Help removing trojans

I have tried to remove trojans that malwarebytes and the MS malware removal tool are detecting with no success. Can you help?

 

Welcome to MajorGeeks, Brian

http://img196.imageshack.us/img196/3557/tdsskiller.gif Please download and scan with TDSSKiller

• Do not use the Change Parameters button
• When the scan is finished, a log will be created in the root of your C: drive
• Example: C:\TDSSKiller.2.7.47.0_25.07.2012_15.06.22_log.txt
• Attach this to your next message. (How to attach)

 

Thanks! I have been lurking here for years. This trojan pushed me to register!

 

Hi,

This infection can be quite tricky but TDSSKiller seems to have a high success rate with it.

http://img196.imageshack.us/img196/3557/tdsskiller.gif Rescan with TDSSKiller and allow it to Cure Rootkit.Boot.Pihar.c
It will need to reboot your system, allow the reboot.

Then attach a new scan when finished.

 

Looks like you got it!! Thanks!!

Does the scan tell you if my whole system is clean?

 

http://img196.imageshack.us/img196/3557/tdsskiller.gif Re-scan with TDSSKiller except this time use the Change Parameters button and put a checkmark in TDLFS File System.
Then rescan
If TDSS File System appears, delete it!
Then attach the latest TDSSKiller log. (How to attach)

__

We have a little more work to do but the bulk of your problems should be gone now.. I will post with further instructions later.

 

Here you go. Oh...I'm in Houston too.

 

Cool. This weather is something else isn't it ?
Actually the rest of your logs look fine.
Remaining steps before I give you a clean bill.

http://img850.imageshack.us/img850/4746/programsandfeatureswin7.gif From Programs and Features (via Control Panel), please uninstall the below:

• Java(TM) 6 Update 20 (outdated)

__

http://img850.imageshack.us/img850/4124/mbam.gif Run two more Quick Scans with Malwarebytes and attach both logs here.

We want to make sure that C:\Windows\svchost.exe is no longer present as it just recreates itself when the rootkit is present.

 

Great weather. Like it used to be here. Rain and sun daily. Last summer almost killed me!

 

Definitely

__

If you are not having any other malware related problems, it is time to do our final steps:

• Any programs we had you download and/or install can be removed at this time.
• If we had you download and run ComboFix, here is how to uninstall it:
  • Press and hold the Windows key http://i1106.photobucket.com/albums/h363/debojyotidas/Windows_Logo_key.gif and then press the letter R on your keyboard.
  • This opens the Run dialog box.
  • Copy and paste the below text inside the text-field:
    • "%userprofile%\desktop\ComboFix" /uninstall
  • Now press ENTER
  • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
• You can re-enable your Disk Emulation software at this time via DeFogger.
• If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
• Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
• Now we will toggle System Restore to remove any infected system restore points.
  • Read this: How to Disable And Enable System Restore
• Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
• Be safe

 

Thanks very much for your help.

 

You're welcome