Viral Infection

So here is my problem, I got this virus from an AIM instant message that I mistakingly took as a friend trying to send me pictures(normally I wouldn't, but there were other factors at play as well that led me to believe this was a legit link), and now I have a trojan on my computer that Norton detected but couldn't do anything about. So I did a virus scan and Norton didn't pick it up. I also downloaded the trial versions of AVG and McAfee to scan and get rid of the files, good news, they found the virus, which is now virus'(plural) but couldn't do anything about getting rid of them, and I know it's not because of the trial version because they picked up other stuff too that they got rid up, so now I have a trojan and a backdoor.hacktool virus that are on my comp and no program I have will get rid of them.

Does anyone have any reasonable suggestions that I can easily take care of RIGHT now by going on the net, getting it, and getting rid of the viruses? And if not, what can I do?

I've tried everything I could, everything I knew, and it's been on my comp for 3 days now (most of which my comp was OFF). So I'm getting desperate and I can already see the effects of the viruses(long startup).

Shattered OUT...

AOL has a Virus/Trojan help page that sounds somewhat familiar to your current situation....

www.aim.com...

I've had some luck with the free trial version of Tauscan in the past for removing troublesome trojans...

You can also download and run McAfee's Stinger product for free to clean this up.
Stinger

Thanks guys, I'll let you all know how they handle.

Shattered OUT...

Ok, I've gotten really desperate, anyone know an easy way to purge my computer? I know that after I purge my comp, I can just pop in the reformat disk and reinstall all of windows.

(PS. I have a router, two actually that are connected to each other(long story) and I think some viruses are getting in through that.)

Shattered OUT...

Yep. Once a virus gets past your virus software and grabs hold on to your harddrive it's usually bad news. But not always the end of the world. Although Norton (Symantec) can't always remove a resident virus, they always have the answer on how to remove it manually. This usually include restarting your PC in safe mode, deleting some files, and finally making some registry changes. They also (usually) have a special removal tool for each virus.

So here's what you do.
Visit www.symantec.com.
At the top next to the Search tool, choose "Viruses & Risks". Type the name of the virus in the search box. (You might have to do a virus scan again if you can't remember the name. It's important to type exactly the same words as the viruses detected!)
You'll get a list of results, typically including the words "Symantec Security Response - [Your virus name here]" ...
Example
Click the most relevant result - should be the top one. This opens up a page with a full description and technical details of the virus. If you scroll down you'll find the "Removal Instructions". This is the part you're looking for.

There should be a "Removal using the Removal Tool" paragraph at the top with a link to a program/utility you can download. If that doesn't work you'll have to follow the manual removal instructions.

Example virus removal instructions

If this doesn't work, you might want to try Hi-Jack This!, but be very careful with this tool!!!

Formatting your HDD should always be the last and final option.

If you're having trouble with this, you can give me (and the rest of the board) the name of the virus and we could try and guide you through the removal.

Good luck!
Gem.

Edit:
PS. Some viruses prevent you from visiting anti-virus sites. There are several optional sites you can visit with the same information, if this is the case,eg.
symantec.com...
securityresponse.symantec.com...
www.sarc.com...



[edit on 6-1-2006 by Gemwolf]

This is the name of the my anti-virus is detecting Hacktool.rootkit.

Errm, I hate it. My harddrive is always working even though I'm running no programs...

Shattered OUT...

I think you are in need of a HouseCall

This one seems to go by numerous aliases.

Please let us know how you make out? I've noticed you have had the week or so from Hades, in regards to computer problems lately.

May I suggest some Free and perfectly legal sofware to help you.

1)spybot search and distroy 1.4
2)ccleaner
3)adaware 1.06 SE
4)Free AVG anti-virus program
5)Microsoft Antispyware program 1.07.01-it is good for 207 days worth of updates

For future prevention, may I suggest a software firewall like Zone Alarm.
It does a great job of protecting you. You will have to learn what you want to allow out to the internet and what you don't. Personally, mine has stopped 462 attemps since my redo about 2 weeks ago.

As always, after installing these programs, run their updater programs and run each program until it stops finding stuff.

As a side note there is a 6 month free trial of Norton antivirus (only for windows XP) available from Google called "Google Pack". There is a link on the main google page.

Hope this helps you.

This is what Symantec has to say about Hacktool.rootkit:



From Symantec

Not good news.

And even more bad news... According to them, having the latest virus definitions should be good enough to get rid of the bugs. Make sure you have the latest virus updates!

Stop as many running services as possible before you run the Anti-virus software again.

If you still fail to get rid of it, please let us know, so we can walk you through removing it.

If its that bad just do yourself a favour and pop in that xp cd and format /reinstall xp ,should take the better part of maybe 2 hours and will save you alot of hassles

While at it grab a copy of sygate (best pc friendly firewall), spybot , adaware, spyware blaster and xpantispy and get those progs installed and always kept uptodate

[edit on 9-1-2006 by Fett Pinkus]

There may be an easy way. Facetime discovered it first, and put out a free online scanner.

There is a different method Here.

I also found confirmation that this rootkit uses the lockx.exe and strtas namefile fairly consistantly in here. They also used hijackthis to find the file that was causing the virus to run at startup for the HackTool.Rootkit. There is an automated hijackthis analyzer here.


[edit on 1/9/06 by makeitso]

yeah, thats not a bad route. Although myself...I'm getting tired of always having to re-install every stinking program.

I download a lot, so I format my PC 2-3 times a year.....That might not sound like a lot, but believe you me...Its Not Fun.

But life just got a little easier for me, since now I have 2 computers...So i'm gonna use my older one as a guinea pig, and if the software or game or whatever checks out to be the real deal...then I can put it on my better pc.


Anywho...about your problem. You said you have computers networked together using a router...does the router have a firewall, if not, I would suggest getting one that does.
I do. I also Use Norton Anti-Virus 2006, MS Anti-Spyware, and Ad-Aware SE Pro. and I have zero probs with my pc. *knocks on wood*

norton, mcafee, and avs are pretty much junk and are scams especially norton. they expect you to pay for update supscriptions and also pay programmers and some crackers to write new viruses and other software exploits. when i used windows.. f-prot and kaspersky were the 2 best anti-virus apps i used, both were quick and detected a hella lot more than norton and mcafee ever could. if you wanna truely git rid of all your virus, adware/spyware, and all the other windows disfunctions then you should ditch windows all togeather and switch to linux. linux can do everything windows can and then some, its way more stable, secure, NO viruses, NO adware/spyware/malware, NO central registry (which is a big flaw in windows), NO disk defragmentation. my linux box has been running 2-1/2 months straight now without a single reboot...thats how stable and secure linux is.