Trojan Horse Related

[Venga]

Heya gys, i recently got a nasty bit of spyware on my computer posing as a trojan horse SHeur.

I ran malwarebytes and avg, both full system but because the spyware was so continuous they wernt effective.

So i did both of these in safe mode and thought id removed the threat since no more pop ups came up, or avg detetcing any threats. This was 2 days ago.

However, 10 minutes ago i got a threat from avg saying it had stopped, once again, a trjoan horse SHeur.

Im wondering if i should look at getting another spyware removal such as search and destroy?
Or are there any other ideas or explinations?

[AmarenFairy]

Yes, give Spybot a go, when it comes to viruses and malware, Malwarebytes and Spybot usually get rid of everything you need.

Run Hijackthis and copy the logfile across and paste it here: HijackThis Logfileauswertung

That will give you an indication on what you need to remove in HJT....

Safest bet is format and re-install :D

[Kriz]

You need to run ComboFix

On a machine with any infection, the one-two punch of MalwareBytes+ComboFix will get rid of 99% of the stuff on it. Not smack talking Spybot, but really everything that it would find Malwarebytes would find.

HijackThis is cool and very useful, but it's very verbose.

Run ComboFix and if it finds anything, I bet you're good to go.

[Kriz]

Oops, double post.

As a further note, get Ccleaner and SpywareBlaster. Ccleaner for cleaning up all the temporary crud left over and stuff (gives you that clean feeling and you may see performance boost) and SpywareBlaster is just a very user friendly one-click hosts file editor.

[Venga]

Cheers guys, no chance of any links to these?

Im not being pathetic as google is my friend but i don't want to download soemthing that may potentially harm my computer further.

Also, can these be run in safe mode?

[killerx]

http://www.bluegartr.com/forum/55245...utilities.html We have all if not most of it all in the sticky

[Kriz]

I linked to ComboFix...

If you need a direct link its http://download.bleepingcomputer.com/sUBs/ComboFix.exe

You don't need to run this stuff in Safemode or anything. Ccleaner and Spywareblaster are both post-having a fixed machine.

[Cephius]

While you don't need to run them in safe mode, it's recommended as it offers you the best chance of cleaning out malicious files. If you have a badly infected system, safe mode is the place to start.

[Venga]

Thanks alot again guys, much appreciated. Gonna spend all of today scanning i think

I just downloaded to combofix but it doesnt seem to happy that im running AVG. Is this normal as im not really up for disabling avg?

[Kriz]

ComboFix always points out you are running AV. It's because it sometimes can be flagged as a virus. McAfee actually pulls up an alert about AVtest.cfe or something, but knows its legit. But you don't have to turn it off, just live with the two warnings.

Running in Safe mode is a good idea, I don't want to sound like it's stupid. But yeah you should be good in normal mode unless things are really bad.

[Kinesis]

just pour acid on your hard drive and watch it ride a bicycle off into the sunset...