none
How can I remove Trojan Horse?

    Question

  • Hi,

     

    Hello there..good day! I just want to ask if how to remove a virus which is trojan virus..because it is infecting my computer and now all my files are all hidden..and I can't unhide them..I am using command prompt to access my files..I am using Eset NOD32 Anti Virus..but still the virus is existing!..hope you guys can help me with this problem!,..

     

    Hoping,

    Jenny

     


    T shirt
    Monday, May 24, 2010 10:36 AM

All replies

  • Monday, May 24, 2010 11:55 AM
  • I would ask this in the AVG Forums:

    http://forums.avg.com/us-en/avg-free-forum

     

    or Windows server forums:

    http://social.technet.microsoft.com/Forums/en/category/windowsserver

     


    Please follow the steps below:

     

    1. Reboot your machine.

    2. At the start-up screen, please press F8 and select the Safe Mode.

    3. After you enter the system, select the anti-virus software to scan all disks.

    4. At the start-up run, please input Msconfig and disable the suspicious startup items.

    5. How to display the hide items in system:

        Driver C>Folder options>view>show hidden files,folders,and drives>uncheck the Hide protected operating system files>

    6.After the scan finishes, please reboot the system the try it again.



    Your expertise never fails to impress :)
    Tuesday, May 25, 2010 2:01 AM
  • Disable the System Restore. If this is still turned on, the system will restore any deleted files, including those infected by the Trojan horse. This can be done by going into the My Computer file and looking for the Performance option. Then select File System, Troubleshooting and Disable System Restore.
    Turn on the computer and run it in safe mode. Restart the computer and when the words begin appearing on the screen, press the F8 key. This takes you to a new screen, where you'll select the safe mode option.
    Go to the Control Panel by clicking on the "Start" button at the bottom left-hand side of the screen and looking for the Control Panel. Select the Add or Remove Programs icon. The computer should then show a list of all programs existing on your system.
    Look for programs that include Spyware or adware on your computer and select the Remove program option. Many users have found it helpful to look for programs that they didn't install and those that were installed when they downloaded a game or other program onto their computer.
    Open the Windows System folder and delete all files that include the Trojan virus extension. Go through the list twice to make sure you removed all virus files. Then restart the computer in normal mode and check the folder again. If all the files are gone, you'll be ready to move on. If there are any remaining, remove them and restart the computer.

     

    Wednesday, May 26, 2010 7:43 AM
  • Did you try pulling the hard drive out and accessing your data from another computer?
    You will likely have to modify the file system permissions in order to access your data.
    Its hard to say for sure unless you know exactly what virus nailed you.

     

    Chris Ondo

    CFCEcorp.com

    Here is a link to my tech blog

    If you have no luck I hope you have a backup of your computer.

     

     

    Thursday, May 27, 2010 12:02 PM
  • Hi

    First I would recomend you use Avast. This is really a awsum anti virus program and the best thing of all its free!!! :-) !!! it would preven this from happening in the future.

    K once you have installed Avast on your PC just reboot and do a bootime scan during the install i think it would prompt you for the boot time scan. You can download it from www.avast.com

    Hope this resolves your problem.

    Best regards

    Colbert

     

    Friday, June 04, 2010 2:05 PM
  • Hello,

    o    Hello Bobsuter,

    Combofix is a freeware (a legitimate spyware remover created by sUBs), Combofix was designed to scan a computer for known malware, spyware)

    Search for the Combofix software in the search engine and try that. OR

    Microsoft® Windows® Malicious Software Removal Tool (KB890830)

    http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en 

    It may help you.

     


    MicroSoft Exchange Admin. & Connector EXCHANGE2010, MCSE, MCTS, MCSA MESSAGING, CCNA & GNIIT
    Tuesday, June 08, 2010 4:01 AM
  • The bad thing about Trojan Horses: Trojan Viruses are quite difficult to find.

    I would suggest you to install avast antivirus to remove trojan from your system. I am also using it on my machine. It is an awesome product.

    You can also try to clear the temporary internet files and delete them manually.
    Please refer following site for more information :

    http://www.avtc.org/how-to-remove-trojan-general.html


    Hope, it helps

     

    Wednesday, August 18, 2010 7:18 AM
  • Dear Jenny,

    Sorry to hear that your system is infected with Trojan Horses! These kind of infections have proven to be extremely tough to detect and remove. However, there are some tricks to removing them 100-percent, but require technical know-how!

    Now, if your current antivirus/antispyware combo software do not support boot-time scans, you can download and install Avast. Make sure that this feature is enabled during setup, then restart the computer and perform boot-time scan. Remember to turn-off system restore before performing those functions. Upon completion, your PC should be free of Trojan Horses. If you need more advanced tips, chat with virus removal support experts today.

    Cheers,
    Able

     

    Tuesday, August 24, 2010 8:21 AM
  • The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder.

    Microsoft® Windows® Malicious Software Removal Tool (KB890830) 

    This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

    Its free, effective and afterwards do not forget to run Security Essentials to ensure the virus has been removed.

    All the best

    


    JKB
    Tuesday, May 31, 2011 4:42 PM
  • I would recomend using Avast too.

