patched_c.lyt Trojan Horse Removal - HELP!

scottishgirl87

waddler_8 wrote: »

That looks a lot better - Was malwarebytes clean? Is IE ok now too?

IE all ok now. Malwarebytes still hadn't finished scanning last time but had scanned 10,000 odd files and was clean so far. If I run it fully again and it's clean does that mean I'm good to go now?

waddler_8

scottishgirl87 wrote: »

Malwarebytes still hadn't finished scanning last time

Quick scan or full? A Quick scan should suffice.

scottishgirl87 wrote: »

If I run it fully again and it's clean does that mean I'm good to go now?

If everything is running good now, uninstall combofix.

Open a Run command box. (Start > Run or Windows key + R on your keyboard) and copy/paste this command in:

ComboFix /uninstall

Note the space between ComboFix and /uninstall , it needs to be there.

Click OK

let combofix uninstall itself.

Let me know when you've done that successfully.

scottishgirl87

waddler_8 wrote: »

Quick scan or full? A Quick scan should suffice.



If everything is running good now, uninstall combofix.

Open a Run command box. (Start > Run or Windows key + R on your keyboard) and copy/paste this command in:

ComboFix /uninstall

Note the space between ComboFix and /uninstall , it needs to be there.

Click OK

let combofix uninstall itself.

Let me know when you've done that successfully.

I was running a full scan. ComboFix uninstalled successfully :j

scottishgirl87

I am now giving up for the night! Thank you so, so, so much, waddler_8! Really can't thank you enough as I was ready for tearing my hair out!

I will check back tomorrow to see if there's anything else I still need to do and run Malwarebytes etc. fully.

waddler_8

RE: Quick scan vs full, I posted a couple of times in this thread on that. https://forums.moneysavingexpert.com/discussion/comment/52935775#Comment_52935775

It's up to you, you can do a full scan if it gives more peice of mind, but I don't think it's necessary.

Right, you can do this at your leisure, it doesn't have to be tonight.

Older programs on your computer can be exploited to facilitate the execution of malicious code which results in the installation of malware with no user interaction at all.

I can see from the logs there's at least one program there needs updating that's one of the most targeted programs (Adobe)

http://www.securelist.com/en/analysis/204792231/IT_Threat_Evolution_Q1_2012#16

http://blogs.adobe.com/adobereader/2011/09/adobe-reader-and-acrobat-version-8-end-of-support.html

Post the contents of attach.txt from when you first ran DDS and I'll give you a list of what wants updating or removing - It'll make the PC more secure and a little bit safer from future attacks.

Alternatively you can scan for the most common programs targeted here:

http://secunia.com/products/consumer/osi/online/

tonyf33

mmmm, having the same problem. AVG found it & white listed it. Now my AVG AV won't run:(

GunJack

tony - you need to follow the same steps as in this thread, but make a new thread for your logs

waddler_8

tonyf33 wrote: »

mmmm, having the same problem. AVG found it & white listed it. Now my AVG AV won't run:(

As GunJack said, start a new thread with the DDS logs.

http://forums.moneysavingexpert.com/showpost.php?p=54400065&postcount=2