Hello all,
last week my internet service provider has removed my internet connection, because apparantly I have been spreading a trojan horse. Seems I got a virus or two on my computer.
When I called the ISP they advised me to format the computer and do a complete re-install. Being Dutch I want to take the easy way out… but do not know yet how.
The problem I got is that the trojan horse removers do not work without internet. My current virus scanner obviously needs to get its virus definitions updated. Without internet that won’t be possible. I considered installing a new virus scanner, but then I would still need to send the password and subscription and whatnot to them… which is also not possible without internet. Not to mention that it too would probably need updated virus definitions.
So what can I do now? Is there really no alternative to formatting the computer? If I do format the computer, will I need to format all hard-drives or only the C:/. Also, I got two hard drives each split into three partitions. If I format the C:/, will this then also format all the partitions on this drive?
p.s. 1) This was typed from the company computer.
p.s. 2) I tried dangling a carrot in front of the computer, but the horse won’t come out. Should I try a sugar? 😉
p.s. 3) I tried shouting I am SPARTA but no luck either scaring them trojans away. 😎
By: BlueRobin - 18th December 2007 at 14:47
ShieldsUP! is a nice little web-based util that test out your firewall
http://www.grc.com/default.htm
I often use Spybot to track down and stop startup items.
By: frankvw - 18th December 2007 at 08:58
Maybe just worth a try, but, have a look at a software called spybot. It can get a lot of spyware. You can download the software, and the signature files from anywhere, but them on CD, and install them home.
By: tenthije - 18th December 2007 at 08:46
If you have installed all your programs and games on the C:, then that is likely to be the only drive that needs reformatting.
I suppose that’s bad news. I got the C drive reserved for operating programs, Windows, Office, virus scanners etc. The games go on a seperate drive. My photos on another drive and my assorted other docs and internet cache on another drive still. Had hoped that by keeping the internet on another drive I would avoid any malware infecting C drive.
Biting the bullet and reformatting the C: drive will be a lengthy job, but will have the bonus of geting rid of a lot of accumulated junk, making your computer more reliable.
True, and I have been considering the advantages of doing so. Still, a long job that I can do without. At least with christmas I will have a few days off.
CD or DVD. Haven’t you?
My own photos are safe on CD-ROMS (still no DVD burner in my PC). For added safety these are actually with my parents. Should my house burn down then at least I will have a back-up of the older photos. On top of that I have another back-up on a image-tank.
Am I correct in assuming that malware can not enbed itself into .JPGs and .MP3s? If it can my image tank is also at risk, though only a small risk as I have not had to do a back-up for a while. Fortunately the photo season has been over for a few weeks already.
Decent antivirus software, regularly updated, and a half-decent firewall (ie, NOT the built-in Windows one) are absolutely essential these days.
I though I had, and with auto-update as well. That’s what surprised me. Must be a recent virus.
The critical way thing you must do to prevent further infection is to not use Internet Explorer. You must be proactive and not rely on applications that are reactive
I stopped using IE a year and a half ago. Instead I use Avant browser which is very nice. It beats Firefox in that it is relatively unknown and therefor not interesting for hackers.
All the below is free
All the below requires internet access to obtain, which I do not have. Also, I run/ran win98. I’ll see if XP can run on my system. I think it does but my dad won’t let me use his XP CDs. He is affraid that by having the same install twice (his and mine PC) he gets into problems.
Most broadband routers come with one. This isolates machine from the box dealing with the comms. Make sure the firewall is properly configured.
Had that.
I tend not to install Windows Updates if I have the above running. This is purely for stability reaosns, Microsoft can introduce more problems than they fix.
Hmmmm, something to consider since I have had the Win-Up running.
Sounds like your ISP provider should take a bit more responsibility. There are several anti virus anti trojan sites on the internet and several will let you use webpage based scanners to find the various little bggrs and provide information including specific tools to remove certain hard to get bugs.
I did tell them I wanted to get online for half an hour or so to get onto the anti-trojan sites. They would not let me. Suffice to say that when I am back up and running I will re-consider my ISP. Won’t do that till late january when all the holiday festivities are over.
If you have a landline, you could always hook up your modem and try to update your security software, via a landline. I would be tempted to call your ISP and see if they would temporarily lets you hook up to update your software. Otherwise you have to use a landline and an auxiliary ISP.
I have a landline and got no wireless hubs, routers, modems or whatnot. And my ISP cut me off. I might perhaps get a new ISP account, but since it is december by the time they have send me their modems, log-ins etc I will have been able to format and re-install the computer twice over. And then there are the costs associated with having two ISPs.
If you back up any of your files, you have to be careful that you’re not reinstalling the malicious software. Hopefully you backed up your software before you were infected. Otherwise you have to bite the bullet or risk installing the malicious software.
Fortunately all the programs worth saving I got on the original installation discs (windows, office, some games). Only the smaller freeware programs will require a new download, stuff like Avant Browser, Neatimage, ViewEXIF. For most of those I probably still got the installation file anyway somewhere on the computer.
I would stay away from sites that offer porn, hacks, ect…. be very cautious of free stuff. It’s often a trick.
Thanks dad. 😉 I knew that.
By: ATFS_Crash - 18th December 2007 at 05:34
If you have a landline, you could always hook up your modem and try to update your security software, via a landline. I would be tempted to call your ISP and see if they would temporarily lets you hook up to update your software. Otherwise you have to use a landline and an auxiliary ISP.
Otherwise I would suggest a full format and reinstall, which is about the only way to to be fairly sure to get rid of most malicious software.
If you back up any of your files, you have to be careful that you’re not reinstalling the malicious software. Hopefully you backed up your software before you were infected. Otherwise you have to bite the bullet or risk installing the malicious software. If you try/risk to reinstall files that were backed up after you became infected, it would be best if you scanned it with updated security software before installing.
Beware, not all security software checks for Trojans. Even some of the best security software out there will miss a lot of Trojans and other graywhere. I would stay away from sites that offer porn, hacks, ect…. be very cautious of free stuff. It’s often a trick.
Some of the sites that spammers are spamming contain malicious software that is similar to a virus, that is frequently called a Trojan horse.
This is an example of one of many of the Trojan horses that is at web sites that some are spamming.
Trojan Horse: Zlob
The “Video ActiveX Object” download is supposedly necessary for viewing porn at certain websites, but it is a harmful Trojan Horse program from the Zlob family, which will infect your computer with adware that harrasses you to buy worthless, bogus “security” software from the WinFixer gang. You will also find this fraud scheme used with “Image ActiveX Objects” and “NewMediaCodec.” Avoid them.
Most antivirus programs DO NOT detect these Trojans. So use your common sense and STAY AWAY from risky types of websites (warez, cracks, serials and porn), because antivirus software probably won’t save you from embarrassing and dangerous infections.
Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
http://www.siteadvisor.com/sites/idolikemovies.com/postid/?p=457289
http://research.sunbelt-software.com/threatdisplay.aspx?name=Zlob.Media-Codec&threatid=44478
By: Arabella-Cox - 18th December 2007 at 05:02
Sounds like your ISP provider should take a bit more responsibility. There are several anti virus anti trojan sites on the internet and several will let you use webpage based scanners to find the various little bggrs and provide information including specific tools to remove certain hard to get bugs.
A complete Hard Drive reformat and then a clean installation of the operating system will only take a couple of hours but if the problem bug is on any of your memory sticks or a camera card or other memory storage device and you insert that back into the computer all of a sudden you are back to square one and have lost all your data.
I personally use AVG (free for home use virus checker) and Zone Alarm (free for home use firewall. Both seem fine as long as the virus checker is constantly updated. A firewall set up to only connect to the internet when you give express permission means that when the trojan tries to spread itself via your email quietly in the background you have a better chance of detecting it.
By: BlueRobin - 17th December 2007 at 18:50
The critical way thing you must do to prevent further infection is to not use Internet Explorer. You must be proactive and not rely on applications that are reactive
All the below is free
Stick to Windows XP for now
Install Service Pack 2
Have your PC sit behind a firewall (that is separate from your PC). Most broadband routers come with one. This isolates machine from the box dealing with the comms. Make sure the firewall is properly configured.
Use another browser. Firefox will work 95% of the time. If there’s an IE-only site and you can trust it, by all means fire up IE.
Install AVG from http://free.grisoft.com
I tend not to install Windows Updates if I have the above running. This is purely for stability reaosns, Microsoft can introduce more problems than they fix.
By: Grey Area - 17th December 2007 at 18:08
In all honesty, Peter, there is no easy way out of this one.
In your situation I’d bite the bullet, format the C: drive and reinstall Windows.
Make sure that you don’t format any drives containing your pictures – which, of course, you’ve already backed up onto CD or DVD. Haven’t you? :rolleyes:
Decent antivirus software, regularly updated, and a half-decent firewall (ie, NOT the built-in Windows one) are absolutely essential these days. Don’t let anyone tell you otherwise! 😎
By: Mercurius - 17th December 2007 at 17:46
If you have backed up your C: drive, you could try a restore from that backup.
If you haven’t got a backup, head down to the nearest shop that sells computer parts – cases, hard disks, graphics cards, and that sort of thing – and see if they can recommend a repair guy who can help. It should be possible for a good technician to save the day by killing the trojan, but it might take time and be a bit costly. If he knows what he’s doing, he should be able to save your stored emails, address book, browser favourites, and so on.
Perhaps he would quote you an estimated price for a repair. A ‘clever friend who knows all about computers’ can be a risky alternative that ends up making things worse…
If you have installed all your programs and games on the C:, then that is likely to be the only drive that needs reformatting.
Biting the bullet and reformatting the C: drive will be a lengthy job, but will have the bonus of geting rid of a lot of accumulated junk, making your computer more reliable.
Good luck with your problem.
Mercurius Cantabrigiensis
Sign In
December 17, 2007 at 3:04 pm