Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Hourly Trojan Detection

  • Please log in to reply
2 replies to this topic

#1 Gary1972


  • Members
  • 8 posts
  • Local time:12:55 AM

Posted 21 November 2014 - 04:56 PM

Help please!


Microsoft Security Essentials is detecting 3 Trojans, quarantining them and deleting them on my command, but every hour they reappear. Scans with Malwarebytes, SuperAntispyware, and Emsisoft come up clean. The detected files are:






The machine is running windows 7. The hourly reinfection happens even if no programs are active.


BC AdBot (Login to Remove)


#2 noknojon


  • Banned
  • 10,871 posts
  • Gender:Not Telling
  • Local time:06:55 PM

Posted 21 November 2014 - 06:28 PM

Hello Gary -

From Microsoft Malware Protection Center Re : TrojanDownloader:Win32/Kuluoz.D  -

This trojan tries to steal your passwords and sensitive information. It can also download other malware onto your PC, including other variants of Win32/Kuluoz and Win32/Sirefef, and variants of rogue security software such as Win32/FakeSysdef and Win32/Winwebsec.

Please note that most of the online directions are from sites that my W.O.T says is "not to be trusted" for various reasons.

Again Re : Trojan:Win32/Oficla.AE
This threat is also detected as:
    TROJ_OFICLA.FS (Trend Micro)
    Troj/Agent-PLG (Sophos)
    Trojan.Sasfis (Symantec)

Trojan:Win32/Oficla.AE is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.

You are dealing with several bad infections, and I would prefer the Experts to remove these (due to recurring problems).

If you wish, I will help to try and remove these, but we are limited in the Am I Infected area.
But if you post to the Experts area, you may need to wait a few days for help there.

Please advise me of your choice ................ and I will follow up with directions

Thank You -

#3 noknojon


  • Banned
  • 10,871 posts
  • Gender:Not Telling
  • Local time:06:55 PM

Posted 26 November 2014 - 11:24 PM

@ Gary1972 -

Have you solved this problem, as you seemed to think it was important (it is a Very Dangerous set of infections)


If you do not need help, I will remove it from my "Watch List" and you can start a new Topic later.


Thank You -

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users