Cryptic Trojan Horse

paultess · Feb 11, 2013

Slight difference in cclean options in IE. Perhaps because I do not save passwords or use autofill on forms.

kuttus · Feb 11, 2013

Okay... Please goto Tools -- > Start Up --> Windows Tab -- > Select Each One of them there and Press on Disable...

After disabling all of them restart the computer......

May I know which are the Antivirus Programs installed on your computer now?

Click On Start -- > Control Panel --> Programs And Features

Over there check which are the Antivirus Programs installed on your computer now. Let me know if you found any one there...

paultess · Feb 11, 2013

[attachment=3532]
[attachment=3533]
Just Microsoft security essentials and windows defender
How do I find the tools and start-up?
These are all the progs. I have. I cannot remove the avg2012 entries?

kuttus · Feb 11, 2013

Please download the AVG Removal Tool from here and Run it... http://www.avg.com/ww-en/utilities

You have to Run the CCleaner once again and inside CCleaner go to Tools --> Start Up

paultess · Feb 11, 2013

Please go to Now go to Tools -- > Start Up --> Windows Tab -- > Select Each One of them there and Press on Disable...

How do I do this?

kuttus · Feb 11, 2013

Please see the Screen Shots

paultess · Feb 11, 2013

[attachment=3537]
[attachment=3538]

ok, all completed.

kuttus · Feb 11, 2013

Now restart the computer and run TDSSKiller for me.......
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

paultess · Feb 11, 2013

[attachment=3539]
Adding the extra parameters which we did last time - screenshot attached - without there were no errors.

kuttus · Feb 11, 2013

For the last one what are the options you can see?

Do toy see Cure for TDSS File System? Let me see the Screen Shots of that one...... The last one only.....

paultess · Feb 11, 2013

[attachment=3540]
[attachment=3541]
no cure....delete, quarantine and skip only.

kuttus · Feb 11, 2013

Please Run the aswMBR and presss on FixMBR
http://public.avast.com/~gmerek/aswMBR.exe

paultess · Feb 11, 2013

[attachment=3542]

ok...

kuttus · Feb 11, 2013

Now restart the computer and tun the tdsskiller again and check if it id detecting the same infection again...

paultess · Feb 11, 2013

yes, same result.

kuttus · Feb 12, 2013

Paultess, please run the TDSSKiller once again and Delere that TDSS File System... After that restart the computer and run the TDSSKiller once again and check if it is detecting again....

Please run the following utility so that I can get a log of your system...
STEP 1 : Run a scan with Combofix

Please read and follow very carefully the below instructions

Download ComboFix from one of the following locations:

COMBOFIX DOWNLOAD LINK #1 (This link will automatically download Combofix on your computer)
COMBOFIX DOWNLOAD LINK #2 (This link will automatically download Combofix on your computer)
----------------------------------------------------------------
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

<ul>
<li>Close any open browsers.</li>
<li>Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
<>Very Important!</> Temporarily <>disable</> your <>anti-virus</>, <>script blocking</> and any <>anti-malware</> real-time protection <em><>before</></em> performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause <em>"unpredictable results"</em>.</li>
<li><>WARNING: Combofix will disconnect your machine from the Internet as soon as it starts</>.Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.</li>
</ul>
-----------------------------------------------------------------

How to run the Combofix scan :

Double click on ComboFix.exe & follow the prompts.

Accept the disclaimer and allow to update if it asks

When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Additional notes:
<ol><li> Do not mouse-click Combofix's window while it is running. That may cause it to stall.</li>
<li> Do not "re-run" Combofix. If you have a problem, reply back for further instructions.</li>
<li> If after the reboot you get errors about programms being marked for deletion then reboot, that will cure it.</li></ol>

<hr />

paultess · Feb 13, 2013

Ran and deleted. Re-ran file gone.
Combfoix detected microsoft security essentials running. I uninstalled MSE but this message came:
[attachment=3557]

paultess · Feb 13, 2013

MSE re-appeared after uninstall.
I ran uninstall again and got this result.

[attachment=3558]

kuttus · Feb 13, 2013

The Microsoft Security Essentials Removal Tool can be used to remove all traces of Microsoft Security Essentials from your computer in the event that you are unable to remove it normally via the Windows control panel. This tool is Fixit 50535 as part of the Microsoft Fixit standalone utilities.

http://go.microsoft.com/?linkid=9748340

kuttus · May 6, 2013

paultess said:
Hello, I have been remiss in not updating you about the help you gave. Everything seems to be running well. thank you again. There have been no more virus' which is great.
I have not been on-line very much as I had a small operation on a nerve in my elbow, cast has finally been removed but my typing has not improved .
Take care and thanks again.
paul fridman

I am happy to hear that everything is working fine.
How are you doing now? Get well soon and take care..

Double click on OTL to run it

Click on the Cleanup button at the top.
You will be asked to reboot the machine to finish the Cleanup process. Choose Yes
This will remove itself and other tools we may have used.

Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.

For XP
How to create a Restore Point in XP
Delete all restore points except the most recent one

For Vista
Create a restore point
Delete all but the most recent restore point

For Windows 7
Create a restore point
Delete all but the most recent restore point - Click the Delete all but the most recent restore point link

Keep your system updated

Keeping your programs (especially Adobe and Java products) updated is essential. Update Checker will notify you if any of your programs require an update.
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here

I also recommend you to switch your antivirus program to a better one. Here are some suggestions:

avast! 7 Home Edition - Don't use it with Online Armor
Avira AntiVir Personal
Microsoft Security Essentials

In addition to your antivirus, you need additional protection such as a firewall and behavioural blocker.

Online Armor
Comodo Firewall - If you are an advance user

Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.

Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.

Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.

KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites

Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.

AdBlock

Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.

Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask

<hr />
What's next?

Bulild up your malware defenses by starting a new thread in Security Configuration Wizard forum.
Learn how to avoid malware by reading this article <a href="http://malwaretips.com/blogs/how-to-easily-avoid-pc-infections/">How to easily avoid malware</a>
Be an active member in the MalwareTips community!

My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.

Cryptic Trojan Horse

New Member

Attachments

Level 2

New Member

Attachments

Level 2

New Member

Level 2

New Member

Attachments

Level 2

New Member

Attachments

Level 2

New Member

Attachments

Level 2

New Member

Attachments

Level 2

New Member

Level 2

New Member

Attachments

New Member

Attachments

Level 2

Level 2

Similar threads