So my computer is infected with a virus. I'm not sure which, Trojan something (something I thing to do with Spyware). My computer just shut down the other day because it was so infected and couldn't do that much before the shut down. I can fix the problem easy enough (this sort of thing actually happened several months back and I had to get a disk to reboot my computer). I just have one question: before my computer shut itself down from all virus, I managed to copy a lot of my files onto my various flash drives. The files I copied aren't infected right; if I put them on a computer it won't become infected? Again, I don't know the name of the virus (other than Trojan is in the name and I'm pretty sure it's spyware).

Your correct, a Trojan is a very nasty form of spyware that, once it's attached to your computer, is capable of coping files from your hard drive and sending them off through the internet. It's also, in my opinion, the hardest type of virus to remove. The Trojan that infected your computer likely attached itself to one or more files on your hard drive. Which could include the files you copied on to your flash drives. Trojans are also able to attach themselves to your registry. If this happens, they can be near impossible to remove because they can "reset" themselves every time you load up your computer.

I'm by no means an expert, nor am I too good at removing Trojans. the only way I know how to remove them is through anti-virus/spyware software.

Can you still boot your computer?
If so, have you tried running an anti-virus/spyware scan?

It might not be able to remove the Trojan, but it could help in determining which files are infected.

I hope this helps.

I'm by no means an expert, nor am I too good at removing Trojans. the only way I know how to remove them is through anti-virus/spyware software.

Can you still boot your computer?
If so, have you tried running an anti-virus/spyware scan?

It might not be able to remove the Trojan, but it could help in determining which files are infected.

I hope this helps.

I'll try. How would I go about doing one of these scans? Also, let's say I can't get on my computer, is there a way to see later on if any of the files I copied are infected and if so can I remove the virus infecting said files?

Once you get your computer back running normally and get your virus protection going, you can scan your files on the flash drives to make sure you aren't going to reinfect your computer. Most files aren't carriers, like .jpgs and .mp3s, but a few data files can carry viruses and infect the computer if they are opened with the wrong program. As long as you scan before accessing any files directly, you should be OK.

Once you get your computer back running normally and get your virus protection going, you can scan your files on the flash drives to make sure you aren't going to reinfect your computer. Most files aren't carriers, like .jpgs and .mp3s, but a few data files can carry viruses and infect the computer if they are opened with the wrong program. As long as you scan before accessing any files directly, you should be OK.

Most of the files are tiffs and a few word documents. Any word on how to do turn on my computer and do a scan or un-infect any tainted files?

pffft, just drop a logic bomb over the firewall...
sorry, i saw Swordfish last night.

if you access to another PC and don't mind getting your hands dirty then you can install the hard disc into the other PC and run a virus scan from that machine.

or do a clean wipe. though i save that for extreme circumstances as i don''t like losing my savegames!

Most of the files are tiffs and a few word documents. Any word on how to do turn on my computer and do a scan or un-infect any tainted files?

You have to disinfect your computer first, because one of the main things a virus does is make sure that your virus scanner doesn't work properly. Otherwise, you can take the flash drive to another computer and scan it from there to make sure the files are OK. The Word documents are the main risk, though macro viruses aren't as common as they used to be.

Others around here are more expert on the actual getting rid of the virus on your bad computer.

If it's so bad you can't boot it up then now is the time to call someone who has the equipment and the know how is my honest opinion. Now is not the time to be getting experimental and learning yourself if you want to keep your files. This will cost you money but will, probably, save yopur files. You may need to reinstall your OS, depends how bad it is.

Well, I did. I Rebooted my computer. Put the system recovery disk in and bam! All my files and the virus gone. I got the files on my flash drives but I seriously suspect some of them to be infected. How do I check for this?

Two ways. The ridicoulous long way of moving each file/folder back in across to your computer and open them to see if the virus will activate, or the quick way of getting some anti-virus/spyware program and telling it to scan the portable hard-drive.

Out of curiosity which OS are you running? Because upgrading to the latest OS ussually will prevent a virus from doing anything.

Two ways. The ridicoulous long way of moving each file/folder back in across to your computer and open them to see if the virus will activate, or the quick way of getting some anti-virus/spyware program and telling it to scan the portable hard-drive.

Out of curiosity which OS are you running? Because upgrading to the latest OS ussually will prevent a virus from doing anything.

Questions: What's an OS? I'm guessing something security.
How do I tell my computer to scan the flash drive?

