Trojan Horse Problem with OTL Logs Attached

hi,

I have been recieving a ‘threat detected’ message since yesterday, when I perhaps visited a site I shouldn’t have (one that said it would provide me a password for a protected .rar file).

I have attached the logs, hope you can help!

Thanks

also attach logs from

AdwCleaner
Malwarebytes
aswMBR

Here are the other three

@ Online guangzhounick

Did you began to receive assistance in malware removal elsewhere?

I had recieved assistance before, on this forum…

Could you attach Combofix log from your systemdrive? Is it there?

C:\Combofix.txt

What for you using Citrix software? For hardware virtualization?

(Citrix Systems, Inc.) – C:\Program Files\Citrix

Here is the Combofix log.

The CItrix Programme is used to access something called Apps anywhere. Basically, as I am living in China, to allow me to access all the websites I could at home (facebook etc).

I don’t see attachments. :slight_smile: Attach it again.

there you go

any help please?

You will resive help from me but you need to be patient.

You have already made it more difficult for me by running ComboFix, … to analyse your system, to understand what is deleted, what was the registry values ​​of the registry in that point…etc

Please read this warning from CF’s developer “sUBs”
http://www.techsupportforum.com/1829551-post6.html
And please read this official warning…
http://www.bleepingcomputer.com/forums/topic273628.html

I also can see that you where running AdwCleaner and Malwarebytes more time than one, attached logs doesn’t from first running, they are from last running… doesn’t show me anything.

Please go here:
C:[b]qoobox[/b]

Attach here all Combofix created reports. It should look like this:

C:\qoobox\ComboFix2.txt .txt

these are the three text files in the qoobox folder. are these the right ones?

i hadn’t realised about not running combofix. sorry!

Hi,
Please download FSS ( farbar services scanner ) from here and run ti from your Desktop
http://www.bleepingcomputer.com/download/farbar-service-scanner/

Check all box and click on Scan. Attach here produced FFS logs.

======= Next ========

Please download zoek.exe and save it to your desktop.

[*] Close any open browsers.

[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*] Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*] Copy the text present inside the code box below and paste it into the large window in the zoek tool:



process;
srinfo;
systemscpecs;
installedprogs;
DIR /S /A:L "%systemdrive%\*">>"%temp%\log.txt";b
C:\Windows\system32\services.exe;i
C:\Windows\SysNative\services.exe;i
filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;


[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button
Please wait until a logreport will open (this can be after reboot)

[*] Save notepad to your Desktop and attach here zoek-results.log

Note: It will also create a log in the C:\ directory named “zoek-results.log