• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Nasty trojan/ spyware, can't remove

K

kronnyq

Member
Pretty sure I got this from some BHO from a trojan website, anyway it seems to have infected firefox because when I load it it will try to connect to some client host, but Chrome seems to be working ok.

Also when XP starts up I get something about "Google Installer" crashing which I'm sure has something to do with the trojan.

Thing is, the trojan shuts down Spybot S&D files so I can't run it, and killed AVG resident shield. I can run avg but it's not finding anything, did a quick scan with A-squared free and it's not finding anything either.

Before the standard 'Windows may be at risk thing kept popping up in Systray, then it would bring up some BS virus scanner than kept saying my computer was all infected and I needed to buy the full version to remove the 'infections', so it's pretty clear that this is just a trojan made by some llamos to try and get me to buy their product.

How can i get rid of it?! Is there a better removal program out there?
 
You can download Malwarebytes or Superantispyware and then run a full system scan in safe mode.
 
Had a hell of a time tryin to get back into Windows after I installed Avast...wouldn't load after login screen so I did repair install on XP and got back in, ran Avast boot scan and it found some nasty trojans and a root kit.

Now however, this freakin Win32:Fasec trojan somehow keeps replicating itself in my temporary and system restore folders, and Win32:Spyware-gen trojan replicating itself to .dlls in \windows\system32 folder and I cannot seem to get rid of either.

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
f:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
f:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
f:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
f:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Vol_Wizard\wizard_notify.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\Volume Panel\VolPanlu.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Documents and Settings\Adam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
F:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
f:\Program Files\Alwil Software\Avast4\ashSimpl.exe
F:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe



????




 
You must log in or register to reply here.

TRENDING THREADS

Back
Top