Jump to content
Sign in to follow this  
Spaz The Great

Funny trojan issue

Recommended Posts

So we're currently living with some friends right now, and their PC is hellish. It's always incredibly slow, and I'm sure part of the problem is viruses and spyware.

However, a couple of nights ago something funny happened. A program by the name of Windows Police Pro decided it was the anti-virus and it was going to warn us when something was infected. Ejay was infected, FruityLoops was infected, Firefox was infected, pretty much anything we tried opening was deemed infected and not allowed to open.

The kicker was, it wouldn't fix anything unless we paid for the full-version. That's when it clicked, I've seen this shit before. A lot like Win-AntiVirus. Well, we decided to sneak our way around and disable the shit((no process running in the task manager, and we couldn't even open Add/Remove Programs)). Then we downloaded and ran AVG and Spybot. Somehow it turned itself back on, and regenerated itself after Spybot deleted parts of it((could only delete parts of it)). Found out it had a backdoor installed, too. It kept warning us that something malicious was trying to attack the computer, but we knew it was our scanners attacking it.

AVG had run for almost two hours when the system shuts itself off. We assumed it was smart and knew what we were doing, and so shut down the machine. We ran it in Safe-mode and ran AVG's special safe-mode scan((apparently a really deep scan)), and so far we haven't seen any sign of it, so I assume we got rid of it.

Just found this to be quite a funny story and decided to share it with you guys. And also serve as a warning.

Share this post


Link to post
Share on other sites

Sounds like something similar that happened to my friends computer awhile back only it gave him to get AVG working at all. So he had to run it safe mode and that fixed the problem. :P

Edited by Noru

Share this post


Link to post
Share on other sites

Typical case of a rogue security program trying to pawn noobs off into paying for a piece of BS scareware. I ran into some cases of this scheme, and I noticed that some of them trojans are just copy-pasta'd variants of the same malware, with a different name or icon. Some of them are notoriously hard to remove, although in most cases Combofix or any other reputable removal tool can get rid of it rather easily.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×