MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: Trojan
November 18, 2019, 07:37:29 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 18, 2019, 07:37:29 PM

Login with username, password and session length
 Featured Sites:
News
New  Got pics of your modded PC or want to show off your cool desktop, visit our new Show & Tell forum!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: Trojan  (Read 2726 times)
lowey
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 27


Bookmark and Share

View Profile
« on: February 19, 2010, 08:36:51 PM »

Hi Please could I ask for your assistance. After a system scan I have detected virus Trojan-Banker.Win32.Banker.aspa in File: C:\ProgramData\{65B1AA84-C1DF-4A2E-A28C-E242BD7DE4B3}\corewin32\8247FA69\17D45C5A\serverinfo.exe. I just deleted the file but not sure if that was the right thing to do. Thank you.
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: February 19, 2010, 09:40:10 PM »




Please download Malwarebytes' Anti-Malware from one of these places:

 
 http://www.besttechie.net/tools/mbam-setup.exe


Double Click mbam-setup.exe to install the application.
 Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply.




Logged

An Australian Member of

EDDY
lowey
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 27


Bookmark and Share

View Profile
« Reply #2 on: February 23, 2010, 03:07:11 PM »

Hi Pancake, Thank you very much for helping me.  I did the scan as instructed and MBAM could not find any malware. The log file is as follows:

Malwarebytes' Anti-Malware 1.44
Database version: 3777
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18882

23/02/2010 14:58:27
mbam-log-2010-02-23 (14-58-27).txt

Scan type: Quick Scan
Objects scanned: 114160
Time elapsed: 8 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #3 on: February 23, 2010, 09:21:26 PM »

Ok.Lets do one more check.

Download Combofix.

Please visit this webpage for download links, and instructions for running combofix:

www.bleepingcomputer.com/combofix/how-to-use-combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

You can get help on disabling your protection programs here : http://www.bleepingcomputer.com/forums/topic114351.html

Please include the C:\ComboFix.txt in your next reply for further review.


Caution.....
Never use this program to remove files.Only use it with  help from an experienced user.Wrongful use can damage your computer.


Logged

An Australian Member of

EDDY
lowey
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 27


Bookmark and Share

View Profile
« Reply #4 on: April 06, 2010, 08:41:35 PM »

Hi Pancake
Logged
lowey
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 27


Bookmark and Share

View Profile
« Reply #5 on: April 06, 2010, 08:46:22 PM »

HiPancake, Sorry for the delay. I ran combofix and have attached the log as requested. Please note my kaspersky internet security no longer starts when booting the computer. Thank you very much for your help.
« Last Edit: April 06, 2010, 08:49:57 PM by lowey » Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #6 on: April 06, 2010, 10:24:29 PM »

Ok.All done.You should be fine now .I see no more malware.This will clear away any of the files and folders that were created by ComboFix.

Go to :
Start > Run then copy and paste the following highlighted (blue) text below into the box  and click OK.



ComboFix /Uninstall


Please read these for future reference it may save you future problems with malware:


http://www.pchelpforum.com/fixed-hijackthis-logs/59327-now-you-all-clean-afterwork.html

http://www.pchelpforum.com/fixed-hijackthis-logs/64964-so-you-want-prevent-happening.html

http://www.pchelpforum.com/fixed-hijackthis-logs/57400-how-did-i-get-infected.html


=============================


This will help clean up your system.

Please download ATF Cleaner by Atribune. http://www.atribune.org/ccount/click.php?id=1

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

(If you use FireFox or the Opera browser
To keep saved passwords, click No at the prompt.)

It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.
Logged

An Australian Member of

EDDY
lowey
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 27


Bookmark and Share

View Profile
« Reply #7 on: April 21, 2010, 05:19:14 PM »

OK Pancake,Thank you very much for your help.
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #8 on: April 23, 2010, 03:30:21 AM »

Your welcome.
Logged

An Australian Member of

EDDY
sararaja124
Jr. Member
**

Karma: +0/-1
Offline Offline

Posts: 19


Bookmark and Share

View Profile
« Reply #9 on: April 26, 2010, 10:26:53 AM »

Hi
Well i got some useful information from you Pancake.
I have a trojan problem regarding flash drive.
Whenever it is attached to the system Trojans are in my hard disk.
How to overcome it.
Logged

Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #10 on: April 26, 2010, 11:30:54 AM »

Make sure your flash drive is in place then...

Download Combofix and place it on your Desktop.



http://download.bleepingcomputer.com/sUBs/ComboFix.exe


* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Combofix may be slow to start and appear to be doing nothing  before it starts scanning.Just leave it,it will start.

You can get help on disabling your protection programs here : http://www.bleepingcomputer.com/forums/topic114351.html

Please include the C:\ComboFix.txt in your next reply for further review.


Caution.....
Never use this program to remove files.Only use it with  help from an experienced user.Wrongful use can damage your computer.This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a qualified helper






Logged

An Australian Member of

EDDY
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page May 22, 2018, 08:25:43 PM