Jump to content

Infected with unfound Trojan Emailer able to reinstall itself after being cleaned off.


Recommended Posts

I've been around the block on this for the last 48 hours and have tried Norton Power Eraser, Windows Defender and Malwarebytes Anti-Malware to fix the problem. Whatever is on my system can be cleaned off but something remains that allows the same four Trojans to reinstall themselves. Defender cleaned these twice and as soon as I opened a browser, they showed back up. Clean them off again, they showed back up. Computer would work fine for about 15 minutes then it's sluggish as all hell.


Trojan: Win32/FakeRean

Trojan: Win64/Sirefef.B

Trojan: Win32/Winpixo.E

I moved to Norton Power Eraser. The Norton Power Eraser which found one risk and removed it. Scans of the rootkit though started throwing errors. When trying to reboot to examine rootkit. It would ask to reboot but when doing so it went to the blue screen of death, system crashed. It would crash when trying to boot to safe mode, network support. It would only boot up in Safe Mode if Norton had no access to the internet. I'll post the Norton log at the end of this.

I opened the trial version of Malwarebytes Anti-Malware which gave me real time protection. I'm getting calls to the following addresses:

I don't have any doubt that if these addresses weren't getting blocked that the same Trojans would show back up on the system. Other thing, I don't run outlook express. When all this started a message would show at boot up saying Outlook Express could compress messages to save space. I don't have any messages saved in either outlook or outlook express. I don't use outlook for email, just to save contacts.

When I tried to post the Norton Power Eraser log it opened to IE. I'm using Firefox right now. I wasn't able to cut/paste the log, harddrive went nuts and Malwarebytes isn't blocking any of the isp's anymore, computer is sluggish. My guess is these same Trojans just got back on my system so I'm going to run another scan after going to Microsoft to check for security updates, auto updates btw are on.

Thanks Much



mbam-log-2011-12-08 (08-36-13).txt

mbam-log-2011-12-08 (16-13-55).txt

mbam-log-2011-12-08 (21-47-10).txt

mbam-log-2011-12-09 (04-36-51).txt

Link to post
Share on other sites

  • 2 weeks later...
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.