Questions: What's an OS? I'm guessing something security.
How do I tell my computer to scan the flash drive?

OS = operating system.

Get MBAM and tell it to scan your flash drives. That's the easiest way to tell.

If you want to get extra complicated, download a live CD of Ubuntu and work through that, since it cannot get viruses.

OS = operating system.

Basically, which version of Windows/Mac/Linux/etc are you using, and do you have all the latest updates?

OS = operating system.

I got vista and I'm pretty sure it's a few years old.


Get MBAM and tell it to scan your flash drives. That's the easiest way to tell.

Get what and from where (peoples, I kindly ask, I know nothing about computers, you gots to spell out these abbreviations)? And how do I tell it to do that?

Get what and from where (peoples, I kindly ask, I know nothing about computers, you gots to spell out these abbreviations)? And how do I tell it to do that?

MBAM (http://en.wikipedia.org/wiki/Malwarebytes'_Anti-Malware), or Malwarebytes Anti-Malware, is a fairly popular spyware scanner that's supposed to compliment your normal anti-virus software.

What anti-virus software are you using at the moment?


Your correct, a Trojan is a very nasty form of spyware that, once it's attached to your computer, is capable of coping files from your hard drive and sending them off through the internet.

Actually, no. All a Trojan is is a piece of malicious software that tries to trick the user into giving it access to their system by pretending to be something legitimate (the name is a reference to the Trojan Horse of Greek mythology).

What it does once installed varies, depending on what the creator wants it to do.

MBAM (http://en.wikipedia.org/wiki/Malwarebytes'_Anti-Malware), or Malwarebytes Anti-Malware, is a fairly popular spyware scanner that's supposed to compliment your normal anti-virus software.

What anti-virus software are you using at the moment?

I got Norton. That count and do you recommend I download something better?


Actually, no. All a Trojan is is a piece of malicious software that tries to trick the user into giving it access to their system by pretending to be something legitimate (the name is a reference to the Trojan Horse of Greek mythology).

What it does once installed varies, depending on what the creator wants it to do.

So does that mean (there's a good chance) my files are safe?

Actually, no. All a Trojan is is a piece of malicious software that tries to trick the user into giving it access to their system by pretending to be something legitimate (the name is a reference to the Trojan Horse of Greek mythology).



Are you sure??

I knew that it tries to trick the user into installing it but I was told, by a friend who runs a computer repair company, that it was a form of spyware that would send data off your computer via the internet.

I've only encountered a Trojan once a few years back while surfing the web. I had a pop up on my screen that told me my computer was infected and I needed to purchase their software in order to fix it. I naively ignored this as an advertisement and just pressed the x at the top corner. little did i know that by pressing that I would allow a Trojan onto my computer. I tried several anti-virus programs to remove but nothing could successfully clean my computer. That's when I called my friend's company, not sure what they did but they managed to fix it.

Anyway thanks for the info:smallsmile:

Most of your files are likely safe. Depends on the trojan or if it opened the door to more viruses.

If you have the money to spare or can get a copy another way, upgrading to Windows 7 will likely fix the problem. (The virus is likely built towards Vista so it won't work on another OS)

Most of your files are likely safe. Depends on the trojan or if it opened the door to more viruses.

If you have the money to spare or can get a copy another way, upgrading to Windows 7 will likely fix the problem. (The virus is likely built towards Vista so it won't work on another OS)

Hmmm, good to know.

I got Norton. That count and do you recommend I download something better?



So does that mean (there's a good chance) my files are safe?

If you have Norton, when was the last time you paid for the service? Norton is a pay by year/month service and you need to pay the fees in order to upgrade the software or it will not work properly and will leave you insanely ope to attack.

If you do pay yearly for the service, make sure it's upgraded all the way. If you don't pay for it google "AVG free" and download AVG antivirus. It's a free antivirus so you don't have to worry about paying for it. After downloading AVG or making sure your Norton is up to date run the scan on your flash drives.



Most of your files are likely safe. Depends on the trojan or if it opened the door to more viruses.

If you have the money to spare or can get a copy another way, upgrading to Windows 7 will likely fix the problem. (The virus is likely built towards Vista so it won't work on another OS)


Windows 7 is based on Vista. Many viruses can hop across multiple operating systems of the same type such as windows.

I strongly strongly suggest against Norton. It's a virus itself. So hard to remove. :smallyuk:

Go with Malware Bytes and Avast anti-virus programs. Both are free and both are decent. Just dont run both at the same time.

As to scanning your flash drives to see if they are infected, I wouldn't know where to begin.

Are you sure??

I knew that it tries to trick the user into installing it but I was told, by a friend who runs a computer repair company, that it was a form of spyware that would send data off your computer via the internet.


lesser_minion is correct. A Trojan is a specific form of virus that requires intervention from the user to get onto the machine, rather than being able to infect it by itself. What it does once it's ON your machine is an entirely different kettle of fish and doesn't change what the thing actually is! (In point of fact, "spyware" is a general term for a piece of software that occasionally phones home with some sort of information to its creator, so your definition is redundant--the word "spyware" already implies it's going to send data off your computer somewhere).

I got Norton. That count and do you recommend I download something better?

Norton have released some absolutely terrible software in the past, which led to them acquiring something of a bad reputation. The latest version of Norton anti-virus has improved according to at least one batch of tests, but 90% of the internet still wouldn't recommend it.

If you want to switch, Avast! antivirus is free, very highly regarded, and tests higher than most paid solutions. Microsoft Security Essentials seems to have received a surprising amount of praise as well.


So does that mean (there's a good chance) my files are safe?

It varies. Generally, what a trojan does once installed is attempt to download further malicious software, which could conceivably try to hook into your files -- make sure you run a scan with both Malwarebytes' and your antivirus software, and you should be sorted.


Go with Malware Bytes and Avast anti-virus programs. Both are free and both are decent. Just dont run both at the same time.

Having both running a scan at the same time would be a bad move, but the two pieces of software shouldn't really conflict.

Hi Dr. Epic, programmer and generally all-around IT guy here. My recomendations are as follow:

Do as others instructed and uninstall Norton (If you are unsure of how to proceed I can give you more specific instructions, but you need to uninstall all of Symantec Norton components.Then install either Avast! (http://www.avast.com/en-ww/index) or Avira (http://www.avira.com/en/avira-free-antivirus); both are very efficient anti-virus/anti-spyware tools. I personally recommend Avira, is lightweight and has very strong protection without too many false positives.

The reason to remove Norton are manyfold:

- The Norton version you have installed is probably circa 2007/2009. Those were very slow and resource-hungry apps.
- As others mentioned Norton protection is esentially fee-based. This protection has probably run-out unless you had paid for it. Even with a System recovery (as you seem to have performed) you will only have limited protection (30 to 90 days) after that period you will be again in the open.
- in general Norton protection against new threats leaves much to be desired. (Again IMO)

Now, on another subject, while your TIFFs and documents might not be infected. Your actual flashdrives might be; As there is a, now VERY, common kind of trojan going around lately that sets itself to Autorun whenever you insert your flashdrive on a Computer. Both previously recomended AV (AntiVirus) protect you from these nasties.

What I do recommend is that you, first uninstall Norton, install Avira (or Avast! if you prefer), after doing so and updating definitions (loading last minute information on the AV soft, which is done automatically), perform a full system scan, just to be sure.
Only then connect the flashdrive and see if the AV gives any warning to you.

If not, perform a scan on the drive.

At this point we can be relatively sure that no more virus remain.

However the original source of infection might be around, either some file you downloaded or a friend with an infected computer/pendrive. Sometimes the source might be your school/cybercafé.

I'll try to answer any question you might have. If time permits.

One last things, Viruses are "almost" the sole province of Windows/DOS OSes. Mac Viruses are non-existant since it's based on Unix/Linux Platform, which is also very resistant to malware (Collective term for any malicious software) because of it's strict user permissions structure. Windows 7 is sligthly more resistant too, because is mimicking some of Linux structure regarding permissions. XP and Vista are very open to attack for 2 reasons, they have been around longer and their permissions structure leaves to many openings.

As alwways, pardon any engrish since this is not my native language, any corrections please PM. Thanks!

Hi Dr. Epic, programmer and generally all-around IT guy here. My recomendations are as follow:

Do as others instructed and uninstall Norton (If you are unsure of how to proceed I can give you more specific instructions, but you need to uninstall all of Symantec Norton components.Then install either Avast! (http://www.avast.com/en-ww/index) or Avira (http://www.avira.com/en/avira-free-antivirus); both are very efficient anti-virus/anti-spyware tools. I personally recommend Avira, is lightweight and has very strong protection without too many false positives.

