Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

W32.Trojan.5289


  • This topic is locked This topic is locked

#1
Gina_Irene

Gina_Irene

    New Member

  • Member
  • Pip
  • 1 posts
W32.Trojan.5289

This trojan is going undetected by my Norton antivirus software, which runs a scan daily. Immunet software found the trojan, but was unable to quarantine it. For the past two days, the virus has been sending everyone in my e-mail address books from my user account with links to the virus. I do not know how to stop it. Please help if you can. Thank you.

Gina
  • 0

Advertisements


#2
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hello, Gina_Irene! :unsure:

:) I'm Nedklaw and I'll be glad to help you with your malware issues. :yes:

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

These instructions are specifically designed for Gina_Irene only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:
  • Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
  • Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
  • Be patient with me, logs can take some time to research and my life can mean that I'm busy.
  • Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
  • Refrain from running any other tools apart from the ones I tell you to.
Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.
  • 0

#3
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi Gina_Irene.

First, I would like to get some logs off you to identify any malware.

Step 1

Posted Image Download OTL to your Desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
    • Select Scan All Users.
    • Under the Custom Scan box paste this in:
    netsvcs 
    %SYSTEMDRIVE%\*.exe 
    %USERPROFILE%\..|smtmp;true;true;true /FP 
    /md5start 
    explorer.exe 
    winlogon.exe 
    Userinit.exe 
    svchost.exe 
    /md5stop 
    %systemroot%\*. /mp /s 
    hklm\software\clients\startmenuinternet|command /rs 
    hklm\software\clients\startmenuinternet|command /64 /rs 
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Step 2

Download aswMBR.exe (1.8mb) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.

Posted Image


On completion of the scan click save log, save it to your desktop and post it in your next reply.

Posted Image

Things I want to see in your next reply

  • OTL.txt
  • Extras.txt
  • aswMBR.txt

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP