Jump to content

I have trojan:Win32/Falsesysdef and I have run the DDS thing


Recommended Posts

I uninstalled that and nothing comes up when I search for it,. i noticed when I had a first responce from Malwarebytes it said if the current security (MSE) let this through payme I want a paid version of malware. What is your suggestion? And why, if you are Malware, did we use Kaspersky? I don't mind paying for the protection as long as I get a suggestion? Are you able to do that or against policy? I can install MSE also.

No one asked you to purchase anything, all the products are free and I don't have anything to do with Malwarebytes, I just volunteer my time here and on other forums as most of us do.

Malwarebytes and MSE are free.

TDSSKiller is free and especially designed for this type of infection, it's used thousands of times a day.

What did you pay for??

Here's MSE (free)

http://windows.micro...rity-essentials

MBAM (free)

http://download.cnet...j=dl&tag=button

(If you want to upgrade to the pro version to get real time protection for life, it's $24.94)

So for now, install MSE, scan the system and let me know if it finds anything.

I'll give you all the suggestions you want to secure the system for free!!

MrC

Link to post
Share on other sites

I love free. I was just saying I would pay for the best because I've been dealing with this since last Frioday trying to find the fix. So glad to have found you!

The MSE scan came back good. I still have some items in my task manager that say *32 and some of my files are empty when I search all programs. What next?

Link to post
Share on other sites

I ran and still empty folders so disabled virus protector and ran again. Many folders are still empty. When I open task manager there are numerous processes that now end in "*32". iexplore.exe; GoogleToolbarUser_32.3x2 *32; mbamgui.exe*32; HPAdvisor.exe*32; etc. I noticed when I was tryingto close some processes when I first had ti Trojan. i thought these suffixes had something to do with the Trojan.

Here is the unhide scan:

Unhide by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Unhide.exe can be found at this link:

http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 04/18/2012 04:52:39 PM

Windows Version: Windows 7

Please be patient while your files are made visible again.

Processing the C:\ drive

Finished processing the C:\ drive. 264751 files processed.

Processing the D:\ drive

Finished processing the D:\ drive. 98 files processed.

Processing the F:\ drive

Finished processing the F:\ drive. 34 files processed.

Processing the Q:\ drive

Finished processing the Q:\ drive. 0 files processed.

The C:\Users\hp\AppData\Local\Temp\smtmp\ folder does not exist!!

Unhide cannot restore your missing shortcuts!!

Please see this topic in order to learn how to restore default

Start Menu shortcuts: http://www.bleepingcomputer.com/forums/topic405109.html

Searching for Windows Registry changes made by FakeHDD rogues.

- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

No registry changes detected.

Restarting Explorer.exe in order to apply changes.

Program finished at: 04/18/2012 04:53:59 PM

Execution time: 0 hours(s), 1 minute(s), and 20 seconds(s)

Link to post
Share on other sites

I think I would rather be virus free. :)

There should be some way to get them back....like how would I open outlook? If I can open then add to the quick launch I would be good. I wonder if I could run the microsoft repair from control panel? Any ideas? i have my favorites back so saves lots oftime. I will look for outlook.

Link to post
Share on other sites

I typed outlook in the seach bar and it came up. Same with word. My son is a manager at microsoft...of course he didn't reposnd to my email Saturday for malware suggestions...but he might be able to help me get them back. I hardly ever used them since I had what I needed on the bottom bar. I'm going to tet some email...I have been missing it. I guess if it works I'm fixed. What else do I need to do to finish this?

Link to post
Share on other sites

OK...here you go:

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.