The reason to remove Norton are manyfold:

- The Norton version you have installed is probably circa 2007/2009. Those were very slow and resource-hungry apps.
- As others mentioned Norton protection is esentially fee-based. This protection has probably run-out unless you had paid for it. Even with a System recovery (as you seem to have performed) you will only have limited protection (30 to 90 days) after that period you will be again in the open.
- in general Norton protection against new threats leaves much to be desired. (Again IMO)

Okay, I'll get on that. How do I uninstall it?


Now, on another subject, while your TIFFs and documents might not be infected. Your actual flashdrives might be; As there is a, now VERY, common kind of trojan going around lately that sets itself to Autorun whenever you insert your flashdrive on a Computer. Both previously recomended AV (AntiVirus) protect you from these nasties.

What I do recommend is that you, first uninstall Norton, install Avira (or Avast! if you prefer), after doing so and updating definitions (loading last minute information on the AV soft, which is done automatically), perform a full system scan, just to be sure.
Only then connect the flashdrive and see if the AV gives any warning to you.

If not, perform a scan on the drive.

At this point we can be relatively sure that no more virus remain.

You're kidding. My flashdrives might be infected? Well what does that mean? Can I uninfect them? Can I ever use them again? I had data on them that I put on them before this whole virus things. Does that mean I can't use anything on the drives? Are my gigs of flash drive now just completely useless if they are in fact infected?


However the original source of infection might be around, either some file you downloaded or a friend with an infected computer/pendrive. Sometimes the source might be your school/cybercafé.

How should I handle this?


I'll try to answer any question you might have. If time permits.

One last things, Viruses are "almost" the sole province of Windows/DOS OSes. Mac Viruses are non-existant since it's based on Unix/Linux Platform, which is also very resistant to malware (Collective term for any malicious software) because of it's strict user permissions structure. Windows 7 is sligthly more resistant too, because is mimicking some of Linux structure regarding permissions. XP and Vista are very open to attack for 2 reasons, they have been around longer and their permissions structure leaves to many openings.

As alwways, pardon any engrish since this is not my native language, any corrections please PM. Thanks!

Thanks. I do have a ton of questions on how to do all this as I've said. I appreciate all the help you (and everyone else) has given with this stressful event. Expect maybe some PMs and again thanks.

Are you sure??

I knew that it tries to trick the user into installing it but I was told, by a friend who runs a computer repair company, that it was a form of spyware that would send data off your computer via the internet.

I've only encountered a Trojan once a few years back while surfing the web. I had a pop up on my screen that told me my computer was infected and I needed to purchase their software in order to fix it. I naively ignored this as an advertisement and just pressed the x at the top corner. little did i know that by pressing that I would allow a Trojan onto my computer. I tried several anti-virus programs to remove but nothing could successfully clean my computer. That's when I called my friend's company, not sure what they did but they managed to fix it.

Anyway thanks for the info:smallsmile:

To help with the already given explanation a little, the terms "virus", "spyware", and "malware" all refer to malicious software that does not belong on your computer. How it gets there varies. The terms are basically, however, interchangeable. Trojans, however, have been around since long before the word "spyware" was; they are most definitely a virus. :smallsmile:

To be more exact;


Virus: A computer program which is designed to copy itself onto a computer and spread (much like its biological namesake does to cells).
Trojens: A type of virus which tries to sneak in by disguising itself as a benevolent program (like the Trojen horse it's named after).
Payload: The part of a virus which does something to your computer (as noted above a program which simply copies itself wouldn't do anything unless it was programmed to do something else, the "payload" is that something else).
Malware: A broad term for anything you don't want on your computer.
Spyware: Malware which is designed to steal data from your computer.


The key thing to remember is that a virus is a program like any other. As long as you don't run it (even if it's saved on your computer's hard-drive) or allow it to be run automatically then it can't do anything.

To be more exact;


Virus: A computer program which is designed to copy itself onto a computer and spread (much like its biological namesake does to cells).
Trojens: A type of virus which tries to sneak in by disguising itself as a benevolent program (like the Trojen horse it's named after).
Payload: The part of a virus which does something to your computer (as noted above a program which simply copies itself wouldn't do anything unless it was programmed to do something else, the "payload" is that something else).
Malware: A broad term for anything you don't want on your computer.
Spyware: Malware which is designed to steal data from your computer.


The key thing to remember is that a virus is a program like any other. As long as you don't run it (even if it's saved on your computer's hard-drive) or allow it to be run automatically then it can't do anything.

