Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! I *might* Have Trojain.win32.patched!


  • Please log in to reply
7 replies to this topic

#1 tymothy1994

tymothy1994

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 24 December 2007 - 02:27 AM

Ok im on my dads computer right now, its 2 am, and about a hour ago after i finished going to some sites that had free games on them i open up internet explorer, go to google, then as soon as i type ANYTHING this info box comes up saying Your computer is infected with Trojan.win32.patched! This could screw up your computer etc etc then it says click ok 2 download something 2 kill the viris, which i know is a scam and will put another viris on my computer. when i exit out of the box there one result for my search then under it it says Your browser has been Hijacked! Your result have been replaced with porn stuff etc.. then under it are 2 resualts saying youtube and porn videos which i know are fake cus u cant put porn on youtube and under that is the rest of my results. Ive downloaded F-secure and Ad-Aware and started a scan on both of them, there scanning now. Plz someone tell me how to get this stuff off of my dads computer! i live in a house with my dad his girlfriend and a 10yo kid!

Every time i click something the info box comes up, the site making these info boxes and stuff is www.Files-secure.com IF YOU CLICK IT AND GET A VIRIS ITS NOT MY FUALT, IM JUST LETTING YOU KNOW WHAT IT IS.. Please i have 2 go 2 church tomarro and i dont want to be up all night with this. And i certanly dont want my dad to get on his computer and see all of this stuff. Plz help!!!

OK the ad aware scan is done it says i have no critical objects, but 31Privacy objects. The 2 familys are Tracking Cookie and MRU object. What does this mean? do i not have the viris?


I did a full system scan and a spyware cleaning with F- secure. The full system is still scannning but the spyware found 1 thing and its a tracking cookie.. I dont get it.!

The full system scan is done, and it says Scan Complete- No malware found.. Huh??? someone plz help!


**I copied this directly from my yahoo asnwers post so it may not make alot of sence but you should get the idea so help!!

BC AdBot (Login to Remove)

 


#2 tymothy1994

tymothy1994
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 24 December 2007 - 02:37 AM

Someone plz help me quick? its 230 am and im going 2 church tomaro!

#3 spaceship9

spaceship9

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 24 December 2007 - 02:40 AM

you can't expect instant replies to anything...
prevention is always the first step
I'm not a pro but i got something similar once and here's what i did to solve it:
install Spybot search and destroy
-scan and remove everything bad
AVG antivirus
-scan and remove again
Ewido
-same as above
Ad-aware
-same
avast
-same

:thumbsup:
pretty much I used everything on the machine, but it went away
I also killed explorer.exe at the first second and killed all processes i didn't know or which were obviously new..

#4 tymothy1994

tymothy1994
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 24 December 2007 - 02:44 AM

I just installed s&d. scanning now.

#5 spaceship9

spaceship9

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 24 December 2007 - 03:07 AM

you may need more then one or two passes

#6 tymothy1994

tymothy1994
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 24 December 2007 - 03:12 AM

NEVERMIND!! AFTER I FINISHED THE K&D SCAN I DELETED THE STUFF THEN KILLED MY BROWSER THEN BRAUGHT IT BACK UP AND ITS GONE NOW YES!!!! THANK YOU ALL FOR YOUR SUPPORT AND ASNWERS!!

#7 spaceship9

spaceship9

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 24 December 2007 - 03:16 AM

it's advised to reboot and make sure it's really gone
it may just be temporarily removed with other traces still hiding ready to give birth to the virus once more like the phoenix from the ashes
that would not be good if you think it's fixed then tomorrow the computer is turned on and tada it's back

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:07 AM

Posted 24 December 2007 - 10:04 AM

...i finished going to some sites that had free games on them i open up internet explorer, go to google, then as soon as i type ANYTHING this info box comes up saying Your computer is infected..

In many cases, online gaming sites are infested with a smörgåsbord of malware and an increasing source of system infection. They can lead to other sites containing more malware which you can inadvertently download without knowledge or consent. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Gaming sites can put you at risk to fraud, phishing and theft of personal data. Even if the gaming site is a clean site, there is always the potential of some type of malware making its way there and then onto your system.

...what if the company behind the games isn’t as trustworthy as it should be?...how would you know?...And, to be able to play, you always have to download a little program...But how do you know that you only have downloaded the required software? Are you really certain that your computer isn’t being infected with some sort of unwanted spyware cookie, spyware or adware? Or, worse, a Trojan!...

Why online casinos and online poker rooms can be hazardous

...Anyone who like to play free online games is also at great risk. Many of these free online games...are loaded with spyware...

How did I get spyware on my computer?

You should also do this:

Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet.
Please download and install SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)
  • Under the "Configuration and Preferences", click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users