unable to remove Lando Trojan

My laptop was infected by Lando Trojan. i am unable to remove this Trojan from my laptop. Mcafee detecting this virus and deleting but it coming again an again. I have attached Hijack-this log file and virus screen shot

virus.JPG
hijackthis.log
rajasekarramasamyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ruxandyCommented:
Try Trojan Remover: http://www.simplysupersoft.com/download/dl/trjsetup681.exe

It's a 30 day trial version. Install, update and scan. When it finds an infected file choose "Prevent this program file from running, and rename the program file"
0
mkeiwuaCommented:
Hi rajasekarramasamy,

Please go to Start Run, then type regedit.

Now browse to HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft\Windows NT > CurrentVersion > Winlogon.

Now post a screenshot of what you see there.

B Rgds,

Mkeiwua
0
PorpathamCommented:
Try to Use Combofix.

Defenitely it will clear the Virus, And ensure that it is connected with Internet.

Combofix needs internet to install "comdcons" for safe remove the files and restore.
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

PorpathamCommented:
To Download Combofix
Follow this Link:  

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

and Click on "  BleepingComputer.com "

Below Paypal  ICON.



0
pegla12Commented:
Use malwarebytes, it's powerfull tool even in free version. It cleans every peace of junk.

http://www.malwarebytes.org/
0
rwillusCommented:
I've run and tested almost every AV/AS product out there, and I haven't seen anything that Webroot Antivirus /w Anti-Spyware won't remove.  This is a link I give others, $19/year and you can install it on up to three computers.

You get what you pay for with the free ones, and other products are much more expensive and don't perform well (Symantec/Norton, McAfee, etc).

Malwarebytes is good for a free one-time scan of spyware, but not the best for ongoing protection against viruses and spyware.

Keep in mind you'll need to download the new Webroot installer after purchase on another computer if you don't have internet access on the machine infected.

Good luck
0
Mohammed HamadaSenior IT ConsultantCommented:
Please Upload your winlogon.exe file to www.virustotal.com and post the result here plz, Then follow the instructions below.

1-
- Goto Start --> run --> msconfig
- Goto Startup Items
- Disable all the items there

2-
- Download Erunt from the following site and do a backup.
- http://majorgeeks.com/Erunt_d1267.html

3-
Disable the System Restore.
- Right click the My Computer icon on the Desktop and click on Properties.
- Click on the System Restore tab.
- Put a check mark next to 'Turn off System Restore on All Drives'.

4-Download smitfraudfix to your desktop.
- http://siri.geekstogo.com/SmitfraudFix.php
- Reboot your computer and run Smitfraudfix
- Choose 2. Clean (safe mode recommended), Clean the registry when prompted to.
Post your log here when rebooted, It's located in C:\rapport.txt

Now Restart your computer.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mohammed HamadaSenior IT ConsultantCommented:
Also Download and run Gmer, Use it on both normal and safe mode.
Follow instructions on the site it self.

http://www.gmer.net/
0
rajasekarramasamyAuthor Commented:
Hi Porpatham,

Before posting this question i scanned my system with combofix. Virus not cleaned by combofix.
0
rajasekarramasamyAuthor Commented:
Hi moh10ly

I followed your steps. now virus has been removed from my system. Thank you.
0
PorpathamCommented:
Hi rajasekarramasamy:

               Thanks for the reply.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.