trojan horse generic

  thetrickster 14:57 18 Dec 09

Hi I can't seem to be able to get rid of the trojan horse that has infected my computer. It has the annoying habit of sending me to the incorrect web pages whilst I am surfing the net. This happens when using both IE and FireFox. It also plays random songs whilst I am online. I have avg, comodo and malwarebytes. I have restarted the computer in safe mode. Ran and deleted using malwarebytes but still I cant seem to rid my pc of this infection. My avg resident shield comes up now and again with multiple threat detection. To which I delete. But I do get the message "some files have not been deleted" when i click "remove selected infections". Please can anybody help as it is very annoying.

  Fruit Bat /\0/\ 15:20 18 Dec 09

May be hiding in system restore files - switch off system restore to delete restore points (only if your machine is working OK apart from the trojan).

Switch system restore back on and do a scan and check its gone then create a new restore point.

  skidzy 15:20 18 Dec 09

how long have you had this problem ?

Have you tried system restore back to a time before this started ?

What operating system are you using ?

Do NOT clear your restore points untill the machine is clean though you can revert to an earlier time.

Check in add and remove programs for any bundled software that you may have installed unknowingly.Basically i mean you may have installed a sponsor ad program with a legit program.

We have plenty of options for you but try system restore first and see what happens.

  skidzy 15:21 18 Dec 09

sorry me ol mucker ( been a while ) didnt mean to cross post you.

  BurrWalnut 15:24 18 Dec 09

The redirection could be a rogue entry in the Hosts file. Have a look at it. It is normally located at C:\Windows\System32\Drivers\etc\ If it is not there, look for its location in registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath.

If the file is read only, right-click it > Properties and remove the check mark. Make a copy of it then using Notepad change its contents and save it (not as a text file) to look like this:
There will be a number of comment lines (beginning with #) followed by this mandatory line: localhost

The entry stops access, so if there are entries like, don’t remove them as they help to protect the system from malware sites. However, if you see entries with legitimate names like or you should remove them, as malware is probably trying to block access to them (using or redirect them (using n.n.n.n) to another website.

  Fruit Bat /\0/\ 15:32 18 Dec 09

Been away?
haven't seen you on the forum for a few weeks.

May be you need to type faster or its the oldPCA time warp slowing you down? VoG used to beat me to the draw nine times out of ten.


PS think it might be time for a third instalment of your excellent "Safe and Clean" thread updated for W7 users and possible backup strategies included.


  Sea Urchin 15:33 18 Dec 09

You could try downloading and running this Trojan Remover - it's a trial version but runs in its full form for 30 days

click here

  skidzy 15:34 18 Dec 09

Hi Fruit Bat /\0/\
I normally pull out a S&C thread around this time of year but to be honest i have a little catching up to do but hope to sort one for the new year or a simple update.

I have not been around much due to my photography hobby and editing.... learning but slowly lol.

Mr V is always the king of sure he gets the posts earlier than us Lol :-))

The trickester has a few options now, lets wait and see what happens.

  john bunyan 15:47 18 Dec 09

Sorry to post here but I will be very interested in your reccomendations for W7 free stuff.
Sorry to intrude, thetrickster.

  GaT7 15:48 18 Dec 09

Following on from BurrWalnut suggested, here's more useful info about the Hosts file click here, including a customised Hosts file which you can download & use to lower the chances of this happening in the future. G

This thread is now locked and can not be replied to.

Surface Pro (2017) vs Surface Pro 4

Where HTML5 is headed next

MacBook Pro v Surface Pro 5