Home > Infected W > Infected W/ TrojanGen2 :( Help Appreciated

Infected W/ TrojanGen2 :( Help Appreciated

Need Help. If you decide to go through with the cleanup, please proceed with the following steps.Download OTL to your DesktopDouble click on the icon to run it. I have kept ad-aware. Posted: 04-Sep-2012 | 8:38PM • Permalink The log as requested.File Attachment: FSS.txt Quads Norton Fighter25 Reg: 21-Jul-2008 Posts: 16,481 Solutions: 182 Kudos: 3,388 Kudos0 Re: Infected with Trojan.Gen.2 and Trojan.ZeroAccess. weblink

I am posting both files. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, delete the partition, reformat and Thanks for your understanding. I will wait for further instruction. have a peek at these guys

Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch File Attachment: log.txt Quads Norton Fighter25 Reg: 21-Jul-2008 Posts: 16,481 Solutions: 182 Kudos: 3,388 Kudos0 Re: Infected with Trojan.Gen.2 and Trojan.ZeroAccess. You seem to have CSS turned off. Select continue or yes.

If an update is found, it will download and install the latest version. Under File menu select Open. This would change the output of our tools and could be confusing for me. Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password?

Many thanks. The log file and then the log will open in notepad. On a side note-Do I risk other peoples computers by sending them emails and documents currently? If I run a scan it finds both the virus and says the problem is resolved only to find that they return almost as soon as the scan is finished.

Apologies, no offence intended. Double click the aswMBR.exe to run it Click the "Scan" button to start scan On completion of the scan click save log, save it to your desktop and post in your Need Help. I have only been using a firefox browser since this has been going on.

Need Help. Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster. Register now!

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE. have a peek at these guys The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Please be patient as this can take some time. I've used older versions once or twice before, and Norton didn't flag those up as an issue, so I was just querying it's change of behaviour.

Best regards, Dmitri If you would like to refer to this comment somewhere else in this project, copy and paste the following link: Log in to post a comment. What should I do next to prevent whatever is giving access to the trojans in the first place? The heading on your Combofix log indicates that the program AV: Lavasoft Ad-Watch Live! check over here there was not any option to disable malwarebytes-antimalware..

Need Help. When started click on the Scan button and then the Save Log button to create a log of your information. No need for that though, just paste it as you would any other log.

Nevertheless, don't worry too much if you won't be able to donate to the project - that's still uncertain whether donations will help to move the project on or not.

But the system is looking pretty healthy at this point. Press the Fix button just once and wait. When the scan completes, a zoek-results logfile should open in notepad. Do you remember if you got a Windows like this?

OTL.Txt and Extras.Txt. BLEEPINGCOMPUTER NEEDS YOUR HELP! So far your instructions have been great and clear; the scans went smoothly. this content in other words, even though it seems the problem is effectively dealt with, it obviously is not.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all Need Help. Infected with Trojan.Gen.2 Started by steveprefontaine , May 15 2012 05:48 PM This topic is locked 3 replies to this topic #1 steveprefontaine steveprefontaine Members 1 posts OFFLINE Local time:01:15 I do have Norton 360 running whenever the computer is on.

There are also entries that may show Qoobox or something in Spybot Search & Destroy. scanning hidden files ... So I don't know why you got a notice. =================================== The Security Check shows the following out of date program which should be uninstalled in Add/Remove Programs: Java(TM) 6 Update 3> File Attachment: FRST.txt Quads Norton Fighter25 Reg: 21-Jul-2008 Posts: 16,481 Solutions: 182 Kudos: 3,388 Kudos0 Re: Infected with Trojan.Gen.2 and Trojan.ZeroAccess.

I will get back to you with the information soon.. -Have a good night Krystal Nov 29, 2010 #3 kryspy99 TS Rookie Topic Starter Posts: 26 Ran EST scanner I Click Advanced settings and select the following: Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology ESET will then download updates for itself, install itself, and begin scanning your computer. R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-1-13 55856] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\SEP\0C0103E8\009D.105\x64\SymDS64.sys [2011-10-30 451192] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\SEP\0C0103E8\009D.105\x64\SymEFA64.sys [2011-10-30 931448] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20141119.011\BHDrvx64.sys [2014-11-19 1586904] R1 IDSVia64;IDSVia64;C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20141205.002\IDSviA64.sys [2014-12-5 525016] R1 SymIRON;Symantec Under scan settings, check  and DON'T (NO) check Remove found threats (reason for this is we don't want something deleted and then Windows won't load).