Total PC Defender [Windows XP]

Prev: Windows 7 Starter
Next: IE and Firefox Won't Open - Correction

From: Richard In Va. on 15 Mar 2010 13:57

Would anyone know of a surefire method of removing Total PC Defender &
Trojan.Injector.GT ?

I think I've been able to remove Total PC Defender (partially), but not the
Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and
my administrative rights have changed... wont allow me to install Windows
Defender.

I'm hoping someone has written a stand alone DOS utility or removal tool...
would be nice.

Kindof pulling my hair out over here!

Thanks for any help.

Richard in VA
+++++++++++

From: C on 15 Mar 2010 14:15

From: Elmo on 15 Mar 2010 15:37

Richard In Va. wrote:
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT?
>
> I think I've been able to remove Total PC Defender (partially), but not the
> Trojan. AVG free still isn't allowed to update, Malewarebytes won't run, and
> my administrative rights have changed... won't allow me to install Windows
> Defender.
>
> I'm hoping someone has written a stand-alone DOS utility or removal tool...
> would be nice.
>
> Kind of pulling my hair out over here!
>
> Thanks for any help.

A few things I would try:

- (Perhaps for later, after other problems have been corrected.)
http://www.kellys-korner-xp.com/xp_tweaks.htm
Line 275. Lift Restrictions - TM, Regedit and CMD

1. Start in Safe Mode and run Malwarebytes there.

2. Open Task Manager and stop all services that will stop. If one
causes a freeze, or another problem, restart, but don't try to stop that
process. Then try Malwarebytes again.

3. Download this Avira Antivir Rescue System program which will burn a
CD image to a blank CD. It's updated a few times per day. Insert the
CD into the damaged machine and let it do a scan of your system. Before
starting the scan, select "Configuration" and set to repair or rename
the infected files. Sometimes your machine won't restart after such a
repair process, so you might want to save needed files to another system
before using this. If you can't, then you can move the hard drive to
another machine to copy needed files. You can do that before, or after
this scan.

http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

Then run these:

Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispyware
http://www.superantispyware.com/superantispywarefreevspro.html

You can try some of the CD's mentioned at the following site.
BitDefender was my favorite, but if the infected machine can't connect
to the internet to get updates, Avira comes with current virus
definitions. Also, some of these just won't run on some systems,
perhaps because there's no drivers available for some system devices,
motherboard, graphics card, etc. So try a few of these till you find
one that works:

Burn BitDefender, or another program listed at the link below, to a CD
(using a working machine) and test the infected machine with it.
BitDefender also has a Rootkit checker on the Linux Desktop; run it if
you think that's the problem:

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

Download the executable rather than the .iso image, if one is available,
(though no .exe is available for BitDefender).

After the scan is run, if you elect to quarantine files, they're
quarantined to RAM and lost after you reboot. You'll need to copy any
quarantined files to the hard drive, a thumb drive or elsewhere before
exiting.

--
Joe =o)

From: PA Bear [MS MVP] on 15 Mar 2010 19:31

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now run a thorough check for hijackware, including posting requested logs
in an appropriate forum, not here. DO NOT SKIP THIS STEP!!

Checking for/Help with Hijackware:
� http://mvps.org/winhelp2002/unwanted.htm
� http://inetexplorer.mvps.org/tshoot.html
� http://www.mvps.org/sramesh2k/Malware_Defence.htm
� http://www.elephantboycomputers.com/page2.html#Removing_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002

Richard In Va. wrote:
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT ?
>
> I think I've been able to remove Total PC Defender (partially), but not
> the
> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run,
> and
> my administrative rights have changed... wont allow me to install Windows
> Defender.
>
> I'm hoping someone has written a stand alone DOS utility or removal
> tool...
> would be nice.
>
> Kindof pulling my hair out over here!
>
> Thanks for any help.
>
> Richard in VA
> +++++++++++

From: Jose on 15 Mar 2010 20:03

On Mar 15, 1:57 pm, "Richard In Va." <Reply-n...(a)aol.com> wrote:
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT ?
>
> I think I've been able to remove Total PC Defender (partially), but not the
> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and
> my administrative rights have changed... wont allow me to install Windows
> Defender.
>
> I'm hoping someone has written a stand alone DOS utility or removal tool....
> would be nice.
>
> Kindof pulling my hair out over here!
>
> Thanks for any help.
>
> Richard in VA
> +++++++++++

MBAM is the preferred method but you say it won't run? That is
because Total PC Defender recognizes things that are used to remove it
and will keep them from running. It is not difficult to outsmart
malware though.

There is no need to fool around or try things - get rid of it with
certainty.

Here are good instructions for a proven method that will remove Total
PC Defender:

http://www.bleepingcomputer.com/virus-removal/remove-total-pc-defender

If mbam-setup.exe will not launch the install and you have followed
the directions, rename the mbam-setup.exe executable and run the
renamed installation file.

If mbam.exe will not launch after installing and you have followed the
directions, rename the mbam.exe executable and run the renamed
executable.

You should really follow the directions though. They are fine tuned
just for this purpose.

| Next | Last
Pages: 1 2
Prev: Windows 7 Starter
Next: IE and Firefox Won't Open - Correction