Liverpool FC Forum

[Emerald Red]

I've recently just been hit with one of the most nasty trojans I've ever had the pleasure of f*cking with my PC (and my head) since yesterday. Normally these things don't give me too much trouble and I find a cure within an hour or so of research. This one is a different animal altogether, and upon researching it, I've found out that it's relatively new within the past fortnight or so, so beware of this b@stard. It's called MalwareCrusher.

It likes to hide in video codecs required for certain video players, so be careful downloading stuff like this. Also it can be gotten through sites that host a lot of user videos.

This is what it does. First off you'll notice a few dodgy looking fake Windows help and update icons on your desktop. Try as you may, you can't delete them. They just keep coming back for more. But this is only small potatoes for the c*nt as it likes to dump a sh*t load of files into your c:\ root folder and your documents folder. They just keep spawning until your PC comes to a gradual standstill and lags like a mother. Not only this, but you'll be bombarded with fake windows warning pop ups and bubbles that keep popping up on your system tray.

I'm going mental here, as everything I try won't kill it. I've followed online instructions and still no joy. Every spyware, malware, anti c*ntware just won't work. I've been at it for two nights straight and I'm still infected. As a result, I couldn't get any work done at all. I'll probably resort to the last resort of formatting my PC. 




B'SSSSSSSSTARDS!

I've had to knock a few pain killers. Head's killing me.

Just so you know - MalwareCrush. If you see this on a webpage pop up, chances are yer f*cked!

[LFC2007]

I'm by no means great on computers but locating the registry values (Spyware software can do this) and deleting them might solve it?, you might have to do this in safe mode though and be very careful to target the exact values - if you get it wrong you might well permanently f*ck up your computer.

Worst case scenario is that you'd probably need to save all your files to usb and rebuild the computer. I know someone who had this done after contracting a trojan on their computer, it didn't take that long.

Alternatively, ask Sabre.

[66-1112520797]

Ask Sabre or Saint Emerald, they seem like they know there stuff and are usually willing to help.

[Woollyback]

have you tried looking on techie forums on this kinda stuff? i've managed to get rid of a couple of nasties in the past that adaware/spybot/c-cleaner etc couldn't shift, all from googling forum stuff about it and following the insructions. gives you such a feeling of satisfaction when you finally rip the fecker out! 

[andy_g]

i use mac

[account deleted by request]

Don't start fiddling in your registry Emerald and don't start deleting anything mate. You will probably do more damage than any trojan that way.

1/ I presume you have run a virus scan and various anti malware anti trojan programmes?

2/ Run A-squared anyway its as good as any and better than most. Run AVG anti-spyware or Adware if you haven't already done so.

3/run CC Cleaner

4/in spybot search and destroy at the bottom left hand side it says tools, click on that and it takes you to an option screen, double click on system startup, and it will give you all the progs that start up when you boot your system. It will tell you what are ok progs and what if any arn't. Whats required by your system and whats not etc.

5/ Having now cleaned your system as good as you can,if you still have a problem run "Hijack this" and get a log file of every running app. Post the log file on the hijack this forum and they will tell you if there is anything nasty, and how to remove it.

I know its a long drawn out process but the good thing is you will then have a nice clean system. You will have to delete your system restore and make a new one etc as well mate.

All the things I have mentioned are free mate and are good,so anything you haven't already got just download.

cc cleaner

A SQUARED

SPYBOT SEARCH AND DESTROY

AVG ANTISPYWARE

HIJACK THIS

hIJACK THIS FORUM

[Kharhaz]

When I get a virus my antivirus will pop up (in this case norton) and specify exactly where that file is. I usually follow the path to that file and try delete, a majority of the time you cant because it is being used so I use Hijackthis to delete that file on reboot then afterwards run an antivirus scan, adware scan and a defrag. If nothing pops up after these then the chances are its gone. Worst case ive just backed up my files and wiped my comp with a fresh install of xp.

[Emerald Red]

Don't start fiddling in your registry Emerald and don't start deleting anything mate. You will probably do more damage than any trojan that way.

1/ I presume you have run a virus scan and various anti malware anti trojan programmes?

2/ Run A-squared anyway its as good as any and better than most. Run AVG anti-spyware or Adware if you haven't already done so.

3/run CC Cleaner

4/in spybot search and destroy at the bottom left hand side it says tools, click on that and it takes you to an option screen, double click on system startup, and it will give you all the progs that start up when you boot your system. It will tell you what are ok progs and what if any arn't. Whats required by your system and whats not etc.

5/ Having now cleaned your system as good as you can,if you still have a problem run "Hijack this" and get a log file of every running app. Post the log file on the hijack this forum and they will tell you if there is anything nasty, and how to remove it.

I know its a long drawn out process but the good thing is you will then have a nice clean system. You will have to delete your system restore and make a new one etc as well mate.

