virus help

[animal66]

One of my kids managed to download a virus onto my windows running on my mac. The virus has managed to take up pretty much all of the windows partition on the hard drive. After some research i have managed to identify it as Win32/Tolouge (I think). Does anyone have any experience of removing said virus? I would appreciate any help you can give. The antivirus/cleanup tools i have used so far are, malwarebytes, mcaffee stinger, housecall online, ccleaner, rkill, combofix.

What i need to do is clean up the drive so i have more space to install av programs. Any ideas people?

 

[mousquet]

Try this program.Not sure, it will work under Mac, but why not to try?
I use it everytime I suspect infection in my PC.
http://www.freedrweb.com/cureit/?lng=en
Good luck in your virus hunting

 

[WaLLy]

Holy cow, tried all those programs and it's still there?

Give Search & Destro a shot. http://www.safer-networking.org/dl/

You might need to take a screenshot of the name of the virus/program that are running in task manager so we can have a better idea of what's running.

 

[miniCyb3r]

If you want to spend the money, get Norton.

 

[Kreubs]

I avoid Norton like the plague.
Interestingly, this is the only semi-useful information I could find.
http://www.microsoft.com/security/p...a/entry.aspx?Name=TrojanClicker:Win32/Tolouge
MS Security Center, although known for abysmal performance, is said to remove it, so maybe it's worth a shot?

Once, I cleaned a hard drive eating virus that just spammed crap files. Have you pinpointed the file dump? I wrote script to clean the crap until I could actually find the virus itself. The whole process took about two hours. Maybe it's just me, but I don't usually use removal tools because in my experience they've miss a lot of stuff so I end up doing it manually anyway lol.

 

[DamageINC]

+1 on Norton. No way i'd ever run that.

I did some Google searches as well and came up with the same information about MS. It seems that trojan is a real bitch to remove.

@animal66 , don't you work at a PC shop? Maybe take it in and talk to co-workers and try some various methods.

 

[animal66]

If you want to spend the money, get Norton.

Wouldn't touch it, although i have found some of the removal tools useful

http://www.microsoft.com/security/p...a/entry.aspx?Name=TrojanClicker:Win32/Tolouge
MS Security Center, although known for abysmal performance, is said to remove it, so maybe it's worth a shot?

Once, I cleaned a hard drive eating virus that just spammed crap files. Have you pinpointed the file dump? I wrote script to clean the crap until I could actually find the virus itself..

Tried microsoft, didn't help. Haven't found the crap file dump yet. would you happen to have that script to hand?

+1 on Norton. No way i'd ever run that.


@animal66 , don't you work at a PC shop?

I used to. If you remember i gave it up about 18 months ago to care for my kids. The thing is, i used to do stuff like this day in, day out. When you don't do something for a while, you tend to forget stuff.

 

[DamageINC]

Oh, right. Sorry. I have a terrible memory for such things.

 

[Kreubs]

Sorry, I don't. It was just a combo of repeated cmd commands to delete all of the crap created.

What processes are running? Google seems to indicate that this malware runs under randomly named gibberish processes.

msconfig will show all startup processes and services unless they got super sneaky and added an entry in the task scheduler.