Inactive I can't get rid of trojan

Status
Not open for further replies.
J

jasonchrist24

I need help getting rid of this darn persistent virus / malware...
Symptoms, etc...:
win 7 pro 64
found by malwarebytes: Trojan.Dropper.ED
"removes" when malwarebytes runs...but it comes back when using ie. (v. 10 btw)
creates new processes called conhost41.exe
and runs multiple versions of svchost.exe (which take a lot of memory)
and puts svchost.exe (not a link!) in the startup folder
multiple registry entries...Backdoor.Bot (found by malwarebytes)
...
(HKU\S-1-5-21-90346377-3611238730-817758057-1000-{ED1FC765-E35E-4C3D-BF15--2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|svchost86x.sys)
...
and it creates c:\users\user\appdata\local\temp\e.dll (found by malwarebytes)
and c:\program files (x86)\internet explorer\version.dll (found by malwarebytes)
And I have 20 years as an IT consultant and I can't remove this!
After rebooting, (like mwb instructs) it acts clean, but it keeps coming back...
I've tried Kapersky anti rootkit, doesn't detect.
Neither does TrendMicro Housecall detect.
I have legal pleadings and medical documents to work on, and I'm trying to fix my car. I'm stranded in the middle of nowhere in Oregon after accidentally driving into the ocean - super foggy at night! So I have very limited internet and cell phone service. I'm needing some major help with this and any help would be very much appreciated. The technology gods would smile upon th33.
Thanks so much in advance!
Jay
 
Welcome aboard


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
OK. So I ran MBAM yesterday and it found virii. But there is no mention of it in the logs...weird, huh!? So because of that, I'm posting all of what I am looking at...
 

Attachments

  • mbamVirusList9-10 to 9-11.png
    mbamVirusList9-10 to 9-11.png
    113.9 KB · Views: 0
Step 1 - AV downloaded, installed, running. Flavor used: Avast...
step 2 - TBA...I'm going to complete some of the work I have to do, it's critical...I'm late already. I'll reply back here soon.
Avast found a virus. I "minimalized" Avast so it doesn't think it's the most important software on my computer...
Back soon. Thanks!
 
Status
Not open for further replies.

Similar threads

J
Solved Laptop is laggy, especially web browser
2
Replies
42
Views
4K
Broni
Broni
N
Solved Can't get rid of a russian adware
2
Replies
28
Views
9K
Broni
Broni
M
Solved Trojan found
2
Replies
47
Views
10K
Broni
Broni

Latest posts

Back