All the things I have mentioned are free mate and are good,so anything you haven't already got just download.

cc cleaner

A SQUARED

SPYBOT SEARCH AND DESTROY

AVG ANTISPYWARE

HIJACK THIS

hIJACK THIS FORUM

First thing I did was run A-Squared. I have AVG and Spybot and Adaware and a few other various programs. I've ran them all, save for AVG which has been disabled by the trojan. I'm not even sure It's still working. I ran a program called SmitFraud that apparently is meant to clean it out in safe mode. I ran that twice with no effect and it was designed to kill the f*cker specifically.

I know I shouldn't go near the registry, but I was looking for all sorts of solutions and had to go there. I know not to touch anything in there, but I had the path and correct name of the f*cker so I searched it out and found the entry and deleted it. Still no effect. I disabled it from my start up in msconfig also.

As for Hijack this, I'm not really sure what it's for as I've only used it a few times in the past. Isn't it more for a diagnosis rather than a fixer of things?

[account deleted by request]

Don't start fiddling in your registry Emerald and don't start deleting anything mate. You will probably do more damage than any trojan that way.

1/ I presume you have run a virus scan and various anti malware anti trojan programmes?

2/ Run A-squared anyway its as good as any and better than most. Run AVG anti-spyware or Adware if you haven't already done so.

3/run CC Cleaner

4/in spybot search and destroy at the bottom left hand side it says tools, click on that and it takes you to an option screen, double click on system startup, and it will give you all the progs that start up when you boot your system. It will tell you what are ok progs and what if any arn't. Whats required by your system and whats not etc.

5/ Having now cleaned your system as good as you can,if you still have a problem run "Hijack this" and get a log file of every running app. Post the log file on the hijack this forum and they will tell you if there is anything nasty, and how to remove it.

I know its a long drawn out process but the good thing is you will then have a nice clean system. You will have to delete your system restore and make a new one etc as well mate.

All the things I have mentioned are free mate and are good,so anything you haven't already got just download.

cc cleaner

A SQUARED

SPYBOT SEARCH AND DESTROY

AVG ANTISPYWARE

HIJACK THIS

hIJACK THIS FORUM

First thing I did was run A-Squared. I have AVG and Spybot and Adaware and a few other various programs. I've ran them all, save for AVG which has been disabled by the trojan. I'm not even sure It's still working. I ran a program called SmitFraud that apparently is meant to clean it out in safe mode. I ran that twice with no effect and it was designed to kill the f*cker specifically.

I know I shouldn't go near the registry, but I was looking for all sorts of solutions and had to go there. I know not to touch anything in there, but I had the path and correct name of the f*cker so I searched it out and found the entry and deleted it. Still no effect. I disabled it from my start up in msconfig also.

As for Hijack this, I'm not really sure what it's for as I've only used it a few times in the past. Isn't it more for a diagnosis rather than a fixer of things?

Yes mate, just run Hijack this and post the log file that it gives you on the forum I linked, they will tell you exactly what to do. Don't try to read it and sort yourself, as again you could cause more problems than you fix. Just make sure your system is as clean as possible of adware/ malware before you run it. Saves them time on the forum.

Be careful what you download to try to fix it as there are a couple of real nasty so called malware fixers linked to this trojan and you could finish up in worse trouble than you are now.

Thats why I didn't link any of them, as I don't know if they are genuine. All the progs I linked I have used for years and know they are ok.

If you think you have killed it, run an online scan from Norton , Panda etc etc this should clean up any bits and pieces left over. Then delete your system restore as it will be in there as well mate. (don't do this until you are sure you are back to normal)

[Mikz]

They are all great programs saint -I use them all too..but the last trojan I got wiped the floor with all them.

How did i kill it? A handy wee program called fixwareout.
A search on google can find it and its free.

All ya need to do is restart in safe mode....and run it, select clean registry..and it should do the business.
Then run trend micro-and that should be the end of it.

[account deleted by request]

They are all great programs saint -I use them all too..but the last trojan I got wiped the floor with all them.

How did i kill it? A handy wee program called fixwareout.
A search on google can find it and its free.

All ya need to do is restart in safe mode....and run it, select clean registry..and it should do the business.
Then run trend micro-and that should be the end of it.

I have noted the name Mikz as no doubt I will "catch" whatever's going about sooner or later.

I don't like using anything without a personal recommendation, so thanks mate.

[Mikz]

No problem brother, theres another called smitfraudfix

http://www.bleepingcomputer.com/files/smitfraudfix.php


Comes highly recommended too.

[account deleted by request]

No problem brother, theres another called smitfraudfix

http://www.bleepingcomputer.com/files/smitfraudfix.php


Comes highly recommended too.

Thats the one that Emerald has already tried Mikz. Like most its probably good for one trojan, but not so good for another.


Wheres Sabre anyway? Whats the use in having a computer expert if he spends all his time working instead of solving our problems