View Full Version : Another IT Help thread
Popped round the mother in laws house for a lovely spot of roast beef.
Unfortunately the price for said meal was to have a look at her laptop.
She had a trojan which would open on windows startup and demanded you pay £70 to the police and wouldn't let you click anything or close the program.
I booted in safe mode, ran msconfig and disabled the offending program and deleted the exe, also deleted a reg entry.
Problem is now, certain services cannot start, it's as though the local system password has been changed.
The main downside of this is the wifi wont work.
On XP you could just select manage, users, and change the password there.
Anyone know how to do this in Win7
Chz
andrewsmith
19-10-12, 09:30 PM
Normally safemode and going to ODBC (I think! Never did this in a good while)
Allowed you wipe out Administrator and recreate Admin2 with password. That Win XP again, PM Soulkiss he might know a better way
Well you're all useless, got bored of waiting for an answer and did a system restore.
Luckily there was a restore point from last week.
That's not fully removed the offending items as trojans bypass files that are monitored by system restore and will infect again.
Download malware bytes from here
http://www.malwarebytes.org run a full scan. It will take a few hours.
Sent from my GT-I9100 using Tapatalk 2
When I last got hit, none of the usual tools sorted it as it infected the IPL. If you manually went around stopping autostarts and deleting exe's, it just came back. Even creating dummy write-protected files with the same filename didn't stop the bugger. I found one tool that was free and worked. Hitman Pro It sorted the IPL then went off and sorted all the other damage. The usual malware and virus stuff declared no problem before, during or after.
This was all in an XP world but I'm sure Hitman will work on W7 too.
May be worth trying this next time.
However restorepoint recovery is usually by far the best solution for parental support situations especially if they've "had a go" themselves.
Both Norton and Windows Defender can't find anything and it looks like it's working at the moment so I'll see how it goes.
She just opdated her Norton subscription too at 30 odd quid or whatever it is. I knew those things were a waste of money.
Thanks for the replies
andrewsmith
19-10-12, 09:48 PM
AVG is the best one!
All I've got at work and its the free one
Same as what I use. Never had a problem and I visit some pretty dodgy websites ;-)
Both Norton and Windows Defender can't find anything and it looks like it's working at the moment so I'll see how it goes.
She just opdated her Norton subscription too at 30 odd quid or whatever it is. I knew those things were a waste of money.
Thanks for the replies
Still recommend running hitman. I've got all sorts of AV and anti-malware stuff and none of them picked up my issue. I only knew something was wrong as it kept re-proxing my browser. Decent trojans declare themselves safe in your detector software so don't get picked up.
Norton is crap it couldn't find a virgin in a Nunary.
Use avast its free and quicker than avg.
Avg is ok but slow and processor intensive.
Sent from my GT-I9100 using Tapatalk 2
SoulKiss
19-10-12, 10:32 PM
My dad got something like that, had my Brother in Law,(lives closer than me) completely hose the system and start again.
Also, cancel all credit/debit cards and change all passwords.
Might be seen as overkill, but I always did like the line from Aliens...
"Take off and nuke the site from orbit, its the only way to be sure".
For AV, use Microsoft Security Essentials.
Fallout
19-10-12, 11:22 PM
Don't forget the education part of this whole palava:
- Never open an email with an attachment unless you know the sender
- Never click a link to a website from an email unless you're sure it's kosha (even if the written address looks ok)
- Don't download any files unless you're sure they're from a reliable source
- Don't click any ads
- Don't go to dodgy websites
etc.
Should save you some hassle in the future.
Don't forget the education part of this whole palava:
- Never open an email with an attachment unless you know the sender
- Never click a link to a website from an email unless you're sure it's kosha (even if the written address looks ok)
- Don't download any files unless you're sure they're from a reliable source
- Don't click any ads
- Don't go to dodgy websites
etc.
Should save you some hassle in the future.
Try telling that to your porn-surfing peer to peer downloading serial cracking mother-in-law.
I was pretty close to nuking mine until I discovered hitman. Don't know how it does it but it got it sorted. Another tip is to use an online malware/virus checker from time to time in case your local instance has been compromised. something like Fsecure is a good bet.
I had that nasty. I'm not an IT person but googled how to get rid of it. It took me 4 hours and a LOT of messing around but I finally god rid without having to start from scratch. I had to use a couple of downloadable programs.
vBulletin® , Copyright ©2000-2025, Jelsoft Enterprises Ltd.