BleepingComputer.com: Puper Trojan

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Puper Trojan Cannot remove

#1 User is offline   mmscort 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 07-May 06

Posted 07 May 2006 - 10:32 PM

I run McAfee Virus Scan that identifies the Puper file. I am updated and the program does not allow me to delete the file. It instructs me to restart the computer to complete the clean process. I do and when I scan again I still find it and get pop-ups that are inappropriate for children. Can you help?

#2 User is offline   Nat Sci 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 156
  • Joined: 21-March 06

Posted 07 May 2006 - 11:06 PM

Hey Mmscort,
I know about htis program and I have deleted this of my friends computer once. Heres what I did:
Download SmitfraudFix from http://siri.geekstogo.com/SmitfraudFix.php
Then Extract the folder called SmitfraudFix to your desktop. Reboot your computer and run it in safe mode by pressing the key "F8" continously after rebooting the computer. when you are in safe mode, open the folder SmitfraudFix and double-click smitfraudfix.cmd. Select option 2-Clean by typing 2 and press enter to delete the infected files. It will ask if you want to if you want to clean the registry. Say yes by typing Y then pressing enter. This should delete the background if its infected and it should also clean the registry keys if infected.
Please post if this has any effect on your computer and if it gets rid of it.
Legend has it that... If you put an AOL disc the opposite way and play it you can hear devilish music... Even worse if you put it the right way... IT INSTALLS AOL!
Click here 3 times for $100,000<--- I mean .00001 dollars.

#3 User is offline   quietman7 

  • Bleepin' Janitor
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 25,108
  • Joined: 09-July 05
  • Location:Virginia, USA

Posted 08 May 2006 - 08:20 AM

Before running SmitfraudFix do this.

Please download and install Ewido Anti-Malware v3.5. DO NOT perform a scan yet..
Print out the Ewido Install and Scan Instructions.

Then follow the directions for running smitfraudfix. Tutorial here if you need it.

After using the tool reboot again in "SAFE MODE" and

Clean out your Temporary Internet files as follows:
  • Quit Internet Explorer and quit any instances of Windows Explorer.
  • Click Start, click Control Panel, and then double-click Internet Options.
  • On the General tab, click Delete Files under Temporary Internet Files.
  • In the Delete Files dialog box, tick the Delete all offline content check box , and then click OK.
  • On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
  • Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
  • Click OK.
Next Click Start, click Control Panel and then double-click Display. Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click Ok then Apply and Ok.

Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.

Then perform a scan with Ewido and reboot back to normal mode.
Microsoft MVP - Consumer Security 2007-2012 Posted Image
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#4 User is offline   mmscort 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 07-May 06

Posted 08 May 2006 - 09:57 PM

:thumbsup: Thank you both for your assistance. I used smitfraud, cleaned all the temporary files and cookies, emptied the recycle bin and loaded the antimalware. I appreciate the assistance now my children can use the computer again!

#5 User is offline   quietman7 

  • Bleepin' Janitor
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 25,108
  • Joined: 09-July 05
  • Location:Virginia, USA

Posted 09 May 2006 - 04:10 AM

Your welcome.
Microsoft MVP - Consumer Security 2007-2012 Posted Image
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users