Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Trojan.Shutdown

  • 03-04-2010 08:54PM
    #1
    Closed Accounts Posts: 6,679 ✭✭✭


    Hello all. Hope you can help. My niece's PC (5 year-old Dell) has become inected with some kind of malware/virus. A verification box pops up with a timer asking you to enter the two words or it will shut down.

    I've searched here but can't find any threads. Also Googled it, but the usual story - mobs trying to flog software.

    Thanks in advance.


Comments

  • Registered Users, Registered Users 2 Posts: 256 ✭✭happy_acid_face


    A quick google shows that the Trojan.Shutdown seems to be a well now virus that has been around for quite some time. I would imagine most, if not all, anti virus software would have it in there database.

    So, I'd say the easiest way to get rid of this would be to boot the PC into safe mode with networking, update you anti virus database, then do a full system scan (Taking it there is an anti virus on the computer already)

    If there is no anti virus on the computer you will need to install one. First though, does this pop up happen as soon as the PC turns on? And by entering the two verification words can you continue to use the computer in its normal mode for the time being?


  • Closed Accounts Posts: 6,679 ✭✭✭Freddie59


    A quick google shows that the Trojan.Shutdown seems to be a well now virus that has been around for quite some time. I would imagine most, if not all, anti virus software would have it in there database.

    So, I'd say the easiest way to get rid of this would be to boot the PC into safe mode with networking, update you anti virus database, then do a full system scan (Taking it there is an anti virus on the computer already)

    If there is no anti virus on the computer you will need to install one. First though, does this pop up happen as soon as the PC turns on? And by entering the two verification words can you continue to use the computer in its normal mode for the time being?

    Thanks for your help.

    If you use Internet Explorer the entire PC would freeze. I solved this for her by deleting Temporary Internet files, etc. It worked fine in Chrome for a while, then the same thing started. Once you enter the words it resumes, and you get the message again some time later. Obviously, if you're not using the Internet the PC works fine.

    She has Avast anti-virus installed, as AVG was causing problems.


  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    do this

    Download the GMER Rootkit Scanner. Unzip it to your Desktop.

    Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

    Double-click gmer.exe. The program will begin to run.

    **Caution**
    These types of scans can produce false positives. Do NOT take any action on any
    "<--- ROOKIT" entries unless advised by a trained Security Analyst

    If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
    • Click NO
    • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is Unchecked.
    • Now click the Scan button.
      Once the scan is complete, you may receive another notice about rootkit activity.
    • Click OK.
    • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
    • Save it where you can easily find it, such as your desktop.

    Post the contents of GMER.txt in your next reply.


Advertisement