Trojan help

Status
Not open for further replies.
R

rwillis

Posts: 47   +0
I downloaded a torrent of what I thought was a cracked version of some software only to run the .exe included and have all my open windows close. I immediately restarted the computer and was greeted with a message that windows had detected new versions of operating system files and that I should insert the windows disk to fix them. I tried a system restore to no avail, at which point I consulted Julio's sticky to try and fix it. I also noticed that Firefox was much slower than usual and sometimes closed unexpectedly (with the dialog saying "firefox.exe has had to close unexpectedly... etc)

I followed Julio's instructions as closely as I could. After installing AVG it popped up with a list of trojans. I continued with the instructions and when I had done everything I thought I was done because my latest SuperAntiSpyware scan turned up clean and AVG no longer popped up with warnings and I didn't get any messages from windows. However, firefox still terminates without warning so I figure something is still wrong.

I ran AVG again and found two files, which it said it deleted. But then I looked in the "virus vault" and there is still a list of things in there. Do I need to do something about that, and what?


Help! here are my logs... (combofix didn't work... I got some message that the "application failed to start" or something and then a 0x00000005 or some odd number of zeros. I used dss.exe instead, as instructed)
 
Upon running SuperAntispyware, I would immediately run it once more in SAFEMODE.
I would also run MBAM Malwarebytes and either Spyware Doctor 5.5 or SpySweeper., and antivir Antivirus, and rerun them immediately in SAFE MODE.
Also, run Combo Fix and post it here along with new logs from Superantispyware and Malwarebytes, and HiJack This

As you have already seen, you are still infected with

Trojan.Dropper/BHONew-D
Trojan.Dropper/Gen-FSG
Trojan.Csrssc/Systemc-A
Trojan.Dropper/Gen-PHP
Trojan.Downloader-Gen/WinLogan-A
Adware.Vundo Variant
Trojan.Unclassifed/SWin
and probably others.
 
you need to disable teatimer in spybot and any other real time protection before using combofix

Disable Teatimer
  • Right click the Spybot -SD Resident Icon located in your system tray, Select Exit Spybot - S&D Resident
  • Open Spybot S&D
  • Click on Mode at the top and make sure that Advanced is checked
  • Expand the Tools tab in the left pane
  • Single click on the Resident Icon also in the left pane
  • Uncheck Resident "TeaTimer" (Protection of over-all system settings) Active
  • Close spybot
 
ok i ran antivir, mbam, and spyware doctor, with antivir and mbam each finding a few things. Then I ran antivir, mbam and superantispyware in safe mode, with nothing coming up. Then I ran combofix (thanks for the tip blind dragon) and hijackthis.

Firefox still closes...
 
ok I'm still not sure if my computer is still infected or not, but I think I fixed the firefox crashes by disabling AVG safe search and updating Java.
 
Status
Not open for further replies.

Similar threads

AGenericFool
Help - Valid Windows 10 Licenses deactivate after two days?!
Replies
1
Views
316
Nelson28
N
learninmypc
S Mode Again??
Replies
1
Views
455
learninmypc
learninmypc
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
479
eriksnyman1
E

Latest posts

Back