Sinowal. Trojan Virus help?

Question:

Baller

2008-12-04 17:52:47 UTC

my computer security center alert says i have the sinowal trojan virus. I ran my norton and it found it and tried to 'remove it but it still pops up when ever i turn on my computer, it says: "sinowal. trojan high risk". plz help

Nine answers:

Manuel

2008-12-08 14:32:20 UTC

in safe mode F8 run malwarebytes anti-malware and SUPERAntispyware,and what they find you

delete it manually. then run ccleaner to cleand your pc, and mvregclean, to clean registry.

what mvregclean find you remove because the key is there but not the file ,folder or program.

even you reformat and it finds anything remove dont be afraid.

f

Genevieve

2016-08-21 18:28:17 UTC

Ed G

2008-12-04 17:57:58 UTC

I just posted this to another user who has the same problem so I'll just paste it for you.

Well that's one of the worst you can get. Sinowal infects a PC's Master

Boot Record (MBR), the first sector on a hard drive, where it's invisible to ordinary antivirus agents.It is the most advanced and stealthiest malware seen so far. None of the anti-virus software will remove it.

If your PC is infected, Sinowal removal tools developed by a few security vendors may be able to help you. The bad news is that even the best tool can't be 100% effective against a threat that's evolving as quickly as this li'l terror

I'm giving you links to anti-rootkit tool the first one is easy to use but isn't as good as the second one. Gmer the second is for experienced users read the documentation carefully Use AT your own risk. To be honest with you the only way you can be sure is to reinstall Windows.

http://www.download.com/Panda-Anti-Rootk...

http://www.gmer.net/index.php

Here I also found this it tells all about the infection you have and none of it is good news.

http://windowssecrets.com/2008/11/20/03-Dont-be-a-victim-of-Sinowal-the-super-Trojan

2008-12-04 17:59:44 UTC

There are cases when an Antivirus program has trouble removing a sticky infection. Some programs are better than others of course. There could be a few things going on. One is that the virus has attached itself to your system restore and is staying alive that way.

Try running a different scan than Norton though. I'd recommend Super Antispyware free

link: httpp://www.superantispyware.com (download the free version)

or A2 Free

http://www.emsisoft.com/en/software/free/

Both are excellent at detection and cleaning trojans.

Dave Computer Cleaner

2008-12-04 18:03:49 UTC

How to remove Fake Software (e.g. Antivirus 2009), Spyware, Trojans and Viruses:

Download, install, update and scan your computer with both Malwarebytes and SuperantiSpyware, delete what ever they find, if this fails to completely remove the virus/spyware download then update Avast and run a boot scan (click schedule boot-time scan and restart your PC), all the software below is free and safe to use.

Malwarebytes: http://www.malwarebytes.org/mbam.php

SuperantiSpyware: http://www.superantispyware.com/

Avast Anti-Virus: http://www.avast.com/eng/avast_4_home.html

To protect your PC in the future you'll need to install anti-virus software and a firewall, id recommend using Avast and Comodo Pro firewall both are very effective and completely free, you should also switch to Firefox 3 if you are browsing with IE as its much safer and a lot easier to use. (links on my profile)

Justin

2008-12-05 13:38:04 UTC

this is not sinowal.trojan. this problem is adware. i had the same thing happen to me last night, around 18:30EST. the virus is called: spyware.ispynow

http://www.spywareremovalblog.com/remove-spywareispynow/

the process has a few different names. do a ctrl+alt+delete and look for one of these:

runhh6110411.exe, xtgoj6119471.exe, ggqjh22510678.exe, or something similar

you should be able to find the file(s) on your hard drive here:

C:\Documents and Settings\Owner(your name)\Application Data\Google

kill the process and delete the files, then reboot and run your PC in "safemode"

EDIT: apparently the file wont delete normally, so you will have to boot your computer in safe mode first and delete the file that way.

inf pye

2008-12-04 18:00:23 UTC

you are dealing with a VERY high level risked trojan, this trojan not only steals passwords, but it steals bank, credit card info, etc. get rid of it immediately. google anti-virus software and/or spyware remover.lastly don't forget to check your stuff for fraudulent activity. time is wasting! good luck man.

Chucky

2008-12-05 15:09:45 UTC

Justin thanks for the info you are a saviour. I hae spend 24 hours using Mcafee, Kaspersky Av prgrams to try and find the sinowal virus. You are right it was adware and following your instructions I no longer get the pop up. It should be illegal for a company to use adware in this way to get people to buy their product!

jennycherie73

2008-12-05 13:47:54 UTC

OMG!!! U TO!?! I sent my AVG program hunting it down. I set up a scan to look in places where i though it would be. So far... wait, let me check....Gah! It still hides from me! But the geek knows that it can't hide forever... I guess it hasn't heard of what I did last night to one of it's friends. I tracked it's friend down with spybot-search and destroy and blasted the sucker to bits. Checking AVG again.... DANG IT!!! Been running for 31 min. and it hasn't found anything!!!

I'll have to track it down manually.

...

......

OMG!! Found it! DIE!!!! WT Heck!?! I'm telling it to delete it!!! Gosh.

ⓘ

This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.

about - legalese