BleepingComputer.com: Trojan infection with HJT log

Hello,

I don't see any remaining malware issues, but it looks like the drivers for your audio controller need to be reinstalled. I have another update and some very important cleanup for you to take care of, then you should try downloading and reinstalling the software for you audio controller. Your PC manufacturers web site should be able to point you in the right direction.

Your Adobe reader needs to be updated. Please visit Adobe's site and grab the newest version. Be sure to watch for and uncheck any boxes offering to install other software.

Uninstall ComboFix

• Press the Windows key + R on your keyboard or click Start -> Run. Copy and past the following text into the run box that opens and press OK:
  Combofix /Uninstall

Delete the following tools along with any other logs you saved from our work:

• DDS
  
• GMER
  
• Rootkit Unhooker
  
• TDSSKiller
  
• DevDiag

Download TFC to your desktop

• Close any open windows.
  
• Double click the TFC icon to run the program
  
• TFC will close all open programs itself in order to run,
  
• Click the Start button to begin the process.
  
• Allow TFC to run uninterrupted.
  
• The program should not take long to finish it's job
  
• Once its finished it should automatically reboot your machine,
  
• if it doesn't, manually reboot to ensure a complete clean

Re-install an anti-virus program. Choose one, (but no more) reputable AV program. If you need help chosing one, this site has good information. Avast, Avira and Microsoft all offer free AV products.

Finally, I'd like to make a couple of suggestions to help you stay clean in the future:

• Restart any anti-malware programs that we disabled while we were cleaning your machine.
  
• Keep your antivirus application current and updated. Also, hang on to MBAM. Scan with them at least weekly.
  
• Avoid using P2P programs. Refer back to my earlier post for more information.
  
• Please review this post for some helpful information.

Please post once more so I know you are all set and I can mark this thread resolved. Good luck and stay safe!

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

This topic has been re-opened at the request of the person who originally posted.

Because of the length of time that has passed we need to start fresh. Please do this:

Please download DDS by sUBs from one of the following links and save it to your desktop.

DDS.scr
DDS.com
DDS.pif

• Disable any script blocking protection (How to Disable your Security Programs)
  
• Double click DDS icon to run the tool (may take up to 3 minutes to run)
  
• When done, DDS.txt will open.
  
• After a few moments, attach.txt will open in a second window.
  
• Save both reports to your desktop.

---------------------------------------------------

• Post the contents of the DDS.txt report in your next reply
  
• Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD.

Download GMER Rootkit Scanner from here to your desktop.

• Double click the exe file. If asked to allow gmer.sys driver to load, please consent .
  
• If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  
  
  
  Click the image to enlarge it
  
  
  
  
• In the right panel, you will see several boxes that have been checked. Uncheck the following ...
  • IAT/EAT
    
  • Drives/Partition other than Systemdrive (typically C:\)
    
  • Show All (don't miss this one)
  
  
• Then click the Scan button & wait for it to finish.
  
• Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  
  
• Save it where you can easily find it, such as your desktop, and post it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

If you have trouble running GEMR:

• Make sure that your security software is disabled
  
• Uncheck the box next to "Files" this time also
  
• If you still can't run it, try in the Safe Mode

Please include the following in your next post:

• DDS.txt and Attach.txt logs
  
• GMER log

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.