Would appreciate help with trojan virus

Discussion in 'Malware Help (A Specialist Will Reply)' started by swennybear23, Sep 23, 2009.

  1. swennybear23

    swennybear23 Private E-2

    So my brother was visiting again, and it seems like after every time he leaves I get a virus on my computer. I have had other viruses on here before, but this was something I have never seen before. It kept telling me that my Antivirus (Avast 4.8) was off, then would try and get me to download a "special remover" etc, finally after closing every pop up the desktop dissapeared and it went to a WARNING page telling me I have serious problems and need to download this anti-virus or else (bunch of threats).

    So I havent been able to boot to normal Windows (XP Pro) without it going through the same process as described above. I have performed all of the Read and Run applications and will post all logs. I was not able to succesfully run SAS without it crashing during removal of detected viruses (total of 43). Also I am not sure if this matters, but I have been performing all steps in Safe Mode with networking under the administrator. When attempting to perform under Safe Mode with networking under my username, every time I clicked on an icon (SAS, MAM, etc) it would say could not open as it is infected with virus.

    Thank you for taking your time to help me out. I truly appreciate it!
     

    Attached Files:

    swennybear23, Sep 23, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Why are you running this PC without any protection?

    Why do you allow him to use your user account???? Create a Restricted User Account (no admin privies) and make sure it is also password protected. Then only allow him to use this account in the future. Change the passwords on your other accounts if he has the password.

    Yes it does matter. While quite a bit of common malware can be removed the way you ran, you still need to run in normal boot mode and you need to clean the user account you are having a problem with which I assume is yours. Thus, delete the below files:

    C:\eopmjm.exe
    C:\cqfuy.exe
    C:\pkusq.exe
    C:\yhjj.exe
    C:\flqihkhx.exe
    C:\cqfuy.exe.dat
    C:\WINDOWS\system32\vawohoni
    C:\WINDOWS\system32\calc.dll

    And then you will need to run the steps on your account in normal boot mode and attach new logs.
     
    Last edited: Sep 28, 2009
    chaslang, Sep 28, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds