News:

And we're back!

Main Menu

Help with Trojan

Started by Josephus, June 24, 2011, 08:42:17 AM

Previous topic - Next topic

Josephus

FWIW, i didn't do any of this stuff. Using my secondary account I downloaded a different anti-virus program becuase the one I had installed was deactivated by the trojan. With this new one I scanned my computer, it found the trojans and ostensibly deleted them. I logged back onto my primary account, the infected one, and while I was no longer getting the annoying "Your computer is fucked" pop ups, I still was unable to access the desktop which was black. I did an explorer exe command but that didn't seem to do much, but at least I was back in control.
Except the next time I logged on it seemed to be taking its time and it said "preparing desktop". Turns out I lost, or it lost, my primary account and I could only log onto to it as a "temporary user".  I am no longer able to log onto the primary account. I can still work on my secondary account which is what I'm using for now.
Civis Romanus Sum<br /><br />"My friends, love is better than anger. Hope is better than fear. Optimism is better than despair. So let us be loving, hopeful and optimistic. And we'll change the world." Jack Layton 1950-2011

DontSayBanana

Sounds like a one-two punch of registry hooks and on-startup services.  The problem with those sorts of malware is that you have to neuter both the hooks and the services, or they'll just reactivate themselves on the next startup/login.

Needs verification, but I've heard in a couple of places that antivirus treatment of services is touch-and-go in Win7 because it puts services outside the reach of typical executable programs.
Experience bij!

Cerr

Quote from: Josephus on July 14, 2011, 02:29:04 PM
FWIW, i didn't do any of this stuff. Using my secondary account I downloaded a different anti-virus program becuase the one I had installed was deactivated by the trojan. With this new one I scanned my computer, it found the trojans and ostensibly deleted them. I logged back onto my primary account, the infected one, and while I was no longer getting the annoying "Your computer is fucked" pop ups, I still was unable to access the desktop which was black. I did an explorer exe command but that didn't seem to do much, but at least I was back in control.
Except the next time I logged on it seemed to be taking its time and it said "preparing desktop". Turns out I lost, or it lost, my primary account and I could only log onto to it as a "temporary user".  I am no longer able to log onto the primary account. I can still work on my secondary account which is what I'm using for now.
It could be a registry issue. Run ccleaner. There's a tab called registry, click on it and then scan for issues.

It also might be worth running a full scan with Malwarebytes and/or Superantispyware, to make sure you've got rid of the trojan completely.