Trojan help? Badly Needed Now!!!

[magegoogles]

Hi, today I started up my computer this morning, and it came up with this box from microsoft firewall saying that I'm infected with a high risk trojan. It gives me a link to http://www.antispyware-review.biz/?wmid=4663&pwebmid=0Pm7J4ibbY&a=which as far as i can tell is safe and it gives a lists of products, but the URL seems a little fishy. But thats not the bad part. I think I got the trojan from Danger possible trojan http://ya-tracker.com/pdfdoc/flashba.pdf. I also think I got it from a link on the Tip.it fourms because in my history it was between tip.it threads.

 

 

 

I'd appricate any help that I can get on removing this. Also I've already run a full system scan, with Norton #-o . All I have. If one of those products on that one site is safe whould it also do the job? Thanks

[urbestfreind]

NOT SAFE!

 

 

 

I know that website URL, it's not at all safe. Pick up FireFox and WOT (Web Of Trust), or Site Advisor (on FF or IE), and both should block access to the page, as it did for me just now (had to make sure). Although Site Advisor is running really slowly.

 

 

 

antipsyware-review.biz review.

 

 

 

I don't know the ya-tracker.com site, but I would advise not going to it, as the name even sounds fishy to me. The ending part of the url (pdfdoc/fhashba.pdf) sounds like a piece of malware, but I can't remember where I may have heard of it.

 

 

 

If you got that link from microsoft firewall, your computer is definitely being raped by a piece of malware as we speak. It sounds like WinAntiVirus 2008 (or one of the others, like 2007), as I think my computer did about the same thing when I had it. If your background changes and says you have an infection, we have a major problem.

 

 

 

DO NOT GET DOWNLOADS FROM THAT SITE!

 

 

 

Go Here. It's a small post I made on my test forum, it has links to some programs you need to get and scan with immediately.

[magegoogles]

Thanks for the reply. So me being somewhat computer illiterate. What will this do if I cannot find it, and goes unfixed?

[sloter]

NOT SAFE!

 

 

 

I know that website URL, it's not at all safe. Pick up FireFox and WOT (Web Of Trust), or Site Advisor (on FF or IE), and both should block access to the page, as it did for me just now (had to make sure). Although Site Advisor is running really slowly.

 

.. and hog your resources.

[magegoogles]

Well That spybot thing is amazing. Its detected some 130+ malware, spyware, trojans, keyloggers, ect on my computer that Norton hasn't picked up for over a year now. Just one more question, there are two thing microsoft security center task manager and disabled. Do I want the spybot to fix those or do I leave them? Everything else I think can go.

 

 

 

Edit: I've scanned 3 times with spybot and that box will still pop up. Any other suggestions?

[urbestfreind]

Just one more question, there are two thing microsoft security center task manager and disabled. Do I want the spybot to fix those or do I leave them? Everything else I think can go.

 

 

 

Hmm..can you post what it found that you're questioning?

 

 

 

 

 

 

 

And yeah, that's why you don't use Norton..It's a horrible antivirus now. Get Avast or Avira if you don't want to pay..If you do want to pay, I hear good things about NOD32 (whoa, did I post NOD32 before DVD?).

 

 

 

A HJT log wouldn't be too bad either. Make sure you restart your computer after deleting the malware though, as it may help make some problems go away.

 

 

 

Edit: I've scanned 3 times with spybot and that box will still pop up. Any other suggestions?

 

You did scan with AdAware and Spybot right? If not, do so.

 

If you did scan with both, I would suggest downloading Comodo firewall and configuring it.

 

 

 

Might not need to, but in case you aren't clean yet: Get the installer for Avast! (or whatever other antivirus, I suggested Avast!, Avira, or NOD32). Disconnect your computer from the internet, then stop Norton from running at startup (start > run > msconfig > startup tab > uncheck norton). Restart the computer, and install Avast!. Once you are sure that the antivirus you installed is running, and Norton isn't, go online, and download the latest virus definitions for it. Do a full scan, and delete what it finds.

