Search : in
By :

Help with Trojan

Last answer on Feb 15, 2009 6:49:59 am GMT Keith, on Feb 13, 2009 6:23:04 am GMT 
 Report this message to moderators

Hello,
I received a trojan.brisv.a!inf virus on my computer, I successfully removed it but i can run sound and also I cannot detect any wireless networks with my wireless device. what should i do

Configuration: Windows Vista

Best answers for « Help with Trojan » in :
Introduction to Trojan horses Show Trojan horses A Trojan horse is a computer program which carries out malicious operations without the user's knowledge. The name "Trojan horse" comes from a legend told in the Iliad (by the writer Homer) about the siege of the city of Troy by the...
Getting rid of Vundo Trojan Show Getting rid of Vundo Trojan What is a Vundo Trojan? How to remove a Vundo Trojan Manually Step 1: Locate the Trojan Step 2: Use Registry Editor to eliminate Registry Values Step 3: Using Command Prompt for Vundo unregistration Download...
Download Trojan Remover Show Description: Especially designed to eliminate trojans (also called Trojan horses) as well as the intruders of ad ware and spy ware types, Trojan remover will help you to fight effectively against any sorts of spy software raging on...
[Myth] No open port = no Trojan ShowNo open port means No trojan Myth Reality Explanations Myth Leaving no ports open on my PC , I'm sure I will not have any Trojan on my computer. Reality FALSE. Explanations An open port is not necessary to control a computer on...
Cleaning the trojan- Vundo/Virtumonde ShowCleaning the trojan- Vundo/Virtumonde Intoduction Getting Started First Method : Vundofix Under Vista Intoduction Vundo also known as Virtumonde/Virtumondo is a trojan that download and displays popup and advertising for antispyware...
3wPlayer is a Trojan ? Show3wPlayer is a Trojan ? 3wPlayer is a media player who load harmful trojans on your computer once same installed on your computer. This program is designed to play in movies in ZIX format and can be freely downloaded on websites. However...
Download Spybot - Search & Destroy ShowSpybot - Search & Destroy is an adware, spyware, dialers, keyloggers, trojans detection and removal tool. It scans your computer hard disk and/or RAM for malicious software. It can also immunise your system against over 400 different spies and...
Download Norton Removal Tool Show
Download AntiVir Show
Logonui - logonui.exe Showlogonui - logonui.exe logonui.exe (logonui stands for Windows LogOn User Interface) is a Windows NT/2000/XP generic process used for managing the Log-On and Log-Off screens, allowing the computer to switch easily from one user to the next. The...
Msoobe - msoobe.exe Showmsoobe - msoobe.exe msoobe.exe (msoobe stands for Windows Product Activation) is a Windows XP generic process which activates product licences. The process msoobe is not in any way a virus, a worm, a Trojan horse, spyware, or adware. It is a system...
Services - services.exe Showservices - services.exe services.exe (Windows Service Controller) is a Windows NT/2000/XP generic process used for recognising and implementing system changes without requiring the user's involvement. The process scm is not in any way a virus, a...
Ask your question Reply

1

 Keifermail, on Feb 15, 2009 6:49:59 am GMT

You may have a very nasty worm!

This thing is called the "Kido Worm" , "Downadup" and "Conficker." It began in Oct. 2008 but in December it evolved into a Superworm. Its ability to thwart any attempt to delete it and to spread via USB devices is confounding.

There is a lot of info out there if you Google these names. It is an interesting Worm as it seems to disable every defense before the victim can even launch a counter attack. It disables system restore, shuts off Microsoft updates, blocks Antivirus updates, hijacks the browser (Safari, Explorer, Chrome and Firefox) and finally it downloads more malicious software as it goes. It is impossible to give one set of instructions to remove the Virus as it is different on every machine.

The latest variant of the worm now lets it spread via thumb drives. It operates by copying itself in a random folder created inside the Recycler directory, which is used by the Recycle Bin to store deleted files, and creating an autorun.inf file in the root folder. The worm executes automatically if the Autorun feature is enabled.

Certain TCP functions are also patched to block access to security-related Web sites by filtering every address that contains certain strings. This makes it harder to remove because information about it is difficult to gather from an infected computer. Additionally, the sneaky little worm removes all access rights of the user, except execute and directory usage, to protect its file. Microsoft has created a removal tool for this worm, but if you are infected you must find an uninfected computer to download Microsoft's Malicious Software Removal Tool.

See the following link: http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

If you have the Kido/Conficker worm you will no be able to link to the above link.

Microsoft states,
"If your computer is infected with the Conficker worm, you might be unable to download certain security products, such as the Microsoft Malicious Software Removal Tool or to access certain Web sites, such as Microsoft Update. If you can't access those tools, try using the Windows Live OneCare Safety Scanner. If that doesn't work, read the following Microsoft Help and Support articles on an uninfected computer. "

My advise is to get the removal tool on a brand new/clean USB device from another computer and then load it onto your computer. The surprising thing is that this thing started in Oct. and already has infected 12.9 million computers. Microsoft has offered a 250K reward to help catch the culprits that created this worm.

Hope this helps,

Keifer

   
Reply to Keifermail
Ask your question Reply
They need your help