• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

Total PC Defender

R

Richard In Va.

Flightless Bird
Would anyone know of a surefire method of removing Total PC Defender &
Trojan.Injector.GT ?

I think I've been able to remove Total PC Defender (partially), but not the
Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and
my administrative rights have changed... wont allow me to install Windows
Defender.

I'm hoping someone has written a stand alone DOS utility or removal tool...
would be nice.

Kindof pulling my hair out over here!

Thanks for any help.

Richard in VA
+++++++++++
 
C

C

Flightless Bird
Richard In Va. wrote:
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT ?
>
> I think I've been able to remove Total PC Defender (partially), but not the
> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and
> my administrative rights have changed... wont allow me to install Windows
> Defender.
>
> I'm hoping someone has written a stand alone DOS utility or removal tool...
> would be nice.
>
> Kindof pulling my hair out over here!
>
> Thanks for any help.
>
> Richard in VA
> +++++++++++
>
>


If you've been fooling round with this for over four hours, you could
have already reinstalled XP, updates and all your programs.

--
C
 
E

Elmo

Flightless Bird
Richard In Va. wrote:
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT?
>
> I think I've been able to remove Total PC Defender (partially), but notthe
> Trojan. AVG free still isn't allowed to update, Malewarebytes won't run, and
> my administrative rights have changed... won't allow me to install Windows
> Defender.
>
> I'm hoping someone has written a stand-alone DOS utility or removal tool...
> would be nice.
>
> Kind of pulling my hair out over here!
>
> Thanks for any help.


A few things I would try:

- (Perhaps for later, after other problems have been corrected.)
http://www.kellys-korner-xp.com/xp_tweaks.htm
Line 275. Lift Restrictions - TM, Regedit and CMD

1. Start in Safe Mode and run Malwarebytes there.

2. Open Task Manager and stop all services that will stop. If one
causes a freeze, or another problem, restart, but don't try to stop that
process. Then try Malwarebytes again.

3. Download this Avira Antivir Rescue System program which will burn a
CD image to a blank CD. It's updated a few times per day. Insert the
CD into the damaged machine and let it do a scan of your system. Before
starting the scan, select "Configuration" and set to repair or rename
the infected files. Sometimes your machine won't restart after such a
repair process, so you might want to save needed files to another system
before using this. If you can't, then you can move the hard drive to
another machine to copy needed files. You can do that before, or after
this scan.

http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

Then run these:

Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispyware
http://www.superantispyware.com/superantispywarefreevspro.html

You can try some of the CD's mentioned at the following site.
BitDefender was my favorite, but if the infected machine can't connect
to the internet to get updates, Avira comes with current virus
definitions. Also, some of these just won't run on some systems,
perhaps because there's no drivers available for some system devices,
motherboard, graphics card, etc. So try a few of these till you find
one that works:

Burn BitDefender, or another program listed at the link below, to a CD
(using a working machine) and test the infected machine with it.
BitDefender also has a Rootkit checker on the Linux Desktop; run it if
you think that's the problem:

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

Download the executable rather than the .iso image, if one is available,
(though no .exe is available for BitDefender).

After the scan is run, if you elect to quarantine files, they're
quarantined to RAM and lost after you reboot. You'll need to copy any
quarantined files to the hard drive, a thumb drive or elsewhere before
exiting.



--
Joe =o)
 
P

PA Bear [MS MVP]

Flightless Bird
NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now run a thorough check for hijackware, including posting requested logs
in an appropriate forum, not here. DO NOT SKIP THIS STEP!!

Checking for/Help with Hijackware:
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://www.elephantboycomputers.com/page2.html#Removing_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002

Richard In Va. wrote:
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT ?
>
> I think I've been able to remove Total PC Defender (partially), but not
> the
> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run,
> and
> my administrative rights have changed... wont allow me to install Windows
> Defender.
>
> I'm hoping someone has written a stand alone DOS utility or removal
> tool...
> would be nice.
>
> Kindof pulling my hair out over here!
>
> Thanks for any help.
>
> Richard in VA
> +++++++++++
 
J

Jose

Flightless Bird
On Mar 15, 1:57 pm, "Richard In Va." <Reply-n...@aol.com> wrote:
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT ?
>
> I think I've been able to remove Total PC Defender (partially), but not the
> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and
> my administrative rights have changed... wont allow me to install Windows
> Defender.
>
> I'm hoping someone has written a stand alone DOS utility or removal tool....
> would be nice.
>
> Kindof pulling my hair out over here!
>
> Thanks for any help.
>
> Richard in VA
> +++++++++++


MBAM is the preferred method but you say it won't run? That is
because Total PC Defender recognizes things that are used to remove it
and will keep them from running. It is not difficult to outsmart
malware though.

