member - Cruiser (NSW) - Saturday, Sep 20, 2008 at 21:53
Saturday, Sep 20, 2008 at 21:53
Pesty,
If you are using USB for keyboard & mouse and are having trouble with the keyboard & mouse, then maybe the trojan has knocked out the USB functions in XP
Cheers,
Cruiser
FollowupID:
593423
Follow Up By: Member - Christopher P (NSW) - Sunday, Sep 21, 2008 at 18:56
Sunday, Sep 21, 2008 at 18:56
No he need sot get into the bios and set up the usb keyboard mouse option, that way he can use his usb stuff otherwise he's buggered??? you need a cheap ps/2 from dick smith or from the side of the road!
FollowupID:
593544
Follow Up By: Member - Cruiser (NSW) - Sunday, Sep 21, 2008 at 19:10
Sunday, Sep 21, 2008 at 19:10
Christopher,
Read followup 1 of 4 above, which is repeated below:
"Member - Pesty (SA) posted:
Am using usb corded keyboard and usb cordless mouse, but have an array of different stuff around the joint?
Cheers Pesty"
Why if he is using USB would he need to get into the BIOS and set up the USB keyboard and mouse option ?
He needs to try using the PS2 keyboard and mouse, which from another reply he has done with some success.
Cheers,
Cruiser
FollowupID:
593548
Follow Up By: Member - Christopher P (NSW) - Monday, Sep 22, 2008 at 17:36
Monday, Sep 22, 2008 at 17:36
sorry mate didn't read the post properly, honest mistake!
FollowupID:
593706
Reply By: Member - Mark G (NSW) - Saturday, Sep 20, 2008 at 21:58
Saturday, Sep 20, 2008 at 21:58
guys
if you are ever after a good anti virus, downloaded this one the other day, it straight away found a worm in my system that nortons didnt.
http://www.eset.com/]eset[/url]
AnswerID:
326340
Follow Up By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 22:48
Saturday, Sep 20, 2008 at 22:48
The free AVG finds a few that the trend micro doesnt, in fact i installed the AVG when a bug got into the trend, and has done so a few times in the last 12 months.
Was going to change from trend this time, but i got a 3 computer full version with my new laptop recently at a special price of $60, so will run with it for another year and see what happens.
The 2 dont seem to clash, but yes i think it does slow down the computer a bit, especially on startup.
I will bookmark the site you are suggesting and run it when i can to see what happens.
Cheers Pesty
FollowupID:
593442
Reply By: Member - GREENDOG - Saturday, Sep 20, 2008 at 22:29
Saturday, Sep 20, 2008 at 22:29
Hay Pesty i've been looking out for ya dude i was i
Clare last week wednesday and friday i think it was last week when i seen your bus near the Main street i was going to leave a note on the windscreen.
AnswerID:
326344
Follow Up By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 22:36
Saturday, Sep 20, 2008 at 22:36
Im all over the place mate, but yes have been in
clare a few times of late, feel free to leave a note mate, or ring the mobile on the window, wont be too far from my rig.
Cheers Pesty
FollowupID:
593439
Reply By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 22:32
Saturday, Sep 20, 2008 at 22:32
Well guys, we are part way there, the PS2 keyboard was a great success, and i have tried several options from safemode to system restore and a couple of others, and they get to a point where they are close to opening and the computer freezes and reboots to the start of its own accord.
It seems to get a bit further each time and i have some use of the mouse now, so will keep restarting it through safemode and restore and see if it will get to a point where i can restore it or scan it, or get online to try thr repair that was suggested.
Thanks for your help, sorry to
bore you on a sat night, unless you can think of anything else.
O and i am now a member of the
forum server problems tooooo now, just in case i get bored on a windy saturday night HAHA.
Think i need a beer and a bex haha.
Cheers Pesty
AnswerID:
326345
Follow Up By: Member - GREENDOG - Saturday, Sep 20, 2008 at 22:40
Saturday, Sep 20, 2008 at 22:40
Have a beer Pesty it worked for me i'll catch up to you in
Clare soon
FollowupID:
593440
Follow Up By: Member - Nev (TAS) - Saturday, Sep 20, 2008 at 22:41
Saturday, Sep 20, 2008 at 22:41
Sort of good news Pesty,
It now begins to be a slog. Have you got much data that you haven't backed up? I hope you can get a scan run and fix the problem. Best of luck and enjoy the beer.
Rgds
Nev
FollowupID:
593441
Follow Up By: Member - Pesty (SA) - Saturday, Sep 20, 2008 at 22:53
Saturday, Sep 20, 2008 at 22:53
Thanks Nev, I have my business stuff backed and most other important stuff, and yes it will be a slog or i will get an expert to sort it for me, WHERE ARE YOU MUDDY!!!
O what fun it is to have friends who need me when i need them haha!
Cheers Pesty
FollowupID:
593443
Reply By: That Troopy Bloke (SA) - Saturday, Sep 20, 2008 at 22:51
Saturday, Sep 20, 2008 at 22:51
Sounds like Antivirus2008....by coincidence I just finished reading a rather long thread on Whirlpool about this very same problem.
The insert link thingy isn't working for me tonight so you will have to copy/paste the URL:
http://forums.whirlpool.net.au/forum-replies.cfm?t=1046875
Seems you might be in for a torrid time:-(
Cheers
Glenn
AnswerID:
326347
Follow Up By: Member - Mick O (VIC) - Sunday, Sep 21, 2008 at 10:02
Sunday, Sep 21, 2008 at 10:02
Yes that got into
mine too. AVG, Spybot and Mcafee missed it. I downloaded a freeware program called malwarebytes anti malware program. It cleaned it out quicksmart. The important thing was to do a FULL scan as parts of the trojan hide in some outof the way
places in the box.
