HELP!! Infected by CIA Trojan!!
-
- Fame ! Where are the chicks?!
- Posts: 212
- Joined: 26 Mar 2006, 16:00
- 18
- Location: Infinite Loop
- Contact:
HELP!! Infected by CIA Trojan!!
I've been infected by CIA trojan. I blocks the Task MAnager, windows recovery, registry editing, etc..!!!!
I have kaspersky anti vir and i deleted all threaths also i instale a trojan remover but it didnt work!!
Plz HELP ME!!
I have kaspersky anti vir and i deleted all threaths also i instale a trojan remover but it didnt work!!
Plz HELP ME!!
-
- Fame ! Where are the chicks?!
- Posts: 412
- Joined: 03 May 2006, 16:00
- 17
- Location: United States Of America
- Contact:
If You Can Some How Get To Your Task Manager http://www.spywaredb.com/remove-cia/
You Can Also Try http://security.symantec.com/sscv6/defa ... &venid=sym
And Click GO
Or Try http://www.ccleaner.com/
I Use It To Keep My Registry Clean.
Good Luck
You Can Also Try http://security.symantec.com/sscv6/defa ... &venid=sym
And Click GO
Or Try http://www.ccleaner.com/
I Use It To Keep My Registry Clean.
Good Luck
If Man Made It Man Can Crack Or Hack It & If You Want To Be A True Hacker You Need To Keep Your Mind Open And Always Be Willing To Learn
[img]http://img384.imageshack.us/img384/9996/chaos19862ub.png[/img]
[img]http://img384.imageshack.us/img384/9996/chaos19862ub.png[/img]
-
- Fame ! Where are the chicks?!
- Posts: 212
- Joined: 26 Mar 2006, 16:00
- 18
- Location: Infinite Loop
- Contact:
It was one of my friends he doesnt know english so he just checked every box in the server builder so now:
It hides from task manager
it hides from windows explorer
it hides from AV
it kills Firewall and AV
Advances:
I now get acess to task manager and cmd in networking safe mode, but the processes are hidden!
I really need to get rid of this plz
It hides from task manager
it hides from windows explorer
it hides from AV
it kills Firewall and AV
Advances:
I now get acess to task manager and cmd in networking safe mode, but the processes are hidden!
I really need to get rid of this plz
Seems like it did some registry edits. Boot up in safe mode again, and do a system restore. Also, in safe mode, watch it boot up and at the bottom if it says it's loading some file and that you can cancel it, DO IT. It's probably that trojan integrating itself into safe mode. Anyway, once you've done system restore, try doing the things chaos recommended.
¯\_(ツ)_/¯ It works on my machine...
- knightm4r3
- suck-o-fied!
- Posts: 74
- Joined: 28 Dec 2006, 17:00
- 17
- Pathogenic_Linx
- Newbie
- Posts: 1
- Joined: 10 Mar 2007, 17:00
- 17
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
not exactly...a rootkit can't usually be found in the list of running tasks or opened ports, but on the other side a rootkit doesn't need to kill the AV or firewall. the AV usually can't detect it anyway because the rootkit is running on system level and not on application level, and because it binds to other services it doesn't need to open a own port.Pathogenic_Linx wrote:Sounds more like a root kit than anything else.
but well, it's like viruses and worms, there is no "pure" malware around anymore, just mixes of different malware categories....so a RAT can partitially behave like a rootkit too...