# I am looking for computer smart people.



## Trouble (Apr 27, 2010)

*I have to get Dave to put what is really going on. Everything is hidden from a bad trojan and we can't figure out how to get it back to normal. We have saved all the important things. Anyone know what I am talking about or can help for home made cookies? lol

Trojan:win32/FakeSysdef*


----------



## jobber (May 14, 2010)

This is the info I followed to resolve a computer in my home:

Win32:FakeSysdef-D[Trj] Description:
Trojan (or Trojan horse) is a harmful program that looks legitimate or integrated into legitimate software wait for users to load and execute. Win32:FakeSysdef-D[Trj] enters and installs the target computer without knowledge or permission when you open unknown email attachment and instant messaged, opening a picture, etc. Once executed, Win32:FakeSysdef-D[Trj] can change desktop background, display and allow hacker to get unauthorized remote access to the infected computer, corrupt files and break the system, or even leave other malicious malwares or violate user's privacy. Before Win32:FakeSysdef-D[Trj] screw up your computer and steal your confidential information, you'd better remove Win32:FakeSysdef-D[Trj] as soon as possible.
Win32:FakeSysdef-D[Trj] is Very Dangerous:
Win32:FakeSysdef-D[Trj] is a malicious Trojan
Win32:FakeSysdef-D[Trj] shows fake security & messages
Win32:FakeSysdef-D[Trj] popups numerous annoying advertisements
Win32:FakeSysdef-D[Trj] may be controlled by a remote host
Win32:FakeSysdef-D[Trj] may come with additional spyware
Win32:FakeSysdef-D[Trj] may cause the infected computer work slow and it's difficult to remove Win32:FakeSysdef-D[Trj]
Win32:FakeSysdef-D[Trj] violates your privacy and steals confidential information
Since Win32:FakeSysdef-D[Trj] has so many harmfull characteristics, get rid of Win32:FakeSysdef-D[Trj] with the manual instructions in this article immediately.
How to Manually Remove Win32:FakeSysdef-D[Trj]?
1. Press*Ctrl+Alt+Delete to open the Windows Task Manager. Then stop all Win32.FakeSysdef-D[Trj] processes.
2. Click on the Processes tab, search for Win32.FakeSysdef-D[Trj], then right-click it and choose End Process key.
3. Click Start button and select Run. Type regedit into the box and click*ok to proceed.
4. Once the Registry Editor is open, search for the registry key "HKEY_LOCAL_MACHINE\Software\Win32:FakeSysdef-D[Trj]." Right-click this registry key and*choose Delete.
5. Search for file like %PROGRAM_FILES%\Win32:FakeSysdef-D[Trj]\Win32:FakeSysdef-D[Trj].exe and delete it manually.


----------



## Trouble (Apr 27, 2010)

*It was removed but we don't know how to see the programs again.*


----------



## Nicklfire (Apr 21, 2010)

tried to do a system restore before the issue happened?


----------



## Trouble (Apr 27, 2010)

*I have no idea what she did. I told her to shut it off and not touch it till Davefrombc can have a look.

Dave says you can't do a system restore thats the problem. You can't get to task manager or any administrative tools at all.*


----------



## Sliver (Apr 19, 2011)

sometimes it's easier just to recover all your important data and reformat your machine....


----------



## Nicklfire (Apr 21, 2010)

Tried loggin into safe mode to do system restore?


----------



## Trouble (Apr 27, 2010)

*Hmm well we will try that. Dave just went hmmm. think he has been helping to many people these days.*


----------



## onyx (Aug 9, 2010)

*computer problems ..*

if you are going to format look into using a DOD hhd Wipe.
ps. your problem just might be waiting in your system restore.
turn off system restore...Then Scan.
I hope this helps


----------



## eternity302 (Apr 22, 2010)

When your system boots up, shoudl have a key for you to restore~
I run a gigabyte motherboard and i think it's F8 for me.
Dun remember about my other computer, but it's ASUS but it was another key..~
But wait for it to boot up, boot up screen usually lets u restart. Or maybe I'm wrong =)


----------



## Trouble (Apr 27, 2010)

*Well the restore didn't work. I think it might have to be wiped out.*


----------



## rescuepenguin (Apr 21, 2010)

My wife has the vehicle today, otherwise I could come over, I do have the ability to run virus removal tools without starting windows. Its worth a try


----------



## CanadianCowbell (Jan 16, 2011)

We recently had to deal with a computer (step-sister-in-laws daughters) that had a nasty one on it and once we cleared it left everything hidden. It was that Vista Repair Diagnostics one. We had to use unhide.exe and it fixed it.


----------



## davefrombc (Apr 21, 2010)

The fake HDD program has screens for each version of Windows, but is actually the same rogue POS.. Unhide was what finally brought back her icons and program links too.. Bleepingcomputer is one of the help forums I haunt also and when I found out just what I was dealing with, a visit with them quickly led to the unhide file and all back to normal. As far as I know, it's been fine since..At least there hasn't been another cry for help in the last week..


----------



## cpool (Apr 30, 2010)

I had a lot of computer issues in the past, I solved them all 5 years ago, I'll tell you what I did. This will no doubt be contravertial for some people who swear by PC. I bought a mac. Haven't had an issue since. Thing of beauty right there! 

Curtis


----------



## davefrombc (Apr 21, 2010)

I don't bother posting any warnings about Mac exploits because too many of their users think they are invulnerable. More all the time are finding out to their dismay it ain't so. There are some Mac versions of the latest Windows exploits out there. As long as all updates are kept up, most of the problems come from "social engineering" rather than weaknesses in the OS itself; and that is true whether you use Windows or Mac .
With all the "i" stuff out there , you're going to see more of them all the time .


----------



## davefrombc (Apr 21, 2010)

I often here the question " Why do people write these viruses and trojans to mess up peoples computer ?" Todays Vancouver Sun has a small blurb on the takedown of one lot that answers the question..
Quote: "Police in the United States and seven other countries seized computers and servers used to run a “ scareware” scheme that has netted more than $ 72 million from victims tricked into buying fake anti-virus software. The suspects, who were not identified, planted “ scareware” on nearly a million computers. The scareware would pretend to find malicious software. The goal is to persuade the victim to hand over credit card information, paying to resolve a nonexistent problem. " End Quote.

That was just one of the bad guy groups .. There are also fake hard drive utilities like the one Troubles friend go that do the same thing . The scare you into clicking and inadvertently installing them ; then try to hold you to ransom to pay to " activate them to fix your system " That is called "social engineering" and gets around your regular anti-virus software because you gave permission for the POS to install.

By the way . . For Mac users .. You aren't safe from those either.. There are Mac versions of both the fake a/v and HD utility.


----------



## Trouble (Apr 27, 2010)

*As far as I know all is well with her computer. More cookies next time you are out this way.*


----------

