News:

FOR INFORMATION ON DONATIONS, AND HOW TO OBTAIN ACCESS TO THE GAME, PLEASE VIEW THE FOLLOWING TOPIC: http://stick-online.com/boards/index.php?topic=2.0

Main Menu

Windows Trojan

Started by Freeforall, December 09, 2012, 10:35:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Freeforall

December 09, 2012, 10:35:05 PM
My PC has recently been infected with a nasty trojan. It is probably 'Trojan Generic KDV 792778' according to some websites. It raises CPU usage to 100% and overheats the computer. When you open task manager, it hides itself so you cannot see it. If you close task manager, it starts up right away. I have managed to delete it about 4 times, and the CPU usage goes away for a while, but after a couple of restarts, it manages to come back again. I am stumped... I haven't had a stable internet connection in about a month, so I don't see how it could redownload itself.

It disguises itself as SearchIndexer service. It is running through igfxupdate.exe. I found this file in the following places:

C:\%windir%\System32
C:\%windir%\SysWOW64
C:\%windir%\SysWOW64\update

I deleted all of the files listed in those locations. Next, I went to the services manager and disabled the 'SearchIndexer' service.
Then, as administrator, I opened the Command Prompt and typed 'sc delete searchindexer'. It says it succeeded in deleting it, and it has. The problem stops for a while, but after a reboot or two, it always comes back.

I read somewhere that it might have something to do with the 'C:\Windows\SoftwareDistribution' folder, but I wasn't sure, so I didn't delete it.
It is getting ridiculously annoying, and if anyone would be willing to help, or if you have also been infected with this nasty bugger, I would really appreciate it.

Chaos

#1
December 10, 2012, 03:12:20 AM
If you haven't tried it yet, go download and run Malwarebytes.  It's just about one of the the best malware removal programs I have ever used, and it's completely free.
Jake says:
lol, I found God! He was hiding under a big rock this entire time that lil jokster

Freeforall

#2
December 10, 2012, 08:41:53 AM
Quote from: Chaos on December 10, 2012, 03:12:20 AM
If you haven't tried it yet, go download and run Malwarebytes.  It's just about one of the the best malware removal programs I have ever used, and it's completely free.
I completely forgot to mention, I have scanned with Avast and Malwarebytes a couple of times, and they haven't picked up anything.

KaptainKohl

#3
December 10, 2012, 06:25:26 PM
damn i think i might have this too, i thought it was weird that my computer was randomly heating up yesterday and today.
i checked for the  SearchIndexer and its is in all three of those locations you said and they were ether created/modified yesterday (the 9th) at 11:13 when i stared noticing my computer be weird.\
hopefully this is just a weird fluke and i don't have it but i would like to be sure. :/

Freeforall

#4
December 10, 2012, 09:42:09 PM
Quote from: KaptainKohl on December 10, 2012, 06:25:26 PM
damn i think i might have this too, i thought it was weird that my computer was randomly heating up yesterday and today.
i checked for the  SearchIndexer and its is in all three of those locations you said and they were ether created/modified yesterday (the 9th) at 11:13 when i stared noticing my computer be weird.\
hopefully this is just a weird fluke and i don't have it but i would like to be sure. :/
Hmmm... did you recently download Black Ops II? I believe it may have been the cause of my infection...

KaptainKohl

#5
December 10, 2012, 10:13:19 PM
Quote from: Freeforall on December 10, 2012, 09:42:09 PM
Hmmm... did you recently download Black Ops II? I believe it may have been the cause of my infection...
no. i don't remember downloading anything yesterday to my computer i'll check my download history

Torch

#6
December 11, 2012, 01:53:01 AM
Quote from: KaptainKohl on December 10, 2012, 10:13:19 PM
Quote from: Freeforall on December 10, 2012, 09:42:09 PM
Hmmm... did you recently download Black Ops II? I believe it may have been the cause of my infection...
no. i don't remember downloading anything yesterday to my computer i'll check my download history
You did not download Black Ops II.

@FFA: That's always a risk with torrenting : /

ARTgames

#7
December 11, 2012, 11:36:45 AM
I would format and reinstall. Better than playing wack a trojan and would take less time too.

Freeforall

#8
December 11, 2012, 08:08:28 PM
Quote from: ARTgames on December 11, 2012, 11:36:45 AM
I would format and reinstall. Better than playing wack a trojan and would take less time too.
It hasn't attacked again today, but if it does, I won't hesitate.

sly 3 4 me

#9
December 11, 2012, 10:05:48 PM
It's a risk to just have it running. If I were to make a virus I'd go for one that was non-intrusive and then just steal all the data without them noticing. It's not really a case of an 'attack'. It's always there. I'd suggest a reformat. I can help if needed.

Hikarikuen

#10
December 13, 2012, 10:28:02 AM
Reformatting is good to do periodically anyway, but if for some reason you don't want to yet you could always try burning a boot disk with a malware removal program on it and scan from that. I've always been a big fan of Hiren's Boot CD.
Print
Go Up Pages1
User actions