Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Ali.exe Trojan

Started by fungit , Nov 19 2006 11:51 PM

Please log in to reply

#1
fungit

Posted 19 November 2006 - 11:51 PM

Member

Member
81 posts

Hi,

Last night, by chance I decided to go into my registry and check my HKCU\Software\Microsoft\Windows\CurrentVersion\Run entries
and came across
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Bandook <system>\ali.exe

HKLM\Software\MicrosoftWindows\CurrentVersion\RunOnce
*Bandook <system>\ali.exe

HKLM\SOFTWARE\Microsoft\Active Setup\Installed components\(B6A807N6-42DF-4W02-93E5-B156B3FA8AL1)
StubPath
<System>\ali.exe

I checked online and discovered it was a trojan, what it did and disconnected immediatley
After booting into safe mode and running Norton Internet security it turned up nothing. So I deleted all the above registry entries(still in safe mode) as well as the prefetch file and ALI.EXE file.

After rebooting into normal mode and scanning of the registry I didn't find anymore entries or ALI.exe files.
I then went back online and downloaded new version EWIDO AVG and scanned in safe mode which also turned up nothing.

So to the point finally (sorry), did I get rid of the trojan or just make things worse for myself?

Thanks in advance for the help

0

Advertisements

#2
Michael

Posted 20 November 2006 - 02:39 AM

Retired Staff

Retired Staff
1,869 posts

Please go to the malware forum and follow the instructions at the top....Especially the CLICK HERE.

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.

0

#3
fungit

Posted 21 November 2006 - 02:38 AM

Member

Topic Starter
Member
81 posts

Thanks, will follow your instructions.

0

Back to Windows XP, 2000, 2003, NT · Next Unread Topic →

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Geeks to Go Forum 343,326 topics
Quick Links FAQ Malware Cleaning Guide How it Works
Downloads 2+ million

View New Content

Forums

Downloads

Members

Status Updates

Connect With Us

Copyright © 2003- Local 360, LLC All rights reserved.

Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.