I tried to post this earlier and it said that I had already posted it, but I don’t see it in these forums.
Anyways, I have discovered this trojan using avast…
I’m not technically savvy but I’d like to learn how to remove this pesky little bastard.
Any help is greatly appreciated.
Thanks,
Zach
Please attach your logs. (MBAM, OTL and aswMBR…!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
Monitoring
I had finished the scan using malwarebytes and as I was deleting all of the selected files, my laptop froze. I restarted my laptop and restarted a quick scan. It’s showing no infected files at this point, and its 3/4 the way done with the quick scan. Whereas the orignal scan showed 17 infected files by the time it was done. Is this going to be a problem? >.<
damn it…
did it produce a log? …click log button at top in Malwarebytes and attach the scan log ( not protection log if you have PRO version)
continue with the other logs…
Unfortunately, no. And the scan I started after I rebooted showed no infected files… Should I continue on getting logs for the other two programs the first guy mentioned? Or do I need to find a way around resolving the logs for this program first?
EDIT: I found the files that the first scan found. They are listed in the quarantine tab.
Should I continue on getting logs for the other two programs the first guy mentioned?Yes please
Sorry it took so long, but I’ve got the logs now.
Hi,
We shall start with ComboFix. CF should kill this evil. Thereafter, we are running some additional checks and re-checks …
- Please download ComboFix by sUBs from here and save it to your Desktop.
If you are unsure how ComboFix works please read this guide carefully.
Note: ComboFix must be downloaded to your Desktop.
- Temporarily disable your AntiVirus program, usually via a right click on the System Tray icon. They may interfere with Combofix.
If you are unsure how to do this please read this or this Instruction.
Instructions how to disable avast:
[*]Right click on the avast! system tray icon (
http://www.mcshield.net/pg/images/avast5.png
) in the lower right corner of the screen and scroll up to avast! shield controls;
[*]In the menu that appears, choose Disable Permanently. When you are prompted to turn off security, click Yes.
Note: Do not forget to turn back on this option after the cleaning by choosing avast! shield controls > Enable all shield options.
- Run ComboFix. Click on I Agree!
[i][size=7pt]- ComboFix will display DISCLAIMER of warranty on software.
By clicking I Agree ComboFix shall continue.
- ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.[/size]
-If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console. - ComboFix will scan your computer in stages, total of 50 stages.
Do not mouse-click around while ComboFix is running.
Note:If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart your computer.
[/i]
- When the tool is finished, it will produce a log report for you. (typical location: C:[b]ComboFix.txt[/b] )
Attach log reports ( ComboFix.txt) back to topic.
NEXT …
Please download Farbar Service Scanner and run it on the computer with the issue.
[*]Make sure the following options are checked:
[*]Internet Services
[*]Windows Firewall
[*]System Restore
[*]Security Center/Action Center
[*]Windows Update
[*]Windows Defender
[*]Press “Scan”.
[]It will create a log (FSS.txt) in the same directory the tool is run.
[]Please copy and paste the log to your reply.
NEXT …
Re-run OTL, just hit the RunScan button and post me the fresh OTL.txt logreport.