1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Win32:Jifas-FB Trojan Horse , how can i remove it ?

Discussion in 'Virus & Other Malware Removal' started by j7682, Apr 13, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. j7682

    j7682 Thread Starter

    Joined:
    Apr 13, 2010
    Messages:
    5
    my avast keeps coming up saying a trojan horse called Win32:Jifas-FB has been found in C:\\WINDOWS\TEMP\us.exe .
    When i click delete it just comes back up withing 10-20 seconds,
    i would be very gratefull is someone could guide me on removing this virus.

    Thank You very much(y):)
     
  2. j7682

    j7682 Thread Starter

    Joined:
    Apr 13, 2010
    Messages:
    5
    also if it helps when i disconnect from the internet and then when the avast pops up and i click delete it doensnt come back but then when i connect back up to the internet it comes back :(
     
  3. j7682

    j7682 Thread Starter

    Joined:
    Apr 13, 2010
    Messages:
    5
    i downloaded avast 5 and now it detects it as a Win32:malware-gen, and is located in C:\\WINDOWS\TEMP\us.exe
    the process is C:\\WINDOWS\system32\svchost.exe

    HeLP ?!?!?!?!?!?!?!?
     
  4. CatByte

    CatByte Malware Specialist

    Joined:
    Feb 24, 2009
    Messages:
    3,930
    Hi,

    Please do the following:

    Please download DDS from either of these links

    LINK 1
    LINK 2

    and save it to your desktop.
    • Disable any script blocking protection
    • Double click dds.pif to run the tool.
    • When done, two DDS.txt's will open.
    • Save both reports to your desktop.
    ---------------------------------------------------
    Please include the contents of the following in your next reply:

    DDS.txt
    Attach.txt.

    NEXT


    [​IMG]
    Download GMER Rootkit Scanner from here or here.
    • Extract the contents of the zipped file to desktop.
    • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

      [​IMG]
      Click the image to enlarge it
    • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
    • Save it where you can easily find it, such as your desktop, and attach it in your reply.

    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
     
  5. j7682

    j7682 Thread Starter

    Joined:
    Apr 13, 2010
    Messages:
    5
    hello and thankyou for getting back to my post

    i have stopped using internet explorer and now use bt yaahoo, and also i updated my avast antivirus and it seems to not have came back,
    anyway thank you for you're effort on helping, if i have any more problems can i contact you ?
     
  6. CatByte

    CatByte Malware Specialist

    Joined:
    Feb 24, 2009
    Messages:
    3,930
    why don't you run the diagnostic scans I have asked for and I can make certain you are clean.
     
  7. j7682

    j7682 Thread Starter

    Joined:
    Apr 13, 2010
    Messages:
    5
    ok just so you no i will download the scans tommorrow,
    and ido still have a virus as my avast keeps blocking 'malicious url's ' :(
     
  8. CatByte

    CatByte Malware Specialist

    Joined:
    Feb 24, 2009
    Messages:
    3,930
    Hi,

    You still need help with your machine?
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Win32 Jifas Trojan
  1. Olddog20
    Replies:
    0
    Views:
    365
  2. Sumfeg
    Replies:
    0
    Views:
    1,221
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/916612

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice