Computer Newbies

General discussion

Trojan virus

by lisashay517 / November 2, 2009 2:37 AM PST

We downloaded a game from Play Sushi and it automatically added dogpile onto our system. Since I have tried to remove all of it, we have been infected with a worm. The computer will not let us open the system in regular mode. We can only start the computer in safe mode, which Norton will not run in safe mode. I did a deep scan with counterspy and it came up with the funhouse and Win.32 trojan infections. Now, I can't get the program to remove the files. I have tried to download other programs to remove this, but it won't let me. The message says something about the website not being available or can't be found. What else can I do to get rid of these worms?

Post a reply
Discussion is locked
You are posting a reply to: Trojan virus
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Trojan virus
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Please Try This...
by Grif Thomas Forum moderator / November 2, 2009 3:09 AM PST
In reply to: Trojan virus

On a friend or family member's computer, download the Malwarebytes installer and update files from the links below, copy them to a CD or flash drive, then transfer the files to the problem machine and use them. If you can't start the computer into "normal" windows, try installing, updating, and running the scans AFTER the computer is started into Safe Mode.. I use the sites below to download the installer file and the manual updater:

Once downloaded and before transferring them to the problem machine, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe

Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/database/mbam-rules.exe

Next, download the SuperAntispyware program and the manual updater from the links below. After running the Malwarebytes tool above, if you still can't download and install it directly from the problem machine, download it on a friend or family member's computer as well. After installing and updating SuperAntispyware, run another full system scan and delete everything it finds as well. As before, you may need to rename the installer file to get the program to install.:

SuperAntispyware
http://www.superantispyware.com/

SuperAntispyware Manual Updater
http://www.superantispyware.com/definitions.html
____________

In a few situations, in order for the program to run, it was also necessary to rename the main "mbam.exe" file also after installing it.. It resides in the C:\Programs Files\Malwarebytes Antimalware folder....
_____________________

Hope this helps.

Grif

Collapse -
This is surgery operation on PC
by Mark-Brown / November 9, 2009 7:42 PM PST
In reply to: Trojan virus

OK these is steps:
1. download hijackthis http://free.antivirus.com/hijackthis/ from trend micro antivirus. Put on your computer.
2. do not use instaler you have there exe verson. Some times you cnat start instaler.
3. Start your hijackthis removal tool, remove every settings in your pc, with that tool.
4. If you can't do that you must kill your graphical gui explorer.exe in task menager:
1.Open hijack this
2.Open task manager ctrl+alt+delete keys on keybord (same time)
3. In proces find explorer.exe (that is graphical gui)
4. End that proces (you will se only task manager window and hijack window)
5. Close task manager
6. Do scan with hijackthis (your sistem is let go your files and you can delete them now)
7.delete your suspicious files

Time to return your GUI
8. Start taskmanager ctrl+alt+delete
9. In menu File\Run insert explorer.exe press OK
10. You have your GUI back
Important !!!!!!!!!!!!!!!!!!!!
1.First try to open and close task manager start and stop graphical GUI
after you are familiar with this you can repeate steps in process above.
2. You can try this with any removal tool because in this case windows will let you to delete suspicious files from HD.
3. Spyrewares use windows GUI for their activities and antivirus cant see them because they became part of windows graphical user interface (GUI).
When you shoot down this GUI you can delete their source files

Collapse -
Just A Note Of Caution About HijackThis
by Grif Thomas Forum moderator / November 10, 2009 1:34 AM PST

Although running HijackThis is not bad advice, your request to "delete your suspicious files" in number 7 is a VERY important step and should NOT be done by those who are "Newbies" which this forum caters to. HijackThis identifies all sorts of running processes, including legitimate ones, and knowing which ones to remove is EXTREMELY important. Instead there are specialized forums which are able to interpret the HJT logs and direct users which detections are part of malware infections.. For specific instructions in the user of HijackThis, see the link below:

FYI - PLEASE do NOT post any HJT logs in this forum !]

Hope this helps.

Grif

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Tech Tip

Know how to save a wet phone?

It's not with a dryer and it's not with rice. CNET shows you the secret to saving your phone.