AVG Antiviris keeps finding trojan

Discussion in 'Malware Help (A Specialist Will Reply)' started by Bladesofhalo, Jan 12, 2010.

  1. Bladesofhalo

    Bladesofhalo MajorGeek

    Last night my antivirus found "Trojan horse injector.HK". I also noticed that someone was trying to get past my Zonealarm firewall through port 3085. This afternoon the trojan was found again by AVG, but in a different location on my laptop.

    I believe my desktop pc may be infected and that I may have transfered the infection through my USB drive. I have run all the scans on my laptop and will run the scans on my desktop later on.

    Will I have to format my USB drive in order to clear the infection? I have important files on there that I need.

    I noticed that my USB drive was showing up as a folder instead of a drive and would not allow me to access my files. Thus, believing it may have been a problem with my desktop, I connected it to my laptop. Now I may have two infected pcs. I downloaded and ran Autorun Eater on my desktop and reconnected the flash drive and it cleaned sojme sort of infection, confirming my suspicions. My flash drive now shows up as a removable drive and i can access the files on it.

    Scans didnt seem to find anything, though.

    Scan logs and a screenshot of the infections found along with the program/person trying to get past my firewall shown. The program/person name is qlsoylo.
     

    Attached Files:

    Bladesofhalo, Jan 12, 2010
    #1
  2. Bladesofhalo

    Bladesofhalo MajorGeek

    And the rest of the logs
     

    Attached Files:

    Bladesofhalo, Jan 12, 2010
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please rememeber that only one PC can be discussed/worked on per thread. It becomes too confusing otherwise. Your other 2 posts were moved to a there own thread.

    These logs are all clean.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    10. After doing the above, you should work thru the below link:
     
    chaslang, Jan 15, 2010
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds