Torjan.Downloader.Drstwex.A

How do i remove this TroJan as it popped up on a maleware scan.

Hi Django21.

As a downloader for rogue av, you could download MBAM from here, update the program, do a full scan,
and give the scan log txt in your next posting, download MBAM from here: http://www.malwarebytes.org/mbam-download.php

Maybe eventually you might need assistence from essexboy, our malware removal expert, but we see to that later,

polonus

Trojan.Downloader.Drstwex.A is Zlob,isn’t it?

Hi Left123,

If you have a MD5 has you can do a look-up at http://www.xandora.net/xangui/
avast detection is for Win32:Tiny-AKX, a variant of win32.KRYPTIK.LPG

Could be similar to one of these VT results: http://www.virustotal.com/file-scan/report.html?id=f2a82ba3a827d5badfaa10fc1fde96894383b7e1cc70f455d418c4ae27a9005c-1302681930

polonus

Did a full scan using MBAM and it came up with no infected items ???

Hi Django21

Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr

Double click dds.scr to run the tool.

* When done, DDS will open two (2) logs:
     1. DDS.txt
     2. Attach.txt

Save both reports to your desktop. Attach DDS.txt back to topic.

Hi Argus,

Here are the attachments.

You have a CF log, can i see?

C:\Combofix.txt

The Combofix File is basically blank just the day of testing and info about my Avast been disabled when test was running and my spware program enabled/Disabled nothing else. When running the program it went through all 50 stages and as soon is it mentioned Deleting files, my PC restarted ???

Remove icon Combofix

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

[*]Double click on ComboFix.exe & follow the prompts.

[*]As part of it’s process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it’s strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it’s malware removal procedures.

http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

http://img.photobucket.com/albums/v706/ried7/whatnext.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

I did what you said and it wont delete files and save a log for me ???

Any other programs like Combofix i can use?

Download the program SystemLook to your desktop
http://jpshortstuff.247fixes.com/SystemLook.exe

Run SystemLook
The white window frame copy the following text:

:file
C:\setuplog.exe

Click the button Look;

In your next reply, please post these log (SystemLook.txt)

This is what i got

SystemLook 04.09.10 by jpshortstuff
Log created at 16:50 on 08/05/2011 by 3R
Administrator - Elevation successful

========== file ==========

C:\setuplog.exe - File found and opened.
MD5: D2BBABCD58F0F0F10DAA1864A714CCFC
Created at 16:07 on 25/09/2010
Modified at 09:57 on 10/04/2011
Size: 184 bytes
Attributes: --a----
No version information available.

-= EOF =-

There is no traces of malware. Your PC is clean.

It is necessary to uninstall Combofix

Start >> Run

Combofix /Uninstall

Enter

OK Thx Argus.