i think i have a trojan. help :(

Discussion in 'Malware Help (A Specialist Will Reply)' started by Kitsuneko, Mar 25, 2009.

  1. Kitsuneko

    Kitsuneko Private E-2

    let me just vent. i'm computer illiterate, so this process took me DAYS to figure out, and while trying to FIND and attach files, my login kept timing out.
    :crybaby:

    ok, to the point. while snooping around temp files, avira allerted me to somthing called somthing like... " crypt...xpac...gen...trojan" twice consecutively. i could only block action, so i did. then i scanned with every freeware i could. (avira, superantispyware, a-squared, onlinearmor, syyware blaster.) nothing could find it. but eventually some kinda avira root kit scan detected lots of wildtangent and maybe somthing else (all encrypted). so, i want to know, do i or do i not have a trojan, how do i get rid of wild tangent. and this is IMPORTANT- after running combofix, my firefox browser (toolbar, security add-ons and all) are MISSING. what in Jebis is going on??? :cry "pleez halp"

    :-o ty
     

    Attached Files:

    Last edited: Mar 25, 2009
    Kitsuneko, Mar 25, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    WildTangent is just bloatware games frequently installed by PC manufactures. It is not really malware and you don't need to worry about it since you don't have it installed anyway. Perhaps you were just seeing reports of things in old System Restore points.

    Neither ComboFix, nor SUPERAntiSpyware, nor Malwarebytes removed anything. Look at the logs and you can see this for yourself.

    All of your logs are clean, but I strongly advise you to cleanup your Desktop. Remove eveything but links to run programs. Do not download and save programs here and defintely do not use it for long term storage. You need to keep ComboFix.exe here for now as we need it, but we will be removing it when we are finished with your cleanup. A cluttered Desktop is malware's playground and it can also cause performance degradation especially when you start saving large files here like you are doing.

    If you are still getting reports from Avira, you will have to attach a log that shows exactly what is being detected and where it is located. It could just be a System Volume Information detection which is again just System Restore.
     
    chaslang, Mar 28, 2009
    #2
  3. Kitsuneko

    Kitsuneko Private E-2

    ok, i decluttered as much as i could on my desktop. i also erased empty folders and lots of unnessary files in my 'hard disk drive' and in my document section. i defraged and did the freeup space thing in the control panel. also i found and opened firefox. it said that it wasn't set as my browser, so i reset it. i think maybe when i took the advice to load critical updates, my browser got changed (i had previously uninstalled explorer but the updates reloaded a newer version of it). sorry it was REALLY dumb of me but... i thought firefox dissapeared cause the firefox icon had dissapeared from my quick start and i didn't know how to launch it. :-o but, i think i learned a lot in the last few days about computer basics...if that counts for anything. anyway, what do i do now? i don't remember all the stuff/settings i changed to get help from this forum...like, i don't even know what setting my computer to normal mode even means, or all specific changes to antivirus settings. will you be telling me, or do i have to retrace my steps? uh, wat do i do now? you said somthing about not being done with combofix? oh btw, ty so much for reviewing all my attachments and getting back to me. i really appreciate the help ;)
     
    Kitsuneko, Mar 30, 2009
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Everything you need to do now is in the below.


    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\combofix folder from combofix (if it exists)
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    8. After doing the above, you should work thru the below link:
     
    chaslang, Apr 2, 2009
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds