Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojandownloader.xs [RESOLVED]


  • This topic is locked This topic is locked

#16
sage5

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Hi henschke,


The Autoexec.bat file looks innocent enough, something to do with Pinnacle Studio.
The random named .exe file showing up in the Running Processes section is something to do with Trend Micro



Clean up Registry with a Reg file:
  • Please open a new Notepad file by clicking Start\All Programs\Accessories\Notepad
  • Copy the text from the following Code box, by highlighting all the text and right click, Select Copy. (or use the Ctrl+C keyboard shortcut)
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
  • Paste it into Notepad. Right click in the window and select Paste. (or use Ctrl+V)
  • Save the file to the Desktop, make sure Type is All Files, and name it Fixreg.reg
  • Double click on the file created and click Yes when asked to merge the information into the Registry


Otherwise, I think you log is now clean & you are good to go.

Normally I would recommend software to improve your security, but most if not all would not run on the x64 platform.

I think that you should consider a software firewall as well.

The native Windows Firewall is notoriously poor at stopping/analysing outbound traffic, especially the types generated by
a) Trojans trying to download other malware.
b) Keyloggers calling "home" with potentially dangerous information from your PC (credit card/bank account details)
c) Malware reporting surfing habits.
It does a passable job at blocking inbound hacking, but not as good at "stealthing" (hiding) ports as many others, like Comodo, Sygate etc.

Hardware firewalls are very good at stopping hackers & other inbound traffic that you don't initiate.
However they can fail in the following circumstances:
a) You browse through a "doubtful" site, some of these are loaded with malware code. A hardware firewall cannot discriminate between the good & bad code, so, because you initiate the process, it lets it all code through.
b) A trojan calling out to download other malware, appears to a hardware firewall, to be a legitimate request, so let's the outbound request & inbound answer through.

Cheers,

sage5
  • 0

Advertisements


#17
henschke

henschke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Thanks for the help and advice. My system seems to be back to normal with no more pop ups, system tray warnings, tracking cookies, and I have control of the task manager back.

Thanks again sage5, and thank you to geekstogo! :)
  • 0

#18
sage5

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
You are very welcome henschke :)

All the best,

sage5
  • 0

#19
sage5

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP