Total PC Defender

[Richard In Va.]

Would anyone know of a surefire method of removing Total PC Defender &

Trojan.Injector.GT ?



I think I've been able to remove Total PC Defender (partially), but not the

Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and

my administrative rights have changed... wont allow me to install Windows

Defender.



I'm hoping someone has written a stand alone DOS utility or removal tool...

would be nice.



Kindof pulling my hair out over here!



Thanks for any help.



Richard in VA

+++++++++++

 

[C]

Richard In Va. wrote:

> Would anyone know of a surefire method of removing Total PC Defender &

> Trojan.Injector.GT ?

>

> I think I've been able to remove Total PC Defender (partially), but not the

> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and

> my administrative rights have changed... wont allow me to install Windows

> Defender.

>

> I'm hoping someone has written a stand alone DOS utility or removal tool...

> would be nice.

>

> Kindof pulling my hair out over here!

>

> Thanks for any help.

>

> Richard in VA

> +++++++++++

>

>



If you've been fooling round with this for over four hours, you could

have already reinstalled XP, updates and all your programs.



--

C

 

[Elmo]

Richard In Va. wrote:

> Would anyone know of a surefire method of removing Total PC Defender &

> Trojan.Injector.GT?

>

> I think I've been able to remove Total PC Defender (partially), but notthe

> Trojan. AVG free still isn't allowed to update, Malewarebytes won't run, and

> my administrative rights have changed... won't allow me to install Windows

> Defender.

>

> I'm hoping someone has written a stand-alone DOS utility or removal tool...

> would be nice.

>

> Kind of pulling my hair out over here!

>

> Thanks for any help.



A few things I would try:



- (Perhaps for later, after other problems have been corrected.)

http://www.kellys-korner-xp.com/xp_tweaks.htm

Line 275. Lift Restrictions - TM, Regedit and CMD



1. Start in Safe Mode and run Malwarebytes there.



2. Open Task Manager and stop all services that will stop. If one

causes a freeze, or another problem, restart, but don't try to stop that

process. Then try Malwarebytes again.



3. Download this Avira Antivir Rescue System program which will burn a

CD image to a blank CD. It's updated a few times per day. Insert the

CD into the damaged machine and let it do a scan of your system. Before

starting the scan, select "Configuration" and set to repair or rename

the infected files. Sometimes your machine won't restart after such a

repair process, so you might want to save needed files to another system

before using this. If you can't, then you can move the hard drive to

another machine to copy needed files. You can do that before, or after

this scan.



http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html



Then run these:



Malwarebytes© Corporation

http://www.malwarebytes.org/mbam/program/mbam-setup.exe



SuperAntispyware

http://www.superantispyware.com/superantispywarefreevspro.html



You can try some of the CD's mentioned at the following site.

BitDefender was my favorite, but if the infected machine can't connect

to the internet to get updates, Avira comes with current virus

definitions. Also, some of these just won't run on some systems,

perhaps because there's no drivers available for some system devices,

motherboard, graphics card, etc. So try a few of these till you find

one that works:



Burn BitDefender, or another program listed at the link below, to a CD

(using a working machine) and test the infected machine with it.

BitDefender also has a Rootkit checker on the Linux Desktop; run it if

you think that's the problem:



http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/



Download the executable rather than the .iso image, if one is available,

(though no .exe is available for BitDefender).



After the scan is run, if you elect to quarantine files, they're

quarantined to RAM and lost after you reboot. You'll need to copy any

quarantined files to the hard drive, a thumb drive or elsewhere before

exiting.







--

Joe =o)

 

[PA Bear [MS MVP]]

NB: If you had no anti-virus application installed or the subscription had

expired *when the machine first got infected* and/or your subscription has

since expired and/or the machine's not been kept fully-patched at Windows

Update, don't waste your time with any of the below: Format & reinstall

Windows. A Repair Install will NOT help!



Microsoft PCSafety provides home users (only) with no-charge support in

dealing with malware infections such as viruses, spyware (including unwanted

software), and adware.

https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1



Also available via the Consumer Security Support home page:

https://consumersecuritysupport.microsoft.com/



Otherwise...



