I need information about how to get rid of a trojan
I need information about how to get rid of a trojan
am 16.01.2008 21:53:05 von scoobbs43
I need information about how to get rid of a trojan named =B4Dropper=B4
I clicked on something on a site I didn=B4t know(still don=B4t even know
what site it was, I just clicked on an image showing on my screen
thinking the original would be blown up).
Anyway, it invaded my PC and is installed on all of my =B4disks=B4.
I have three physical disks and several partitions. Some FAT32, some
NTFS.
The trojan is inside(at least) all of the =B4System Volume Information=B4
folders on all disks.
Avast has recognized the invasion, in real time, but it did not forbid
its entrance. Maybe because of some miss-configured parameter(I am not
blaming Avast for not stopping the thing... just want to get rid of it
for good...)
More: I have somehow discovered where the associated programs and
files were stored, by chance.
So, I tried to delete them.
It didn=B4t work, for every time I deleted the files, I had to wait for
some seconds, when copies were somehow built and re-installed...
Worse: multiple copies were done in such processes.
Still more: as the files are no System Volume Information folders, I
am not able to access them anymore. Windows forbids me to do so.
So, can anyone help me?
Is there any way to get some kind of vaccine, sent to me in an
appropriate format, so that it doesn=B4t get infected before I can use
it?
Lastly, I have tons of data I can=B4t lose in those disks. Two of them
are 250 gigs and one is 30 gigs(this one was installed in an attempt
to have a new copy of Windows XP, but I have found out it got infected
almost as soon as it was installed,,, still, the operating system is
there and working... but I am almost sure my mouse and my keyboard
drivers are affected,,, and this is dreadfull...), all of them about
60% full...
Any help welcome.
Thank you all in advance... (and please, anyone who thought of it...
don=B4t send me similar things... I can=B4t stand anymore of it... :-[ )
Foca
Re: I need information about how to get rid of a trojan named ´Dropper´
am 16.01.2008 22:52:32 von Sebastian Gottschalk
scoobbs43@gmail.com wrote:
> I need information about how to get rid of a trojan named ´Dropper´
I fail to see what kind of information you'd need to simply flatten and
rebuild the system...
> Anyway, it invaded my PC
Invasion is obviously the wrong word. I'd rather call it an "open
invitation", and since you offered this website full access to your
computer, you shouldn't wonder that it accepted this offer.
> Avast has recognized the invasion, in real time, but it did not forbid
> its entrance.
Why should it? After all, you wanted this to happen.
> Maybe because of some miss-configured parameter
Nonsense, it failed by well-defined principal limitations.
> More: I have somehow discovered where the associated programs and
> files were stored, by chance.
> So, I tried to delete them.
Why?
> It didn´t work, for every time I deleted the files, I had to wait for
> some seconds, when copies were somehow built and re-installed...
Well, what did you expect?
> Still more: as the files are no System Volume Information folders, I
> am not able to access them anymore. Windows forbids me to do so.
Well, what did you expect?
> So, can anyone help me?
Since you seems to be unable to do one of the most trivial things
(flattening and rebuilding the system), maybe you should stop trying to use
a computer?
> Is there any way to get some kind of vaccine, sent to me in an
> appropriate format, so that it doesn´t get infected before I can use
> it?
Well, why would you want to infect it? But anyway, where is your Windows
installation CD gone?
> Lastly, I have tons of data I can´t lose in those disks.
Well, but for now you have to consider all of them potentially modified.
> (this one was installed in an attempt
> to have a new copy of Windows XP, but I have found out it got infected
> almost as soon as it was installed
Which clearly shows that you must me incompetent.
> but I am almost sure my mouse and my keyboard drivers are affected
Well, that's why you downloaded them freshly or installed them from the
driver installation CD, and for sure not took the infected copy on the hard
disk, or did you? Suggested from the thing you wrote above, I really
consider that you would be so stupid.
Re: I need information about how to get rid of a trojan named ´Dropper´
am 16.01.2008 22:59:15 von comphelp
"scoobbs43@gmail.com" writes:
> I need information about how to get rid of a trojan named ´Dropper´
Hi Foca,
Sorry to hear of your troubles. That's a hard way to learn these
lessons. :-\
You are faced with an extremely invasive malware infection, and the
only reliable foolproof method to get back to a known clean state is
to flatten, reformat, and reinstall the OS from original media.
There are utilities that claim to clean things, but you can never be
sure they got "everythign" and even in the best case you're left with
a system that might no longer be the drone of some remote master, it
still wont' be terribly stable since the "cleaning" process soemtimes
rips out some functionality your OS really needs.
To get the data you need off, a utility disk like Sysresccd.org, a
bootable CD that runs Linux (without executing one bit of code off
your infected hard drive) and an external hard drive can be wonderful.
You'll have to learn the basics of mounting the disks and doing the
copying from the internal hard drives to the external box, but it's
not too bad. Tutorials are out there, and help is around for the
asking.
Once your new OS has been restored on your freshly formatted disks,
and all updates applied either from another machine with all the
patches downloaded, or much more easily, Windows Update from behind a
consumer home gateway device of some sort, youn run AV against the
data you backed up before restoring it back as data to your system,
and you can be on about your way.
Best Regards,
--
Todd H.
http://www.toddh.net/
Re: I need information about how to get rid of a trojan named ´Dropper´
am 17.01.2008 06:41:43 von unknown
Post removed (X-No-Archive: yes)
Re: I need information about how to get rid of a tro
am 17.01.2008 10:32:55 von arjunhegde
can you tell me some symptoms of what that virus is doing...like any
particular exe which u feel suspicious is running in the background or
its replicating a particular type of file etc...
On Jan 17, 12:53=A0am, "scoobb...@gmail.com"
wrote:
> I need information about how to get rid of a trojan named =B4Dropper=B4
>
> I clicked on something on a site I didn=B4t know(still don=B4t even know
> what site it was, I just clicked on an image showing on my screen
> thinking the original would be blown up).
> Anyway, it invaded my PC and is installed on all of my =B4disks=B4.
> I have three physical disks and several partitions. Some FAT32, some
> NTFS.
> The trojan is inside(at least) all of the =B4System Volume Information=B4
> folders on all disks.
> Avast has recognized the invasion, in real time, but it did not forbid
> its entrance. Maybe because of some miss-configured parameter(I am not
> blaming Avast for not stopping the thing... just want to get rid of it
> for good...)
> More: I have somehow discovered where the associated programs and
> files were stored, by chance.
> So, I tried to delete them.
> It didn=B4t work, for every time I deleted the files, I had to wait for
> some seconds, when copies were somehow built and re-installed...
> Worse: multiple copies were done in such processes.
> Still more: as the files are no System Volume Information folders, I
> am not able to access them anymore. Windows forbids me to do so.
> So, can anyone help me?
> Is there any way to get some kind of vaccine, sent to me in an
> appropriate format, so that it doesn=B4t get infected before I can use
> it?
> Lastly, I have tons of data I can=B4t lose in those disks. Two of them
> are 250 gigs and one is 30 gigs(this one was installed in an attempt
> to have a new copy of Windows XP, but I have found out it got infected
> almost as soon as it was installed,,, still, the operating system is
> there and working... but I am almost sure my mouse and my keyboard
> drivers are affected,,, and this is dreadfull...), all of them about
> 60% full...
> Any help welcome.
> Thank you all in advance... (and please, anyone who thought of it...
> don=B4t send me similar things... I can=B4t stand anymore of it... :-[ )
> Foca