Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removing Trojan - Windows 7 Starter


  • Please log in to reply
1 reply to this topic

#1 bgphelps

bgphelps

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:51 PM

Posted 11 March 2011 - 01:18 PM

Hi everyone,

First off thank you all for providing a support forum like this. I hope we can take care of this problem together.

So, I recently opened a link to groupalia thinking it was a similar product to groupon. After signing up to receive an e-mail I opened their introduction e-mail and clicked on the link to their page. I immediately was hit with a trojan horse that has been persistent ever since.

I looked for tutorials online to eliminate the virus. I disabled system restore, downloaded Malwarebytes' anti-maleware and ran it. Then ran it in safe mode. No changes. My virus protection is just the AVG Free Version (Peace Corps Volunteer = no $$) and it doesn't seem capable of getting rid of the it either.

I'm not sure what information is needed for you all to help me solve this, but here is what I've got:

File Name: C:\USERS\USER\APPDATA\LOCAL\TEMP\141.exe
Threat Name: Win32/Injector.AAC
Category: Trojan

When I quarantine it another one immediately appears. This is usually different from the previous. For example now I see:

File Name: C:\USERS\USER\APPDATA\LOCAL\TEMP\032.exe
Threat Name: TR/Dropper.Gen
Category: Downloader


I have tried manually going into this folder and deleting all unfamiliar application files but this has also not helped.

My computer is a Toshiba NB305. Because it is a netbook it does not have a CDROM Drive and I do not have an external one. I do not have a system restore USB.

I am not by any means a computer expert but I used linux for a while and am comfortable following more complex instructions.

I hope I've been detailed enough, again thank you in advance for the help

Brian

Edited by hamluis, 11 March 2011 - 03:51 PM.
Moved from Win 7 to Am I Infected.


BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:11:51 PM

Posted 12 March 2011 - 12:45 PM

Hello Brian,

First things first, please re-enable System Restore. We want that to be enabled, and we want you to have a restore point created (a new one should be created when you re-enable it).

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Kindest Regards,
SweetTech.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users