Can't get rid of Trojan...

MORPH3US

Hi folks,

My home PC seems to be infected with a trojan downloader that Windows Defender keeps flagging up as shown below:



Problem is whenever I click "Remove All" it seems to indicate that the problem has been removed but then half an hour later it will pop up with the same message again.

Also left my PC on overnight and this morning there were about 10 webpages open with selling anything from lipstick to sponsor an orangutan.

Have done a full scan with AVG and it didn't find anything.

Tried to install Spybot but for some reason that won't install.

Downloaded and run a full scan on Ad-Aware but that gets stuck on a certain file and looks like its still running but doesn't move off the one file....

Tried to do an online Kapersky virus scan but for some reason the page was loading funny....

Can anyone help me get rid of this POS from my PC please

MORPH3US

Just also tried to download Malwarebytes' Anti-Malware but that page won't load also....

Is there such a thing as an intelligent virus / malware that could see I was trying to get rid of it so block my attempts to download software to kill it?

GunJack

in a word....YES !!

can you download the MBAM installer and Combofix onto a memory stick from another pc and then install/run on your infected one ??

Also, AVG and Defender aren't much good in all honesty..need to bring in the big guns

MORPH3US

Cheers GunJack...

Will do as you suggest - download those programmes to memory stick and take them home tonight.

Interestingly just doing the Microsoft Onecare Safety Scanner for Vista now and so far "9 items detected, 4 issues found" on the virus and spyware scan and only done 5%.

Will report back more later on what it finds.

Cheers

artbaron

Have you looked at this (I can't post links so change Xttp to http and paste into browser)
Xttp://support.microsoft.com/kb/890830

Browntoa

you may need to change the name of combofix to get it to run , may also need to boot into safe mode to get it to run , even after renaming

MORPH3US

Update as promised guys:

Binned off AVG in the end (after trumpeting it for many many years) and got Avira instead. Avira kept seeing the virus but it was it advised me not to continue running the PC with this trojan there, to restart and run a boot scan (i.e. where it scans before windows even starts). Did that and deleted about five problems but when I got past that stage and got back into windows the pop up kept telling me the main virus / torjan was still there and it wasn't safe to keep running, restart and do the boot scan ad infinitum.....

After much troubles, I finally managed to get MBAM working (think that was the virus making things difficult not the software) and must say that it seemed very good. Picked up a load of dodgy stuff and quickly got rid of all of it. From what I can see my computer is now fixed, it certainly isn't showing any symptoms or signs of being infected.

Thanks for the help guys.

GunJack

morph3us - justb as a belt'n'braces, get superantispyware, update and full scan.....if that's clear, sounds like you're good to go

p.s. jackie, the sas updates recently have had LOTS of vundo & variants additions..getting better against it