Reoccuring Trojan

Status
Not open for further replies.

acerra

Posts: 11   +0
hey there!

My brother's computer has been having some problems with pop-ups lately, and I've gone through all of the steps to remove this type of stuff and have attached 2 of the requested logs. I didn't have the report setting correct on the AVG Anti-Spyware, but I can tell you that it only came up with a few cookies that were set to delete and nothing else came up. If you need me to rescan and get a log to you, I can do that. But, otherwise, he just keeps having a Trojan pop up over and over - every time I remove it with Spyware Doctor or some other program, it just keeps coming back on my next scan. I appreciate any help with this :)

Thanks!
 
Why do you have WinVNC (remote Desktop) running?

Anyway

Download SDFix and save it to your Desktop

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
 
I did all of that and it seems to have kept the Trojan from popping up again, thanks :) Is there anything else in the HJT log that could/should be removed? He has a lot of crap starting up with his computer, and it gets on my nerves since mine has way less :p Oh, and I know he has the remote desktop thing on there, he uses it sometimes so yeah. Anyway, thanks!
 
Better to be safe than sorry!

Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.

Takes about an hour, and it's pretty boring :)
 
Status
Not open for further replies.
Back