    SEO Forum | SEO Company | Webmasters Forum

    • Edited by Fave SEM Sunday, October 09, 2011 5:33 AM
    Friday, June 24, 2011 2:41 PM
  • Boot via active boot disc.. you can download it.. and is free.. therefore backup all your data.. via safemode... in any case.. re-install your OS will be the best choice :D don't bother wasting the time to troubleshoot it.. in any case if you wish to troubleshoot.. you might need to proceed with registry hive troubleshooting.. which is a total waste of time.. haha grab your files and reinstall the OS :D
    Guowen Su | CCNA, CCIP, MCP, MCSA, MCSE, MCTS, MCITP, CEH | http://www.microsoft.com/en/sg/default.aspx Our Goal? VERY SATISFIED Customers. If you're not...let's talk!! Please don't vote me for answers... because i do not want others to feels that i'm cheating ? :) In any case God knows :)
    Sunday, June 26, 2011 2:23 PM
  • Is it now ok? If not, the only solution I can think of is to format your hard disk..

     


    Denver Microsoft Training
    Tuesday, June 28, 2011 7:51 AM
  • I have had this issue on two xp clients of mine, first, if the " fake viruse software" is up on the screen, go to taks manager, right click on the application and then click " go to proceess" copy the file path and past it into the run line ( you will need to enable show hidden files) delete the .exe file that is causing that trogan to run. next run spybot , malware bytes and smith fraud fix.  once you have removed the malware, run your antiviures program ( should say this is easier in safe mode) once the machine is clean, i would suggest if its xp to uses an oem xp cd and do a repair istall so that all of your hidden files are get their correct file permissions, i you are on the newerv os that microsoft thought it would be a great Idea to get rid of the repair isntall, then you will have to do a mass un hide.. I have not found an easy way to do this, however, It appears that folders witht he OEM hidden permissions will not allow you to set them to un hidden, so I have tried in the past to try to right click on a root folder un check the hidden folder and allow it to apply to sub folders, when it gets to a folder that is suppose to be hidden you will get an error and have to tell it to skip...

     

    good luck

    Wednesday, July 06, 2011 2:26 PM
  • my sugestion,

     

    1. download MSERT

    http://www.microsoft.com/security/scanner/en-us/default.aspx

    2. reboot computer in safe mode with command prompt

    run the downloaded MSERT.exe and run a full scan and that should get rid of the scanner

     

     

    Tuesday, July 19, 2011 11:57 AM
  • Hi Jenny!!

    Use Bitdefender antivirus or download cureit from the follwing link, it will surely remove trojans and other virus.

    http://www.freedrweb.com/cureit/?lng=en

    Thanks and Regards,

    SHOAIB.

    Wednesday, July 20, 2011 7:14 AM
  • Hi Jenny, a virus could not be removed, may be:

    1, the virus could not be detected by the anti virus;

    2, the Virus was picked up, but could not be removed as the virus process could not be terminated;

    3, the virus was picked up and removed, but the virus keeps coming back.

    If you are an ordinary user, please do the following:

    1, turn off System Restore;

    2, delete Internet Temp files;

    3, disconnect the network and take a full system scan for virus. Quarantine or remove the virus when prompted; Restart PC. If the virus is still there, go to step 4 and 5.

    4, Check Startup menu from Start --> All  programs -- Startup and delete suspicious programs;

    5, Windows Key + R to bring up Run Box, type in MSCONFIG and then hit Enter, click Startup tag, uncheck suspicious programs. Click OK to quit and restart your computer.

    6, Make sure the virus is not being scheduled to download from the internet again. Please click Start --> All Programs --> Accessories --> System Tools --> Task Scheduler. Under Active Tasks, disable suspicious tasks.

    7, Run the Anti Virus in Safe Mode. If it is successful, please turn the System Restore back on. If no luck still, please let us know the virus program name here. We would try to help you further.

    If you are super user, we would post more advanced techniques to help you further.

    Regards,

    Henry

    Tuesday, June 19, 2012 12:11 PM
  • Yes you are right! I also encountered a trojan Trojan.Spy.Banker.AGD that slow down my PC entirely. I removed it immediately by scanning my whole computer. You can also scan your computer with antivirus.

    http://www.scanforvirus.org/get-rid-of-trojan-spy-banker-agd-virus-from-your-pc-how-to-deleteremove-trojan-spy-banker-agd

    Wednesday, August 01, 2012 12:44 PM
  • Run HitmanPro to get rid of trojan infections

    http://www.techvts.com/download-hitmanpro

    Monday, August 06, 2012 10:56 AM
  • It works for me.
    Friday, April 05, 2013 9:07 AM
  • Hey this is really a difficult situation when your PC got infected with trojan horse. All the files and folders that are present on the PC becomes inaccessible in this case. To get rid of this situation and to make PC free from virus or malware you need to use Trojan horse virus removal tool. It scans Windows PC and remove virus automatically. If you are getting such condition with your system then choose the best tool to get rid of trojan horse. 
    Wednesday, May 08, 2013 11:11 AM