Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan horse removal!! AAAHHH

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Trojan horse removal!! AAAHHH

Unread postby steven » January 27th, 2008, 6:10 pm

Hi there Folks,got a big pop-up problem, AVG pops up every couple of seconds and tells me I`ve got a virus, I`ve scanned the life out of it and it wont go away.
the file is located here: C:\WINDOWS\system32\rdriv.sys
Trojan horse Generic.GM

Please could someone have a look at the HJT File. thanx again
stevie
You do not have the required permissions to view the files attached to this post.
steven
Active Member
 
Posts: 1
Joined: January 27th, 2008, 5:44 pm
Advertisement
Register to Remove

Re: Trojan horse removal!! AAAHHH

Unread postby beynac » January 29th, 2008, 5:59 am

Good morning. I'm sorry that you've been kept waiting. I'm looking through your log and will post again shortly.
User avatar
beynac
MRU Honors Grad Emeritus
 
Posts: 1638
Joined: February 14th, 2006, 12:14 pm
Location: Norwich, England

Re: Trojan horse removal!! AAAHHH

Unread postby beynac » January 29th, 2008, 6:47 am

Hi stevie.

I'm afraid that you have a serious infection on the computer. It is a worm that has backdoor/Trojan functionality to steal information. This means that someone has had access to your computer and has possibly gathered personal information from it.

You are strongly advised to change all your online passwords, but do not do it using this computer - use another, clean one. If you use the computer for any financial transactions (online banking, credit card payments, PayPal or any other financial accounts), then call your banks, credit card companies etc and inform them that you may be a victim of identity theft. Ask them to put a watch on the accounts or change all of the account/card numbers.

------------------------------------------------

Download and Install SDFix

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(This is the drive that contains the Windows Directory, typically C:\SDFix)

--------------------------------------------------------------

Reboot to Safe Mode

Important: If you have an 'always on' connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode. I suggest that you print these instructions, as you will not have access to them once you have disconnected from the internet.
  • Restart your computer.
  • Continually tap the F8 button as your computer is booting a menu appears.
  • Use up-arrow key to select Safe Mode and press Enter.

--------------------------------------------------------

Run SDFix
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds, then prompt you to press any key to Reboot.
  • Press any key and it will restart the PC.
  • When the PC restarts, the Fixtool will run again and complete the removal process and then display Finished.
  • Press any key to end the script and load your desktop icons.
  • Once the desktop icons load, the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).

------------------------------------------------------

Please post the following, as a reply to this thread:
  • The SDFix report
  • A new HijackThis log
User avatar
beynac
MRU Honors Grad Emeritus
 
Posts: 1638
Joined: February 14th, 2006, 12:14 pm
Location: Norwich, England

Re: Trojan horse removal!! AAAHHH

Unread postby NonSuch » February 3rd, 2008, 4:30 am

Due to a lack of response this topic is now closed.

If you still require help, please open a new thread in the Malware Removal forum and wait
for a new helper.

If you have been helped and wish to donate to help with the costs of this volunteer site,
please read
Donations For Malware Removal
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27302
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 32 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware