I need information about how to get rid of a trojan named ´Dropper´
in [Firewalls]
|
Prev: Wedding Planning Sites - NOT unethical
Next: I need information about how to get rid of a trojan named �Dropper�
From: scoobbs43 on 16 Jan 2008 15:53 I need information about how to get rid of a trojan named ´Dropper´ I clicked on something on a site I didn´t know(still don´t even know what site it was, I just clicked on an image showing on my screen thinking the original would be blown up). Anyway, it invaded my PC and is installed on all of my ´disks´. I have three physical disks and several partitions. Some FAT32, some NTFS. The trojan is inside(at least) all of the ´System Volume Information´ folders on all disks. Avast has recognized the invasion, in real time, but it did not forbid its entrance. Maybe because of some miss-configured parameter(I am not blaming Avast for not stopping the thing... just want to get rid of it for good...) More: I have somehow discovered where the associated programs and files were stored, by chance. So, I tried to delete them. It didn´t work, for every time I deleted the files, I had to wait for some seconds, when copies were somehow built and re-installed... Worse: multiple copies were done in such processes. Still more: as the files are no System Volume Information folders, I am not able to access them anymore. Windows forbids me to do so. So, can anyone help me? Is there any way to get some kind of vaccine, sent to me in an appropriate format, so that it doesn´t get infected before I can use it? Lastly, I have tons of data I can´t lose in those disks. Two of them are 250 gigs and one is 30 gigs(this one was installed in an attempt to have a new copy of Windows XP, but I have found out it got infected almost as soon as it was installed,,, still, the operating system is there and working... but I am almost sure my mouse and my keyboard drivers are affected,,, and this is dreadfull...), all of them about 60% full... Any help welcome. Thank you all in advance... (and please, anyone who thought of it... don´t send me similar things... I can´t stand anymore of it... :-[ ) Foca
From: Sebastian G. on 16 Jan 2008 16:52 scoobbs43(a)gmail.com wrote: > I need information about how to get rid of a trojan named �Dropper� I fail to see what kind of information you'd need to simply flatten and rebuild the system... > Anyway, it invaded my PC Invasion is obviously the wrong word. I'd rather call it an "open invitation", and since you offered this website full access to your computer, you shouldn't wonder that it accepted this offer. > Avast has recognized the invasion, in real time, but it did not forbid > its entrance. Why should it? After all, you wanted this to happen. > Maybe because of some miss-configured parameter Nonsense, it failed by well-defined principal limitations. > More: I have somehow discovered where the associated programs and > files were stored, by chance. > So, I tried to delete them. Why? > It didn�t work, for every time I deleted the files, I had to wait for > some seconds, when copies were somehow built and re-installed... Well, what did you expect? > Still more: as the files are no System Volume Information folders, I > am not able to access them anymore. Windows forbids me to do so. Well, what did you expect? > So, can anyone help me? Since you seems to be unable to do one of the most trivial things (flattening and rebuilding the system), maybe you should stop trying to use a computer? > Is there any way to get some kind of vaccine, sent to me in an > appropriate format, so that it doesn�t get infected before I can use > it? Well, why would you want to infect it? But anyway, where is your Windows installation CD gone? > Lastly, I have tons of data I can�t lose in those disks. Well, but for now you have to consider all of them potentially modified. > (this one was installed in an attempt > to have a new copy of Windows XP, but I have found out it got infected > almost as soon as it was installed Which clearly shows that you must me incompetent. > but I am almost sure my mouse and my keyboard drivers are affected Well, that's why you downloaded them freshly or installed them from the driver installation CD, and for sure not took the infected copy on the hard disk, or did you? Suggested from the thing you wrote above, I really consider that you would be so stupid.
From: Todd H. on 16 Jan 2008 16:59 "scoobbs43(a)gmail.com" <scoobbs43(a)gmail.com> writes: > I need information about how to get rid of a trojan named �Dropper� Hi Foca, Sorry to hear of your troubles. That's a hard way to learn these lessons. :-\ You are faced with an extremely invasive malware infection, and the only reliable foolproof method to get back to a known clean state is to flatten, reformat, and reinstall the OS from original media. There are utilities that claim to clean things, but you can never be sure they got "everythign" and even in the best case you're left with a system that might no longer be the drone of some remote master, it still wont' be terribly stable since the "cleaning" process soemtimes rips out some functionality your OS really needs. To get the data you need off, a utility disk like Sysresccd.org, a bootable CD that runs Linux (without executing one bit of code off your infected hard drive) and an external hard drive can be wonderful. You'll have to learn the basics of mounting the disks and doing the copying from the internal hard drives to the external box, but it's not too bad. Tutorials are out there, and help is around for the asking. Once your new OS has been restored on your freshly formatted disks, and all updates applied either from another machine with all the patches downloaded, or much more easily, Windows Update from behind a consumer home gateway device of some sort, youn run AV against the data you backed up before restoring it back as data to your system, and you can be on about your way. Best Regards, -- Todd H. http://www.toddh.net/
From: arjunhegde on 17 Jan 2008 04:32
can you tell me some symptoms of what that virus is doing...like any particular exe which u feel suspicious is running in the background or its replicating a particular type of file etc... On Jan 17, 12:53 am, "scoobb...(a)gmail.com" <scoobb...(a)gmail.com> wrote: > I need information about how to get rid of a trojan named ´Dropper´ > > I clicked on something on a site I didn´t know(still don´t even know > what site it was, I just clicked on an image showing on my screen > thinking the original would be blown up). > Anyway, it invaded my PC and is installed on all of my ´disks´. > I have three physical disks and several partitions. Some FAT32, some > NTFS. > The trojan is inside(at least) all of the ´System Volume Information´ > folders on all disks. > Avast has recognized the invasion, in real time, but it did not forbid > its entrance. Maybe because of some miss-configured parameter(I am not > blaming Avast for not stopping the thing... just want to get rid of it > for good...) > More: I have somehow discovered where the associated programs and > files were stored, by chance. > So, I tried to delete them. > It didn´t work, for every time I deleted the files, I had to wait for > some seconds, when copies were somehow built and re-installed... > Worse: multiple copies were done in such processes. > Still more: as the files are no System Volume Information folders, I > am not able to access them anymore. Windows forbids me to do so. > So, can anyone help me? > Is there any way to get some kind of vaccine, sent to me in an > appropriate format, so that it doesn´t get infected before I can use > it? > Lastly, I have tons of data I can´t lose in those disks. Two of them > are 250 gigs and one is 30 gigs(this one was installed in an attempt > to have a new copy of Windows XP, but I have found out it got infected > almost as soon as it was installed,,, still, the operating system is > there and working... but I am almost sure my mouse and my keyboard > drivers are affected,,, and this is dreadfull...), all of them about > 60% full... > Any help welcome. > Thank you all in advance... (and please, anyone who thought of it... > don´t send me similar things... I can´t stand anymore of it... :-[ ) > Foca |