Need help with Trojan Banker - Please!!

[zinck]

Thank you, Scott.  That helps!  Now it fit in two files.  (The 200kb limit seems to be rather low.)

I'm attaching the first file in ANSI.

[zinck]

Here is the second and final part of the OTS log in ANSI.

Thanks again!!

[essexboy]

Have you recently re-installed windows ?

I would like to run Combofix - I do not feel it will find anything but it is better safe than sorry

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
• Double click on ComboFix.exe & follow the prompts.
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you.  Please include the C:\ComboFix.txt in your next reply.

[zinck]

Yes, I reinstalled Windows just a few weeks ago.  That's what makes this so frustrating.  It takes a while to get everything reinstalled and then I go and get another virus.  That's why I hope I can solve this without the need to reinstall Windows again.

Essexboy, I will download the program you suggested and follow your instructions.  Thanks!

[zinck]

I got ComboFix and tried to run it.  I disabled AVAST for 10 minutes. 

But I still got a message from Combofix saying it cannot run with AVG is installed. (But I do NOT have AVG on my machine.)

I have the windows firewall and installed Malewarebytes.  I don't know what might be causing the problem.

Combofix says to uninstall AVG first but I have never had it since reinstalling windows a few weeks back.  I decided to use AVAST instead.

Any suggestions?

Thank you!
Larry

[Probzzie]

I would strongly recommend not logging into your banking information on the suspected infected computer until your confident of its cleanliness. Log on using an alternate computer or use telephone banking. Better to be safe, than sorry.

[zinck]

until your confident of its cleanliness.

And how can I be sure?  That's the question.

[Probzzie]

Essexboy with notify you, combofix will not run with avg running you said?
Uninstall AVG, you should only ever have one Anti-virus program installed in your computer as they will conflict with each other.
Control panel/ add remove programs and uninstall it, the site below will direct you to avg's site for there removal tool. Tell me how uninstalling goes
http://www.avg.com/us-en/download-tools

[zinck]

I do NOT have AVG on this machine.  I had it a few months ago before I reformatted.  Now my only anti-virus program is AVAST.  I can't understand why combofix gave me that message.

[Probzzie]

Have you tried it since that message? Might as well disable Avast until restart when you decide to retry combo fix, make sure you run as administer.

[essexboy]

Run the AVG removal tool as there will be a fair few drivers left from AVG that a normal uninstal does not get

[zinck]

I do not have the AVG removal tool.

I have not had AVG on this machine since my most recent installation of Windows XP.

[essexboy]

Did you overinstall over the old version or did you backup any documents and settings profiles

Download and run the tool - it will only take a few minutes and then combofix will run
http://www.avg.com/us-en/download-tools

[zinck]

I am running Windows XP Home Version 5.1 Service Pack 3.

I did a total install, I saved my documents on an external HD.   I did NOT do a reinstall or overinstall.  I started from scratch.

I will attach the log from the AVG uninstall.  I got the 32 bit remover.

However the combo fix still says I have AVG on my machine.  I can't imagine why!

[essexboy]

Nor can I - so lets try a different tool to look at the system - but as I say I do not feel that there is any malware left

 

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )


Now an analysis scan

Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder  then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip