Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan downloader found! [RESOLVED]


  • This topic is locked This topic is locked

#16
azolat

azolat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I've run the scan two additional times today with the same result :)
  • 0

Advertisements


#17
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Ok, We'll try another one:

Please download the Sophos Anti-Rootkit Scanner and save it to your desktop.

You will need to enter your name, e-mail address and location in order to access the download page.

  • Once you have downloaded the file, double click the sarsfx icon
  • Review the licence agreement and click on the Accept button
  • The scanner will prompt you to extract the files to C:\SOPHTEMP - DO NOT change this location, simply click the Install button
  • Once the files have been extracted; using Windows Explorer, navigate to C:\SOPHTEMP and double click on the blue shield icon called sargui
  • Ensure that there are checkmarks next to Running processes, Windows registry and Local hard drives, then click Start scan
  • Allow the program to scan your computer - please be patient as it may take some time
  • Once the scan has completed a window will pop-up with the results of the scan - click OK to this
  • In the main window, you will see each of the entries found by the scan (if any)
    • If the scanner generated any warning messages, please click on each warning and copy and paste the text of it into this thread for me to review
    • Once you have posted any warning messages here, you can close the scanner and wait for me to get back to you
  • If you have not had any warnings, any entries which can be cleaned up by the scanner will have a box with a green checkmark in it next to the entry
  • To clean up these entries click on the Clean up checked items button
  • If you accidentally check a file NOT recommended for clean up, you will get a warning message and if necessary can re-select the entries you want to clean up
  • Once you have cleaned the selected files, you will be prompted to re-boot your computer - please do so
  • When you have re-booted, please post a fresh HijackThis log into this thread and tell me how your computer is running now
Thanks
  • 0

#18
azolat

azolat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Got all the way till I had to run the program, at which point a pop up said the program does not support Windows Vista.
  • 0

#19
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Hi,
Can you boot into safe mode and run a scan with the On Demand scanner as per its instructions to see what it finds.
Let me know what happens.

Edited by sarahw, 21 March 2008 - 12:54 AM.

  • 0

#20
azolat

azolat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
ok, the scan just finished and it says nothing found.
  • 0

#21
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Your logs are clean, I can't see anything that would indicate a Rootkit or other Malware was installed. Alot of Antivirus software have false positives, in an attempt to alert you to dangers that might actually be harmless, or caused by a regular program installing itself.

Please download OTCleanIt from HERE to your desktop.
Double click to run it. It will clean up the assortment of tools used during malware removal. When it has finnished, it will ask you to reboot so it can remove itself.

A well protected computer should have at least an Anti Virus and Firewall, an Anti Spyware is also great addition to your computers security. Here is a list of tools I like to recommend to people that will help ensure safe surfing on the internet, and to help you from getting infected again.
Note: DO NOT install more than one antivirus or Firewall program. They will conflict, and provide less protection, not more. Uninstall any existing Anti Virus\Firewall programs if you're going to install a new one.


Free Online Scans:
Free Active X and Java based online scans. You can use these scans from other companies and it will not interfere with your current Anti Virus. If you find that you are infected, post a Hijack This log in the forums.

Free Temp Cleaners:
Use these tools to clean temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders. ATF cleaner recommended.

Free Firewall Downloads:
You must have a Firewall installed on your computer. This helps stop anything from leaving or entering your computer without your permission.

Free Anti Spyware Downloads:
An Antispyware is a great tool that can help remove infections along side your Anti Virus. Some include real time protection, scheduled scans and automatic definition updates.

Free Anti Virus Downloads:
A must have for all computers. Avast! recommended.

Other:
  • SpywareGuard
    Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
  • IE-SpyAd
    This tool puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
  • Memtest86
    Great memory testing software.
  • CPU-Z
    This application gives detailed information about your system in a nice layout
  • Speedfan
    Returns and monitors system temperatures.
  • Windows Updates
    It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
You can now Rehide your system files by using the reversal of these instructions HERE



To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read THIS article by Tony Klein.


If you have any other problems or questions be sure to ask. :)

Edited by sarahw, 24 March 2008 - 07:35 PM.

  • 0

#22
azolat

azolat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
ok, thank you so much for your help! :)
  • 0

#23
azolat

azolat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
sorry, one more thing, the link to OTcleanup is not working, is there someplace else to get it?
  • 0

#24
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Hi,
Sorry about that, the name and link has changed and I forgot to update my links. It should work now.
  • 0

#25
sarahw

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP