3 Replies Latest reply on Nov 30, 2010 10:45 PM by headache

    Trojan Headache

      My husband noticed that he was getting redirected to different websites when using the internet.  The McAfee scan detected Trojan in file SUSP_IPR_MJ_CREATE.  McAfee would not repair the file.  McAfee technical support provided email listing free tools to help users remove malware.  Found the paper "Required Reading - Home User Assistance Malware Troubleshooting" in this forum.  I downloaded Stinger and ran it.  I thought it fixed the problem.  I ran McAfee again for a full scan and it detected Patched-SysFile.d (trojan) and repaired it.  I left town for few days and husband tried to run McAfee Update and got an error message "An error occurred while updating.  Please reinstall these programs: McAfee Internet Security".  In looking at the history file for McAfee the Patch-SysFile.d was found in C:\System Volume Information\_restore.  I read somewhere in the forum that the restore feature needs to be turned off before running Stinger so I turned it off and reran Stinger.  Now we can not download McAfee updates and our computer goes through a reboot each time we try accessing McAfee using the internet.  I am afraid to uninstall the McAfee program but feel it probably has to be done because it is corrupted.  I also downloaded Malwarebytes program onto a thumbdrive to use on the infected computer.  I copied onto the infected computer but when I ran it I got a message saying the file is corrupted.  At this point, I am totally lost on what to do next. HELP!!!!!!  I have no clue on how many different files on my computer have been affected by this trojan.  I don't even know what files Stinger may have fixed or what I could send to you all to help you figure this problem out.  Any ideas would be appreciated.

        • 1. Re: Trojan Headache
          Vinod R

          could you run stinger again and get the report from stinger and post it here.

           

          let me know if you need assistance on this item.

           

          regards

          Vinod

          • 2. Re: Trojan Headache
            Vinod R

            KEEP IN MIND THAT THIS TOOL IS TO BE RUN ONLY AS INDICATED IN DIAGNOSTICS MODE . DO NOT MAKE ANY CHANGES OR REPAIR BASED ON THE RESULTS OBTAINED BY THE TOOL.

             

             

             

            Please follow the instruction given below to run the Tool in Very High Sensitivity level with REPORT ONLY mode. ( Note: If the scan is initiated with a high sensitivity mode and set to repair , It might cause ire-repairable damages to the machine hence always run it in REPORT ONLY MODE)

             

             

            McAfee Labs Stinger

             

             

            Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

             

             

             

             

            1. Download
            2. When prompted, choose to save the file to a convenient location on your      hard disk (such as your Desktop folder).
            3.  
            4. When the download is complete, navigate to the folder that contains the      downloaded Stinger file, and run it. WindowsME/XP/Vista users read      this first.

            5. The Stinger interface will be displayed.

               
            6. If necessary, click the Add or Browse     button to add additional drives/directories to scan. By default the C: drive      will be scanned.
            7. By default, Stinger will repair all infected files found THIS IS NOT RECOMMENDED
            8. Enable Artemis Technology in stinger click on preferences and then select      the required sensitivity level.  If you select "High" or "Very High" McAfee Labs      recommends that you set the "On virus detection" action to "Report only" for the first scan.

            9. Click the Scan Now button to begin scanning the specified      drives/directories.
            10. Once the scan is done Click the File menu and select Save report to file.
            11. Locate and examine the save report / attach it to the thread on which the helper was assisting you on the community.
            • 3. Re: Trojan Headache

              Sorry this took so long.  I took time off from this problem to enjoy the Holiday.  Here is the file from Stinger.