Please Help: Am I Infected With Trojans?

  NSBT 22:52 29 Oct 2007
Locked

I created this click here thread earlier and following the advice I have completed scans via A- Square. AVG anti Spyware, McAfee Virus scan, and finally superantispyware.

I have tried to produce an image via imageshack, but imagshack states "The file format you attempted to upload is not supported" (I've never had a problem with Imageshack previously)

So, the results from the scan:

Trojan Downloader-DRAlike/gen [1item]
files:
C:\WINDOWS\SYSTEM32\TMRSR.EXE

Trojan Downloader -FakeRX[1 item]
Files
C:\WINDOWS\SYSTEM32\QIAWPBJJ.DLL

I'm a complete numpty here, so any advice guidence will be welcome, have I picked up a Trojan, and if so, how do I get rid of it please.

I still have the results on superantispyware open, do I just press "Next" on the scan results?

  Saltire84 23:18 29 Oct 2007

I would try 'Housecall' it's a free scan...You can get it from Trend Micro site: click here

I've found this very effective . Good Luck

  DieSse 01:12 30 Oct 2007

I still have the results on superantispyware open, do I just press "Next" on the scan results?

Yes

  NSBT 07:48 30 Oct 2007

Hi

I have completed the scans, and rebooted, I have also used "Houscall" which found 1 infection, I followed the instructions, and housecall rescaned, stating no infection founnd.

Yet, when I use Google, the infection is still there, i.e no matter what site I select from Google, the same site, in my OP keeps comming up.

I'm at a loss as what to do next

  NSBT 08:05 30 Oct 2007

Also, can someone please explain what that site is actually doing, is it tracking my movements, and keylogging eveyword I type?

I frightened to death of using the computer at this stage

Thanks for any assistance

  DieSse 08:30 30 Oct 2007

Are you using IE7 -

then try resetting it

Tools - Internet Options - Advanced - Click Reset, near bottom of window.

Try clearing your cookies - a guide here click here

I wouldn't worry too much - I don't think it'll be stealing anything - just wants to force you to their page.

  Technotiger 08:32 30 Oct 2007

Hi, try this ..

First, go off-line. Then turn off System Restore, then run all your scans as above again. Then re-start System Restore. Then re-start your computer and continue as normal - hopefully!

Nasties often 'hide' in System Restore to avoid the various scans. To turn off System Restore go to Start>All Programs>Accessories>System Tools>System Restore>System Restore Settings> then click on the box to Turn Off System Restore, click on Apply and OK.

Go the same route to turn System Restore back on after you have done all your scans.

Good luck.

  NSBT 10:53 30 Oct 2007

Hi

I have done everything suggested, the scans were stating "Clear"

I have rebooted, yet and I'm still having the same problem.

  DieSse 11:40 30 Oct 2007

Go into IE - Tools - Options

On the General tab under browsing history - Click Delete

Under Search click Settings Click Google and Click Delete

Close the Options window

Under Tools - Manage add-ons - click enable/disable add-ons

Look through the variuos add-onns (pull down the menu in the top half to see the different things. Delete any that look suspicious or refer to the casino - and delete all the google ones

Close and exit IE

Go to the control panel, look for the google toolbar - and if you find it uninstall it.

Download it afresh and try again.

  NSBT 13:14 30 Oct 2007

Hi folks

Nothing seemed to work, so in the end I called Microsoft technical support, the guy done a virtual clearance on my computer.

All is not cleared, thanks to all who assisted, much appreciated.

  Technotiger 13:57 30 Oct 2007

I guess you mean 'All is *now* cleared' :-)

Grreat, thanks for the feedback.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Galaxy Note 8 vs iPhone X

Awful clip art from 1994 is being tweeted every hour by a bot

iPhone X vs Samsung Galaxy Note 8

Les meilleurs navigateurs internet 2017