There is no need to fool around or try things - get rid of it with
certainty.

Here are good instructions for a proven method that will remove Total
PC Defender:

http://www.bleepingcomputer.com/virus-removal/remove-total-pc-defender

If mbam-setup.exe will not launch the install and you have followed
the directions, rename the mbam-setup.exe executable and run the
renamed installation file.

If mbam.exe will not launch after installing and you have followed the
directions, rename the mbam.exe executable and run the renamed
executable.

You should really follow the directions though. They are fine tuned
just for this purpose.
 
J

Johnw

Flightless Bird
Richard In Va. was thinking very hard :

> Malewarebytes wont run


Here is my info, similar to what has already been posted, with a few
different alternatives.

Malwarebytes' Anti-Malware
http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml
http://www.softpedia.com/progScreenshots/Malwarebytes-Anti-Malware-Screenshot-81598.html
http://www.malwarebytes.org/mbam.php
Forum
http://www.malwarebytes.org/forums/
If it won't run, rename the downloaded mbam-setup.exe file to mb.exe to
help work around certain malware that will block it from being run.
If it still will not run.
1: Go to Control Panel > Programs and Features and uninstall
Malwarebytes.
Next redownload Malwarebytes but rename it before you download it to
your desktop. As you are in the process of downloading when you get to
the point that the "enter name of file to save to" box appears, in the
"filename" slot, rename mbam-setup.exe to something.exe, then click
Save.
If it installed but will not run, navigate to this folder:
2: C:/Programs Files\Malwarebytes' AntiMalware
At the top of the page, Tools > Folder Options > View, click > Show
hidden files and folders and untick > Hide extensions for known file
types.
Rename all the .exe files in the Malwarebytes' Anti-Malware folder and
try to run it again.
When it opens, update 1st.
If it won't update after installing, update manually.
http://www.malwarebytes.org/mbam/database/mbam-rules.exe
Download & install.
 
R

Richard In Va.

Flightless Bird
Thanks for all the GOOD advice folks!

Yesterday, I had tried renaming the downloaded Malewarebytes installer,
which, with every attempt seemed to install fine. It would start, show the
start screen for a second or two then shut down... never considered renaming
the executable tho... hmmm.

The machine has AVG free 9.XX installed, which is no longer able to
check/install updates.

I've tried various things in Safe-Mode as well. I was however, able to
remove the Total PC Defender application (or as far as I can tell) but the
Trojan.Injector remains intact. (not allowing AVG updates or Malewarebytes
to run)

Last night, I read where someone suggested installing the hard drive on a
clean machine via SATA/USB adaptor as an external drive then running
Malewarebytes (and maybe AVG) on the infected drive.

I've heard of this before but have never tried it... willing to take a
gander...

This morning I have the drive on a clean machine as a USB drive with a fresh
install of Malewarebytes and AVG 9.XX... all MS updates as well.

If it finds and removes lots of threats, I hope to reinstall the drive to
the original box and boot to it's OS, then re-run everything again...
Malewarebytes and AVG.

AGAIN, thanks for all the GREAT ADVICE... I will surely need it if this
doesn't work out.... I'll let y'all know.
(additional advice certainly welcome)


Richard In VA.
+++++++++++


"Richard In Va." <Reply-none@aol.com> wrote in message
news:ehp6KkGxKHA.3408@TK2MSFTNGP06.phx.gbl...
> Would anyone know of a surefire method of removing Total PC Defender &
> Trojan.Injector.GT ?
>
> I think I've been able to remove Total PC Defender (partially), but not
> the Trojan. AVG free still isn't allowed to update, Malewarebytes wont
> run, and my administrative rights have changed... wont allow me to install
> Windows Defender.
>
> I'm hoping someone has written a stand alone DOS utility or removal
> tool... would be nice.
>
> Kindof pulling my hair out over here!
>
> Thanks for any help.
>
> Richard in VA
> +++++++++++
>
 
J

Jose

Flightless Bird
On Mar 16, 7:51 am, "Richard In Va." <Reply-n...@aol.com> wrote:
> Thanks for all the GOOD advice folks!
>
> Yesterday, I had tried renaming the downloaded Malewarebytes installer,
> which, with every attempt seemed to install fine. It would start, show the
> start screen for a second or two then shut down... never considered renaming
> the executable tho... hmmm.
>
> The machine has AVG free 9.XX installed, which is no longer able to
> check/install updates.
>
> I've tried various things in Safe-Mode as well. I was however, able to
> remove the Total PC Defender application (or as far as I can tell) but the
> Trojan.Injector remains intact. (not allowing AVG updates or Malewarebytes
> to run)
>
> Last night, I read where someone suggested installing the hard drive on a
> clean machine via SATA/USB adaptor as an external drive then running
> Malewarebytes (and maybe AVG) on the infected drive.
>
> I've heard of this before but have never tried it... willing to take a
> gander...
>
> This morning I have the drive on a clean machine as a USB drive with a fresh
> install of Malewarebytes and AVG 9.XX... all MS updates as well.
>
> If it finds and removes lots of threats, I hope to reinstall the drive to
> the original box and boot to it's OS, then re-run everything again...
> Malewarebytes and AVG.
>
> AGAIN, thanks for all the GREAT ADVICE... I will surely need it if this
> doesn't work out.... I'll let y'all know.
> (additional advice certainly welcome)
>
> Richard In VA.
> +++++++++++
>
> "Richard In Va." <Reply-n...@aol.com> wrote in messagenews:ehp6KkGxKHA.3408@TK2MSFTNGP06.phx.gbl...
>
>
>
> > Would anyone know of a surefire method of removing Total PC Defender &
> > Trojan.Injector.GT ?

>
> > I think I've been able to remove Total PC Defender (partially), but not
> > the Trojan. AVG free still isn't allowed to update, Malewarebytes wont
> > run, and my administrative rights have changed... wont allow me to install
> > Windows Defender.

>
> > I'm hoping someone has written a stand alone DOS utility or removal
> > tool... would be nice.

>
> > Kindof pulling my hair out over here!

>
> > Thanks for any help.

>
> > Richard in VA
> > +++++++++++


So you are purposely choosing not to follow the directions viewed/used
by 41,000+ people written to specifically remove Total PC Defender and
venture off on other ideas?
 
G

glee

Flightless Bird
Scanning while attached to another system is a good idea if you have
already removed the drive from the computer. If using MBAM for that, be
sure to choose Full Scan, NOT Quick Scan. Full Scan allows you to
choose which drives to scan.....that way you can choose to only scan the
external drive.

Also do a full scan with your anti-virus while connected as an external
drive. That is the only way to detect and remove rootkits safely. Be
quite sure to record the name and location of all files the programs
remove. If the AV finds a rootkit and removes it, they are often
embedded in critical system files like atapi.sys or iastor.sys. If a
critical system file is removed, Windows won't start when you put the
drive back in the original computer....so you must restore the clean
version of any system files that might be removed.

You can post here if you have any question about files removed.
--
Glen Ventura, MS MVP Oct. 2002 - Sept. 2009
A+
http://dts-l.net/

"Richard In Va." <Reply-none@aol.com> wrote in message
news:-O0R0I8PxKHA.5940@TK2MSFTNGP02.phx.gbl...
> Thanks for all the GOOD advice folks!
>
> Yesterday, I had tried renaming the downloaded Malewarebytes
> installer, which, with every attempt seemed to install fine. It would
> start, show the start screen for a second or two then shut down...
> never considered renaming the executable tho... hmmm.
>
> The machine has AVG free 9.XX installed, which is no longer able to
> check/install updates.
>
> I've tried various things in Safe-Mode as well. I was however, able to
> remove the Total PC Defender application (or as far as I can tell) but
> the Trojan.Injector remains intact. (not allowing AVG updates or
> Malewarebytes to run)
>
> Last night, I read where someone suggested installing the hard drive
> on a clean machine via SATA/USB adaptor as an external drive then
> running Malewarebytes (and maybe AVG) on the infected drive.
>
> I've heard of this before but have never tried it... willing to take a
> gander...
>
> This morning I have the drive on a clean machine as a USB drive with a
> fresh install of Malewarebytes and AVG 9.XX... all MS updates as well.
>
> If it finds and removes lots of threats, I hope to reinstall the drive
> to the original box and boot to it's OS, then re-run everything
> again... Malewarebytes and AVG.
>
> AGAIN, thanks for all the GREAT ADVICE... I will surely need it if
> this doesn't work out.... I'll let y'all know.
> (additional advice certainly welcome)
>
>
> Richard In VA.
> +++++++++++
>
>
> "Richard In Va." <Reply-none@aol.com> wrote in message
> news:ehp6KkGxKHA.3408@TK2MSFTNGP06.phx.gbl...
>> Would anyone know of a surefire method of removing Total PC Defender
>> & Trojan.Injector.GT ?
>>
>> I think I've been able to remove Total PC Defender (partially), but
>> not the Trojan. AVG free still isn't allowed to update, Malewarebytes
>> wont run, and my administrative rights have changed... wont allow me
>> to install Windows Defender.
>>
>> I'm hoping someone has written a stand alone DOS utility or removal
>> tool... would be nice.
>>
>> Kindof pulling my hair out over here!
>>
>> Thanks for any help.
>>
>> Richard in VA
>> +++++++++++
>>

>
>
 
Top