1. See if you can download/run the MSRT manually:

http://www.microsoft.com/security/malwareremove/default.mspx



NB: Run the FULL scan, not the QUICK scan! You may need to download the

MSRT on a non-infected machine, then transfer MRT.EXE to the infected

machine and rename it to SCAN.EXE before running it.



2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)

in Safe Mode with Networking, if need be:

http://onecare.live.com/site/en-us/center/howsafe.htm



2b. Vista or Win7=> Run this scan instead:

http://onecare.live.com/site/en-us/center/whatsnew.htm



3. Now run a thorough check for hijackware, including posting requested logs

in an appropriate forum, not here. DO NOT SKIP THIS STEP!!



Checking for/Help with Hijackware:

• http://mvps.org/winhelp2002/unwanted.htm

• http://inetexplorer.mvps.org/tshoot.html

• http://www.mvps.org/sramesh2k/Malware_Defence.htm

• http://www.elephantboycomputers.com/page2.html#Removing_Malware



**Chances are you will need to seek expert assistance in

http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,

http://www.spywarewarrior.com/viewforum.php?f=5,

http://www.dslreports.com/forum/cleanup,

http://www.bluetack.co.uk/forums/index.php,

http://aumha.net/viewforum.php?f=30 or other appropriate forums.**



If these procedures look too complex - and there is no shame in admitting

this isn't your cup of tea - take the machine to a local, reputable and

independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.



--

~Robear Dyer (PA Bear)

MS MVP-IE, Mail, Security, Windows Client - since 2002



Richard In Va. wrote:

> Would anyone know of a surefire method of removing Total PC Defender &

> Trojan.Injector.GT ?

>

> I think I've been able to remove Total PC Defender (partially), but not

> the

> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run,

> and

> my administrative rights have changed... wont allow me to install Windows

> Defender.

>

> I'm hoping someone has written a stand alone DOS utility or removal

> tool...

> would be nice.

>

> Kindof pulling my hair out over here!

>

> Thanks for any help.

>

> Richard in VA

> +++++++++++

 

[Jose]

On Mar 15, 1:57 pm, "Richard In Va." wrote:

> Would anyone know of a surefire method of removing Total PC Defender &

> Trojan.Injector.GT ?

>

> I think I've been able to remove Total PC Defender (partially), but not the

> Trojan. AVG free still isn't allowed to update, Malewarebytes wont run, and

> my administrative rights have changed... wont allow me to install Windows

> Defender.

>

> I'm hoping someone has written a stand alone DOS utility or removal tool....

> would be nice.

>

> Kindof pulling my hair out over here!

>

> Thanks for any help.

>

> Richard in VA

> +++++++++++



MBAM is the preferred method but you say it won't run? That is

because Total PC Defender recognizes things that are used to remove it

and will keep them from running. It is not difficult to outsmart

malware though.



There is no need to fool around or try things - get rid of it with

certainty.



Here are good instructions for a proven method that will remove Total

PC Defender:



http://www.bleepingcomputer.com/virus-removal/remove-total-pc-defender



If mbam-setup.exe will not launch the install and you have followed

the directions, rename the mbam-setup.exe executable and run the

renamed installation file.



If mbam.exe will not launch after installing and you have followed the

directions, rename the mbam.exe executable and run the renamed

executable.



You should really follow the directions though. They are fine tuned

just for this purpose.

 

[Johnw]

Richard In Va. was thinking very hard :



> Malewarebytes wont run



Here is my info, similar to what has already been posted, with a few

different alternatives.



Malwarebytes' Anti-Malware

http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml

http://www.softpedia.com/progScreenshots/Malwarebytes-Anti-Malware-Screenshot-81598.html

http://www.malwarebytes.org/mbam.php

Forum

http://www.malwarebytes.org/forums/

If it won't run, rename the downloaded mbam-setup.exe file to mb.exe to

help work around certain malware that will block it from being run.

If it still will not run.

1: Go to Control Panel > Programs and Features and uninstall

Malwarebytes.