[VARN]

SDFIX will fix it if you have not fixed it already. Just download and run in safe mode.

[magegoogles]

So I think Ive gotten the infection. Its the first time Ive used my computer sience the searching with spybot an dnow Ive gotten all these warnings and if I'm not at the computer it will restart. And so on and so forth, it wont let me open spybot. When I clicked to exit this bloon in the right hand cornor it downloaded this XP Antispyware 2009. It auto scanned my computer but I have no idea what to do now. :wall:

 

 

 

Edit:Also I forgot to mention it wont let me open spybot scanning menu or Norton.

[urbestfreind]

So I think Ive gotten the infection. Its the first time Ive used my computer sience the searching with spybot an dnow Ive gotten all these warnings and if I'm not at the computer it will restart. And so on and so forth, it wont let me open spybot. When I clicked to exit this bloon in the right hand cornor it downloaded this XP Antispyware 2009. It auto scanned my computer but I have no idea what to do now. :wall:

 

 

 

Take a machine gun, and blow your computer to pieces. You've just been attacked by one of the nastiest pieces of malware.

 

 

 

http://www.pctools.com/downloads/afl_2-spyware/sdsetup[Caution: Executable File] This will give you a program that is designed to remove the XP antispyware...Just found it, so I put it above the below paragraph, as it seemed more useful. Make sure to install it in Safe Mode.

 

 

 

You need to go here immediately. Download the program on a non-infected computer, put it on a flash drive or cd, boot your computer in safe mode, and run it. It will attempt to remove the program.

[magegoogles]

Now that last link you gave me, will it allow me to scan the computer and remove everything else like normal again? Also how do you get Ad-Aware with out a Credit Card? Thats why I never downloaded it and I think thats how the trojan slipped through the scanners, but I'm not sure.

[Sbrideau]

There's a free version of Ad-Aware.

[Bufoman]

Ok... this is strange. I got that same damn Trojan about a week ago- either Friday or Saturday. To get the bogus pop-up, and possibly kill the thing you need to clean out your temporary internet files. Go to start, control panel, internet options, delete browsing history, temporary internet files.

 

 

 

That should stop the Pop-Up, at least it did it for me. Then run scans with Spybot S&D. I think this is also a downloader Trojan, so it will keep putting nasty stuff on your computer until you kill it. At least I got one of those in the batch, and I am pretty sure that was the one. Once I killed it, the other malware stopped re-spawning.

 

 

 

Theirs allot more you need to do to be secure, you need to check your add-ons for updates, and install them. Here is a link containing more info: http://support.f-secure.com/enu/home/onlineservices/

 

 

 

choose the health check, and you might find some of the other stuff usefull as well.

[magegoogles]

There's a free version of Ad-Aware.

 

Where? The only one I can find is that one button on the side saying free download, but it makes you sign-up for a sponsor site, and all those sites require credit cards even if your not going to buy anything.

[urbestfreind]

Free Ad-Aware Be Here! Can't get any more of a direct link to it than this lol.

 

 

 

Found some new things to help.

 

 

 

[hide=Disable 3rd Party Cookies]For Internet Explorer: go to Tools> Internet Options> Privacy> Advanced: here check 'Override automatic....'; 'Allow session cookies'; 'Allow 1st party cookies'; & 'Block 3rd Party Cookies'.

 

For Firefox: go to Tools> Options> Privacy: here UN-CHECK 'Accept 3rd Party cookies' ...Source[/hide]

 

 

 

Can't remember if I suggested this already or not, but get Malwarebytes Anti-Malware. The link is the link to the download. Run it, and hopefully remove most of your problem. You may want to give Rogue Remover Free (alt link - Rogue Remover) a try too, but I didn't see the variant you have on the list, but it can't hurt to try.

[Bufoman]

Doing this stuff might help, then again it might not: http://www.microsoft.com/communities/ne ... &sloc=&p=1

 

 

 

I wish I remembered exactly what it was I did to fix this. I am starting to think this might have been from something on TIF too, you and I are no the only one's around here who have gotten this.