Cheers Mick
FollowupID:
593459
Reply By: Hairs & Fysh (NSW) - Sunday, Sep 21, 2008 at 09:13
Sunday, Sep 21, 2008 at 09:13
Hi Pesty,
Try Hijack This. You'll find it
Here
Run a scan and save as a log file, you can then submit the results to their site.
Something else to try,
Turn of system restore, restart and run
SpyBot in safe mode.
After scan, restart system restore again.
Let us know how you went.
AnswerID:
326358
Reply By: Waynepd (NSW) - Sunday, Sep 21, 2008 at 09:43
Sunday, Sep 21, 2008 at 09:43
Hi Pesty,
Just another thought have you checked that RAM and cards are seated properly sometimes this can cause symptoms like freezing etc.
AnswerID:
326362
Reply By: Craigjackaroo - Sunday, Sep 21, 2008 at 09:49
Sunday, Sep 21, 2008 at 09:49
My son downloaded a similar virus on our family laptop. We used a combination of superantispyware and Malwarebytes anti-malware to remove it. A persistant little blighter it was.
AnswerID:
326365
Reply By: Hairy (NT) - Sunday, Sep 21, 2008 at 10:41
Sunday, Sep 21, 2008 at 10:41
I got the same sought of thing a few weeks ago.
I had to take it to a pro in the end. As you say theres not much the average person can do without a key board and mouse.
Good luck
AnswerID:
326368
Reply By: Member - Cruiser (NSW) - Sunday, Sep 21, 2008 at 11:23
Sunday, Sep 21, 2008 at 11:23
Pesty,
Any news on the computer dramas.
Cheers,
Cruiser
AnswerID:
326380
Follow Up By: Member - Pesty (SA) - Sunday, Sep 21, 2008 at 22:07
Sunday, Sep 21, 2008 at 22:07
Hi Cruiser,
Have been away all day and started playing with it a while ago.
Have managed to get to the point where i can run a scan in trend, so havent touched it while its doing that.
Got to system restore, but it said it couldnt do it but seems to have had an affect and i seem to have full mouse control and still using ps2 keyboard.
Will see how i go and see if i can get on the net to download repair.
Things are looking up at this moment.
It isnt the antivirus 2008.
Will report in when it all comes good.
Cheers pesty
FollowupID:
593602
Reply By: Member - Christopher P (NSW) - Sunday, Sep 21, 2008 at 19:08
Sunday, Sep 21, 2008 at 19:08
what you need is a boot disk for win98, or linux boot disk or my favourite, hiren's boot disk
hiren's boot disk
this has a quite a few useful programs, plus anti virus, recovery programs etc etc, down load and burn onto cd/dvd/ put this into drive, hard boot the puter (turn on at switch), press Delete to get into BIOS then setup the boot order to start with your cd/dvd drive, once in navigate thru the menu and do virus scans with all of the antivirus stuff there, it will also allow you to recover and back up your data!
if you have troubles feel free to contact me!!! i have several copies and can track down somestuf for you!!!
AnswerID:
326455
Follow Up By: Member - Pesty (SA) - Sunday, Sep 21, 2008 at 22:15
Sunday, Sep 21, 2008 at 22:15
Hi Christopher, yes I am a Pesty of 20 years, and own and operate a family business here in the Mid nth of SA.
I only installed AVG to help out when my trend was playing up, but have left it in place to work side by side with the trend and have had no hassles with it.
I will try your boot disc suggestion if i cant get any satifaction, but it sems to be getting better at the moment.
Thanks for the offer of help and will contact you if my limited stubborness doesnt work hahaha
Cheers pesty
FollowupID:
593604
Follow Up By: Member - Christopher P (NSW) - Monday, Sep 22, 2008 at 17:41
Monday, Sep 22, 2008 at 17:41
My Brother from another mother, I'm a trade qualified pest myself!did my trade certificate in pesticides and health, urban pest control I & II, the last year before compentency based stuff came in!
Got out of it in 98 as my boss was a dodgy bugger and wanted me to spray two stories up with the bordeux, i refused as i didn't have extesion wands onboard and it was like middle of hot day!
FollowupID:
593709
Reply By: bob&loz - Sunday, Sep 21, 2008 at 22:00
Sunday, Sep 21, 2008 at 22:00
Pesty
If you have more than one hard disc, and you can not get it to boot, ie keeps rebooting itself, disconnect all the other discs except the boot disc. As well as stuffing your USB it has changed the bios to not handle multi hard drives.
Bob
AnswerID:
326494
Reply By: Steve63 - Monday, Sep 22, 2008 at 14:45
Monday, Sep 22, 2008 at 14:45
Pesty,
This will happen again. Anti virus is reactive, you can't release a virus pattern until it is detected. A better answer it to split your system, preferably over 2 drives.
Drive 1 has OS and programs only
Drive two is split into two logical drives one has data only, no exe files etc, the other is ~4Gb for windows swap.
Get a $90 USB drive as well.
Redirect my documents to drive 2
Set up OS and program files. Use Acronis or similar to create an image on the USB drive. Create the rescue disk.
When this happens you use Acronis rescue disk which is linux to completely overwrite drive one. No data loss and it is quick, ~ 45 minutes on my system. Run windows update and you are done. Seperating the swap will give increased perfomance as well. If you install new software or update it just create a new image. If the hard drive dies, just put the new one in and do a restore.
You can also do images of your data.
It might sound like a lot of stuffing around but but it is so much easier and quicker than the alternatives. Down time becomes time to replace any hardware plus an hour or so not days.
Steve
AnswerID:
326556