Next redownload Malwarebytes but rename it before you download it to

your desktop. As you are in the process of downloading when you get to

the point that the "enter name of file to save to" box appears, in the

"filename" slot, rename mbam-setup.exe to something.exe, then click

Save.

If it installed but will not run, navigate to this folder:

2: C:\Programs Files\Malwarebytes' AntiMalware

At the top of the page, Tools > Folder Options > View, click > Show

hidden files and folders and untick > Hide extensions for known file

types.

Rename all the .exe files in the Malwarebytes' Anti-Malware folder and

try to run it again.

When it opens, update 1st.

If it won't update after installing, update manually.

http://www.malwarebytes.org/mbam/database/mbam-rules.exe

Download & install.

 

[Richard In Va.]

Thanks for all the GOOD advice folks!



Yesterday, I had tried renaming the downloaded Malewarebytes installer,

which, with every attempt seemed to install fine. It would start, show the

start screen for a second or two then shut down... never considered renaming

the executable tho... hmmm.



The machine has AVG free 9.XX installed, which is no longer able to

check/install updates.



I've tried various things in Safe-Mode as well. I was however, able to

remove the Total PC Defender application (or as far as I can tell) but the

Trojan.Injector remains intact. (not allowing AVG updates or Malewarebytes

to run)



Last night, I read where someone suggested installing the hard drive on a

clean machine via SATA/USB adaptor as an external drive then running

Malewarebytes (and maybe AVG) on the infected drive.



I've heard of this before but have never tried it... willing to take a

gander...



This morning I have the drive on a clean machine as a USB drive with a fresh

install of Malewarebytes and AVG 9.XX... all MS updates as well.



If it finds and removes lots of threats, I hope to reinstall the drive to

the original box and boot to it's OS, then re-run everything again...

Malewarebytes and AVG.



AGAIN, thanks for all the GREAT ADVICE... I will surely need it if this

doesn't work out.... I'll let y'all know.

(additional advice certainly welcome)





Richard In VA.

+++++++++++





"Richard In Va." wrote in message

news:ehp6KkGxKHA.3408@TK2MSFTNGP06.phx.gbl...

> Would anyone know of a surefire method of removing Total PC Defender &

> Trojan.Injector.GT ?

>

> I think I've been able to remove Total PC Defender (partially), but not

> the Trojan. AVG free still isn't allowed to update, Malewarebytes wont

> run, and my administrative rights have changed... wont allow me to install

> Windows Defender.

>

> I'm hoping someone has written a stand alone DOS utility or removal

> tool... would be nice.

>

> Kindof pulling my hair out over here!

>

> Thanks for any help.

>

> Richard in VA

> +++++++++++

>

 

[Jose]

On Mar 16, 7:51 am, "Richard In Va." wrote:

> Thanks for all the GOOD advice folks!

>

> Yesterday, I had tried renaming the downloaded Malewarebytes installer,

> which, with every attempt seemed to install fine. It would start, show the

> start screen for a second or two then shut down... never considered renaming

> the executable tho... hmmm.

>

> The machine has AVG free 9.XX installed, which is no longer able to

> check/install updates.

>

> I've tried various things in Safe-Mode as well. I was however, able to

> remove the Total PC Defender application (or as far as I can tell) but the

> Trojan.Injector remains intact. (not allowing AVG updates or Malewarebytes

> to run)

>

> Last night, I read where someone suggested installing the hard drive on a

> clean machine via SATA/USB adaptor as an external drive then running

> Malewarebytes (and maybe AVG) on the infected drive.

>

> I've heard of this before but have never tried it... willing to take a

> gander...

>

> This morning I have the drive on a clean machine as a USB drive with a fresh

> install of Malewarebytes and AVG 9.XX... all MS updates as well.

>

> If it finds and removes lots of threats, I hope to reinstall the drive to

> the original box and boot to it's OS, then re-run everything again...

> Malewarebytes and AVG.

>

> AGAIN, thanks for all the GREAT ADVICE... I will surely need it if this

> doesn't work out.... I'll let y'all know.

