We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
The MSE Forum Team would like to wish you all a Merry Christmas. However, we know this time of year can be difficult for some. If you're struggling during the festive period, here's a list of organisations that might be able to help
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Has MSE helped you to save or reclaim money this year? Share your 2025 MoneySaving success stories!
HELP!!! Trojan and backdoor virus on my pc
interlcore
Posts: 198 Forumite
My nephew was doing his homework and searched for pictures with Google, clicked on a picture and immediately a whole load of viruses came onto my computer.
There was red flashing warning signs under the 'shared folder', 'my folder' and C drive. Each one had a different number of viruses alerted. The C drive had 10 viruses and the others has 8 each.
I immediately run AVG anti virus protection (free edition) which has always been great in the past. The scan detected 1 virus (a trojan).
A Windows window pops up saying I have viruses and do I want to delete and protect from these files. I click ok and the red flashing warnings under my folders and C drive change to 4 for the folders and C drive has 6. The same window pops up and I click ok again. I now have 9 under my folders and 12 for the C Drive.
The Windows window listed the viruses which included a few trojans, malware, backdoors and a few other ones which had different levels of threat: medium, high and critcial.
I ran AVG again and it found nothing on my pc. Are the viruses really gone or they hiding?
p.s. I looked in AVG's virus vault and there's 3 malwares there with the same name TR/Crypt.XPack.Gen and a warning of Corrupted executable file
There was red flashing warning signs under the 'shared folder', 'my folder' and C drive. Each one had a different number of viruses alerted. The C drive had 10 viruses and the others has 8 each.
I immediately run AVG anti virus protection (free edition) which has always been great in the past. The scan detected 1 virus (a trojan).
A Windows window pops up saying I have viruses and do I want to delete and protect from these files. I click ok and the red flashing warnings under my folders and C drive change to 4 for the folders and C drive has 6. The same window pops up and I click ok again. I now have 9 under my folders and 12 for the C Drive.
The Windows window listed the viruses which included a few trojans, malware, backdoors and a few other ones which had different levels of threat: medium, high and critcial.
I ran AVG again and it found nothing on my pc. Are the viruses really gone or they hiding?
p.s. I looked in AVG's virus vault and there's 3 malwares there with the same name TR/Crypt.XPack.Gen and a warning of Corrupted executable file
0
Comments
-
Download MALWAREBYTES (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_malwarebytes_anti_malware/
Open malwarebytes and goto UPDATE and click 'check for updates'. After its updated goto SCANNER and click PERFORM QUICK SCAN then click SCAN
Remove everything thats found (needs to be ticked)
Post the COMPLETE log here AFTER youve deleted everything it finds
If anything was found then do the exact same but run a FULL scan
reboot
Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
Click MAIN MENU then DO A SYSTEM SCAN AND SAVE A LOGFILE(Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log)
If you get a message that you cant write to the hosts file then Press the SHIFT key, and whilst holding it RIGHT CLICK and select RUN AS (admin):idea:0 -
Thank you. I'm doing a quick scan right now.
I 4got to add... while I was on the screen with all the virus warnings, if I clicked to go somewhere else, a box would pop up asking if I wanted to download a file from a website I've never heard of.0 -
Malwarebytes is not responding.0
-
Reboot and keep pressing F8 to get into SAFE MODE WITH NETWORKING and try malwarebytes from there:idea:0
-
Is responding now.
I was reading more about backdoors and it says the best and safest option is to reinstall the entire computer and to inform any backs or credit card companies of what has happened. Should I do this right now?0 -
Unless youve done any internet banking since the incident (which I assume you havnt) id call it overkill to inform the banks etc. Not to mention creating more problems
Thats entirely your call
If you know how to format and reinstall the operating system that indeed would be the safest option:idea:0 -
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5561
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
20/01/2011 20:50:42
mbam-log-2011-01-20 (20-50-42).txt
Scan type: Quick scan
Objects scanned: 209212
Time elapsed: 42 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)0 -
This is the full scan log
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5561
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
20/01/2011 22:10:04
mbam-log-2011-01-20 (22-10-04).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 366122
Time elapsed: 30 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)0 -
Would the best option be to use the recovery disk and start everything all over. I don't have anything on my pc that I mustn't lose. I'm prepared to reinstall everything if this is the safest option.
I haven't done any online banking since this virus. Does past online banking, Paypal use and buying from online stores be risking my personal info? Or is just anything from here on?0 -
Update malware bytes again and run the scan again.."If you no longer go for a gap, you are no longer a racing driver" - Ayrton Senna0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.9K Banking & Borrowing
- 253.9K Reduce Debt & Boost Income
- 454.7K Spending & Discounts
- 246K Work, Benefits & Business
- 602.1K Mortgages, Homes & Bills
- 177.8K Life & Family
- 259.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards