Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't get rid of Trojans, please help


  • Please log in to reply
3 replies to this topic

#1 NerdHerd01

NerdHerd01

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 09 January 2009 - 04:10 PM

Hi:

I have a badly infected computer on our network. I have suspected it ever since I started here, never showed any cookies found in TrendMicro scan, acts strange, and the user regularly surfs on company time while busily tending to personal email. I will be locking things down over the next month. That's another story. After trying to clean some things up to get ready for Citrix, and finding her computer would not open Add Remove Programs, or let me delete icons off her desktop, I ran Malwarebytes and found 47 infections. Most listed as Fake.Dropped.Malware, Trojan.Agent, and one Rogue.InternetAntivirus.

I removed the infected files via mbab, some wouldn't remove until after a reboot. I have run SUPERAntiSpyWare, and then ATF-Cleaner. I ran mbam again - they are all still there. I cannot get rid of the infected files. I am logged into the computer as the computer administrator, not connected to the network. All of the infections are found in C:\Documents and Settings\NetworkService\Local Settings\Application Data.....

The directory NetworkService does not even exist visually, and threatens to reformat the drive if I try to browse to it through the url bar in explorer. I now officially give up and need help. Don't know what to try next short of wiping and starting fresh. Would you like me to send my mbam log? Thanks.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:23 PM

Posted 09 January 2009 - 07:25 PM

Hello please update Mbam and SAS. Run 2 scans both from your regular user account. Run Mbam fro normal and SAS from Safe mode. Please post the logs.

How to start Windows in Safe Mode
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 NerdHerd01

NerdHerd01
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 12 January 2009 - 04:57 PM

I want you to know how much I appreciate this site and your incredible help. I have decided that with the time it would take to run through all the scans and cleanings, I can wipe this machine and reformat. If it were my personal home computer, it would be different. I would take the time to try to restore it. This is a work computer that should never have gotten infected in the first place. If she loses video clips of her dogs and pictures she collects from email all day, so be it. It's getting wiped. And things are getting tightened like a drum around here.

If anybody doesn't understand how easy it is to get a computer virus, just read any 3 entries on this site. Yes, clicking on things at UTube can infect your computer and so can those cute little video clips people send you by email as a waste of time. Even with good antivirus software running in many cases.

I didn't want to just abandon this entry, but let you know you can close it. You guys are the best and I thank you for having this site and being such an excellent resource for the tech and "people" community.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:23 PM

Posted 12 January 2009 - 05:09 PM

Thanks for letting us know and for the tip o the hat,it's appreciated.
As you stated your are 100% correct on how easy it is to get infected.
These links should be of help to you in the next process.

Reformatting Windows XP

Michael Stevens Tech

Good luck!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users