> (additional advice certainly welcome)

>

> Richard In VA.

> +++++++++++

>

> "Richard In Va." wrote in messagenews:ehp6KkGxKHA.3408@TK2MSFTNGP06.phx.gbl...

>

>

>

> > Would anyone know of a surefire method of removing Total PC Defender &

> > Trojan.Injector.GT ?

>

> > I think I've been able to remove Total PC Defender (partially), but not

> > the Trojan. AVG free still isn't allowed to update, Malewarebytes wont

> > run, and my administrative rights have changed... wont allow me to install

> > Windows Defender.

>

> > I'm hoping someone has written a stand alone DOS utility or removal

> > tool... would be nice.

>

> > Kindof pulling my hair out over here!

>

> > Thanks for any help.

>

> > Richard in VA

> > +++++++++++



So you are purposely choosing not to follow the directions viewed/used

by 41,000+ people written to specifically remove Total PC Defender and

venture off on other ideas?

 

[glee]

Scanning while attached to another system is a good idea if you have

already removed the drive from the computer. If using MBAM for that, be

sure to choose Full Scan, NOT Quick Scan. Full Scan allows you to

choose which drives to scan.....that way you can choose to only scan the

external drive.



Also do a full scan with your anti-virus while connected as an external

drive. That is the only way to detect and remove rootkits safely. Be

quite sure to record the name and location of all files the programs

remove. If the AV finds a rootkit and removes it, they are often

embedded in critical system files like atapi.sys or iastor.sys. If a

critical system file is removed, Windows won't start when you put the

drive back in the original computer....so you must restore the clean

version of any system files that might be removed.



You can post here if you have any question about files removed.

--

Glen Ventura, MS MVP Oct. 2002 - Sept. 2009

A+

http://dts-l.net/



"Richard In Va." wrote in message

news:O0R0I8PxKHA.5940@TK2MSFTNGP02.phx.gbl...

> Thanks for all the GOOD advice folks!

>

> Yesterday, I had tried renaming the downloaded Malewarebytes

> installer, which, with every attempt seemed to install fine. It would

> start, show the start screen for a second or two then shut down...

> never considered renaming the executable tho... hmmm.

>

> The machine has AVG free 9.XX installed, which is no longer able to

> check/install updates.

>

> I've tried various things in Safe-Mode as well. I was however, able to

> remove the Total PC Defender application (or as far as I can tell) but

> the Trojan.Injector remains intact. (not allowing AVG updates or

> Malewarebytes to run)

>

> Last night, I read where someone suggested installing the hard drive

> on a clean machine via SATA/USB adaptor as an external drive then

> running Malewarebytes (and maybe AVG) on the infected drive.

>

> I've heard of this before but have never tried it... willing to take a

> gander...

>

> This morning I have the drive on a clean machine as a USB drive with a

> fresh install of Malewarebytes and AVG 9.XX... all MS updates as well.

>

> If it finds and removes lots of threats, I hope to reinstall the drive

> to the original box and boot to it's OS, then re-run everything

> again... Malewarebytes and AVG.

>

> AGAIN, thanks for all the GREAT ADVICE... I will surely need it if

> this doesn't work out.... I'll let y'all know.

> (additional advice certainly welcome)

>

>

> Richard In VA.

> +++++++++++

>

>

> "Richard In Va." wrote in message

> news:ehp6KkGxKHA.3408@TK2MSFTNGP06.phx.gbl...

>> Would anyone know of a surefire method of removing Total PC Defender

>> & Trojan.Injector.GT ?

>>

>> I think I've been able to remove Total PC Defender (partially), but

>> not the Trojan. AVG free still isn't allowed to update, Malewarebytes

>> wont run, and my administrative rights have changed... wont allow me

>> to install Windows Defender.

>>

>> I'm hoping someone has written a stand alone DOS utility or removal

>> tool... would be nice.

>>

>> Kindof pulling my hair out over here!

>>

>> Thanks for any help.

>>

>> Richard in VA

>> +++++++++++

>>

>

>