A nifty trick to that, if you're quick enough, is to rename the file the virus is running from. You may have to do this in between halting the process and the virus re-starting itself, but it's plenty doable. Another good way to deal with infections is to reboot the computer in Safe Mode and run your malware removal software there, then rebooting back to normal and running scans again.

And, because I missed my shot at it earlier, I spend my days doing technical support and cleaning up infected computers. 95% (roughly) of the computers that come in here with infections have one of three things on them for "protection": McAfee, Norton, or nothing at all. :smallsigh:

Okay, I'll get on that. How do I uninstall it?

Sending PM...



You're kidding. My flashdrives might be infected? Well what does that mean? Can I uninfect them? Can I ever use them again? I had data on them that I put on them before this whole virus things. Does that mean I can't use anything on the drives? Are my gigs of flash drive now just completely useless if they are in fact infected?


First, don't worry, it's extremely rare that normal files might be infected in a way that makes you unable to recover/use them. You only need to be careful where you connect the flashdrives until this situation is under control. They are perfecly functional, however if they are infected, they are a propagation tool for the virus.

To make the situation clearer, some malware nowadays install a disguised executable along with an autorun.inf file in your flashdrives (actually on any drive they can get their ... claws? .. onto). They do this, so that everytime you connect said drives to a computer they can try to infect it. Both Avast! and Avira (and any good AntiVirus) protect you from these nasties. They do so checking this "autorun.inf" file, and any suspicious file in them. So you understand the whole thing, that file tells Windows: "Hey, now that this drive is connected go ahead and run this file please". This is useful for example with installation CDs/DVDs. Only they use it in a Eeeeevil way :smallwink:



How should I handle this?


If you have suspicions on how you got infected there are a number of things to do:

- If you thing it's something you downloaded. Delete it, and be very careful in the future regarding your downloads.
- If you think it came from a friend/family member/school computer. Tell them your computer got infected; that they should check theirs too.
- If you used these flashdrives since the infection began on someone else's computer, tell them too.




Thanks. I do have a ton of questions on how to do all this as I've said. I appreciate all the help you (and everyone else) has given with this stressful event. Expect maybe some PMs and again thanks.


Hey, it's XMAS, no one should be worried/sad in this time of the year. Just trying to help.

Finally,


A nifty trick to that, if you're quick enough, is to rename the file the virus is running from. You may have to do this in between halting the process and the virus re-starting itself, but it's plenty doable. Another good way to deal with infections is to reboot the computer in Safe Mode and run your malware removal software there, then rebooting back to normal and running scans again.

And, because I missed my shot at it earlier, I spend my days doing technical support and cleaning up infected computers. 95% (roughly) of the computers that come in here with infections have one of three things on them for "protection": McAfee, Norton, or nothing at all. :smallsigh:

Problem is, there are several nasty malware that runs even in safe mode, and depending on how it works it can reinfect things pretty easily. Also many mask their executable file all over the HD with different names and other tricks.

In the end the best option is to have a good protection and being aware of what would be risky practices; actually this is good advice for real life viruses too :smallwink:

Zigg'rrauglurr: sent you a PM asking for more help. Thanks again.

Malware: A broad term for anything you don't want on your computer.


Pedantry follows:

Malware specifically refers to things you don't want on your computer that were designed for political, criminal, or otherwise nefarious purposes (narrative convention tells us that malware creators invariably have either goatees or a moustache-twirling habit).

The catch-all term for anything you don't want on your computer is 'badware', although it's formally defined as "software which fundamentally disregards a user's choice about how her computer or network connection will be used".

Problem is, there are several nasty malware that runs even in safe mode, and depending on how it works it can reinfect things pretty easily. Also many mask their executable file all over the HD with different names and other tricks.

In the end the best option is to have a good protection and being aware of what would be risky practices; actually this is good advice for real life viruses too :smallwink:

Oh for sure, don't get me wrong, I didn't intend to make that sound like an absolute solution. The only truly "absolute" solution concerning removing malicious software is to replace any and all forms of data storage and starting over from scratch. :smallbiggrin: And even then, if your user habits don't change, you'll still be breaking the absoluteness of the solution. At the point where you can't reboot in safe mode and run removal programs, you're pretty much hosed unless you're a high end user (like, for example, yourself. I'm sure, if you wanted, you could boot in DOS and debug yourself if you wanted to). At that point, you're pretty much looking at a wipe.