in the syswow64 folder, avg keeps telling me that there is a Trojan downloader file in syswow64. Although I removed the file with avg plenty of times, it keeps coming back. Appearantly it disables all of my windows 8 metro apps aswell. Everytime I restar the computer, it comes back so avg has no way of diableing it. I just want to know what keeps spawning the virus and how to rid of it, nothing else.
Copyright © 2024 VQUIX.COM - All rights reserved.
Answers & Comments
Verified answer
Here is a much simpler fix.
1. Run rkill, no need to install, just download to the desktop, and double click the icon to launch it. A log file will display when it finishes, doesn't matter what it says, just close it, and move to the next step.
http://www.bleepingcomputer.com/download/rkill/
2. After rkill has run successfully, run a FULL scan with MalwareBytes, it's free:
http://www.techspot.com/downloads/4716-malwarebyte...
Delete everything MBAM finds, and restart when prompted.
Then update, and run another full scan with avg.
2
Try this:
Firstly, boot your computer to the Safe Mode menu screen. You do this by repeatedly pressing F8 as soon as you boot up. Once there, use the arrow keys to highlight Safe Mode with Networking. Continue to boot from there, by pressing Enter. You will now see some drivers being loaded. There will be a pause at some point. This usually lasts for no more than 30 seconds.
Now open your browser and download TDSSKiller.exe from Kaspersky Lab. It's tiny, and takes just a minute to run. It hunts down and kills a specific family of rootkits.
http://support.kaspersky.com/faq/?qid=208280684
Regardless of the results…
Download this package.
When you click on the download button, wait for a few seconds and the download box will appear, without you having to enter your name or email address.
Save it to your desktop, unzip it...click on start.exe...then click on Emergency Kit Scanner. Wait for it to open (this may take a couple of minutes), then get updates and run a Deep Scan (the scan may take a while):
http://www.emsisoft.com/en/software/eek/
You should now delete TDSSKiller.exe, as updated versions are often made available.
Hope this helps.
@@@@@@Backdoor trojan warning:@@@@@@
http://www.threatexpert.com/reports.aspx?find=MD5....
This is a point where you need to decide about whether to make a clean start.
You are strongly advised to do the following immediately.
1. Contact your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and ask them to put a watch on your accounts or change all your account numbers.
2. From a clean computer, change ALL your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups.
3. Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.These trojans leave a backdoor open on the system that can allow a hacker total and complete access to your computer. (Remote access trojan) Hackers can operate your computer just as if they were sitting in front of it. Hackers can watch everything you are doing on the computer, play tricks, do screenshots, log passwords, start and stop programs.
See this article on creating strong passwords http://www.microsoft.com/security/online-privacy/p...
* Take any other steps you think appropriate for an attempted identity theft.
You should also understand that once a system has been compromised by a Trojan backdoor, it can never really be trusted again unless you completely reformat the hard drives and reinstall Windows fresh.
Here is some additional information: What Is A Backdoor Trojan? http://www.geekstogo.com/2007/10/03/what-is-a-back...
Danger: Remote Access Trojans http://www.microsoft.com/technet/security/alerts/i...
Consumers – Identity Theft http://www.ftc.gov/bcp/edu/microsites/idtheft/cons...
When should I re-format? How should I reinstall? http://www.dslreports.com/faq/10063
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? http://www.dslreports.com/faq/10451
Rootkits: The Obscure Hacker Attack http://www.microsoft.com/technet/community/columns...
If you would like to try to clean your pc:
Please read the following so that you can begin the cleaning process: The service is FREE
Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult
Please read and follow the directions here http://www.malwarebytes.org/forums/index.php?showt...
skipping any steps you are unable to complete.
After posting your new post, make sure under options, you select Follow this topic and choose Instantly,
so that you're alerted when someone has replied to your post.
NOTE: Please do not post back to (bump) your topic within the first 48 hours.
Replying to your own posts changes the post count and helpers are looking for topics with zero replies.
If you reply to your own post helpers may think that you're already being helped and thus overlook your post.
If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
Or
You may send a Private Message to a Moderator asking for assistance.
Please be patient, someone will assist you as soon as possible.