Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Trojans, Anarchy and all things nice.

  • Please log in to reply
No replies to this topic

#1 Crypt Azy

Crypt Azy

  • Members
  • 1 posts
  • Gender:Male
  • Location:Nottinghamshire, Nottingham
  • Local time:07:10 AM

Posted 15 July 2009 - 12:35 AM

Hello there and first of all I'd like to say how wonderful it is to find a website that just wants to help rather than sell me something, malicious programmes aren't my fortay I'm a game designer but I have basic computer repair knowledge, but its you guys who keep the world spinning and fight the good fight. :thumbsup:

I was infected with one of those new Trojans through WMP Digital Rights Management, as soon as I accepted to download the "license" my computer pretty much died beyond my control. I own a Dell Studio Desktop with Windows Vista OS and I use Mcaffe Security Center as means of protection I received the Trojan through - never guess where - a P2P network, I know I should know better I knew there was something funny about it and now I'm paying for it. Anyway within seconds my computer displayed several error messages of which I had no time to make note of because it restarted itself not long after quickly corrupting Mcaffe to the point where it is cannot be accessed or re-installed from the HDD, and disabling all other security functions such as Windows Defender so now it wont let me turn them back on. After it restarted it displayed 7 or 8 errors one after the other and within seconds the screen froze in this horrific state where the whole screen looked like it had been smudged and pixelated.

So naturally I restarted in Safe Mode and looked for help on my friends computer which i am now using. I followed the tutorial you have on this website for manually removing Trojans using Autoruns, of course I had a hard time finding it out because it was disguised as something else maybe and I wasn't 100% sure of any of the images being the Trojan (mainly because I have so many codecs thanks to TVersity.) So I installed Trojan Hunter which was recommended to me, it identified one Trojan called 'CoreAVC0.ax' appearing as a codec but wouldn't remove it unless I purchased it (Typical), so I used Autoruns to delete it. But sadly a lot of my hard drive has become corrupt thanks to this insane Trojan. And when I try to boot up normally I get to the point where the mouse pointer appears briefly before the Vista logo and then it goes black. So back in Safe Mode I attempted to run Startup Repair, which it wont let me saying I'm currently running windows already.

So after all this what I want to know is what is my next move, have I even definitely rid myself of the infection? Do I need to create a Vista disc from my Recovery hard drive and boot from CD/DVD and try from there, if so how? Do I need to try something else? Or am I going about this like an inexperienced moron?

I am currently running Windows Memory Diagnostic Tool in hope it will help, it wont boot normally and Windows Explorer crashes even in safe mode (I can view documents for a few mins but it stops responding when I try to access control panel. Any help would be much much appreciated. Thank you in advance for your time.

P.S I apologize for any lack of hard information please do ask and I will try my best to answer.

P.P.S Restoring back to factory settings is my last resort, I have nearly 500GB of data that I don't want to loose and will find very hard to backup.

Edited by Crypt Azy, 15 July 2009 - 12:39 AM.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users