Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Trojan Horse 'generic', Trojan Horse 'Cryptic'

  • Please log in to reply
1 reply to this topic

#1 AliW


  • Members
  • 1 posts
  • Local time:06:17 PM

Posted 04 June 2010 - 03:21 AM


After working on trying to help my webmaster clean up a new site design, I went to hibernate my laptop to move into the bedroom. It hadn't finished by the time I made the short trek, so I left it on the bed. When I returned, it wouldn't power on, but when I plugged it into the power supply, it booted up fine with a message about plugging it in so I didn't lose any files - the message you get just before the battery dies. At the time, didn't see any issues. I chalked it up to user error on my part even though I'd clearly seen the window indicating the laptop was about to hibernate.

About an hour later of working, I went to hibernate the laptop again and discovered that it wouldn't let me do so. It displayed the 'about to hibernate' message and then came back with the desktop. At the time, I looked at the task manager and didn't see any programs I had running/open, so I tried hibernating from there. Same message. The laptop eventually let me shut down through the task manager. Doing so from the Start Menu only brought me back to the desktop after the initial 'hibernating' message.

The following day, I noticed that when I clicked any link in Google, it redirected me to various search engine sites and then some porn sites. I tried running a virus scan at that point and I couldn't bring up AVG. I disconnected from the internet (I have wireless; I just disabled the radio), pulled it up in safe mode and ran the AVG command line search, which took about 4 hours and cleared out 6 trojan horses, I think 3 each of the above named thread. I restarted, pulled up the task manager to see if I had any programs already running and didn't see any. But when I closed it, three shortcut icons popped up on my desktop for freeporn[dot]com or something to that nature; I'd deleted them and attempted to update the AVG to make sure I had current definitions. I was able to do so and I ran Spybot as well, which only advised of a few adware things that it cleared. All seemed well.

Today, I cannot pull up the task manager at all - I have a message "Task manager has been disabled by administrator". There is a .pdf file starting out with "http:___www[dot]blowsearch[dot]com[lots of letters and numbers]" that I cannot delete from my temp folder. When trying to open Photoshop, I have errors about insufficient RAM to do the task and I get popups from my taskbar advising that Virtual Memory is too low. I've done the command line search in addition to standard search, cleared out 4 more trojan horses and when I reboot, I still have that same long file name pdf as well as no task manager and insufficient RAM messages. Additionally, the Internet Temporary Files folder is always empty now, whereas before I've had to remember "oh yah, gotta clear that out" and then peek to see if anything was left behind after doing so from the web browser.

Previous to this, it should be noted that I'm not sure where exactly I could have picked them up as the bulk of my work recently has just been the website design (i'm no tech; I'm just helping with module placements). I haven't installed anything recently, though I did see Microsoft Silverlight was installed just before the problems began and I don't recall installing that. Though when I did a web search, it *seemed* like a legit program?

Any assistance is appreciated. Whatever you need of me, I'll do.

I have an Inspiron 1501, Microsoft Windows XP Pro Version 2002 Service Pack 3, AMD Turion 64 X2 Mobile, 1.60GHz, 896 MB RAM, AVG 8.5, Spybot, and...

Edited by Orange Blossom, 04 June 2010 - 03:58 PM.
Move to AII as no logs posted. ~ OB

BC AdBot (Login to Remove)


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator

  • Moderator
  • 36,987 posts
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:17 PM

Posted 04 June 2010 - 03:57 PM


Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to try to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users