Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Trojan Horse


  • Please log in to reply
3 replies to this topic

#1 DKP

DKP

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 01 January 2007 - 06:21 PM

I ran Norton antivirus scan. And it tells me that i have been infected with Trojan Horse, its name is msasvc.exe. If anyone could help me, it would be great. Thank you

Moderator Edit: Moved topic to more appropriate forum. ~ Animal

Edited by Animal, 01 January 2007 - 06:51 PM.


BC AdBot (Login to Remove)

 


#2 TheTerrorist_75

TheTerrorist_75

  • Members
  • 645 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Fulton, NY > Snow country.
  • Local time:07:51 AM

Posted 01 January 2007 - 06:24 PM

Read this: Preparation Guide For Use Before Posting A Hijackthis Log, Instructions for receiving help in cleaning your computer

Then post a Hijack This log at: HijackThis Logs and Analysis
I am a transplant survivor.

Get Your Donor Card

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 31,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:51 AM

Posted 02 January 2007 - 07:40 AM

msasvc.exe is related to a Backdoor (IRCBot) Trojan that uses rootkit technology, installs itself as a service in your system 32 folder and may install other files.

Please follow the instructions provided by TheTerrorist_75 for posting a hijackthis log. This will help us to identify any other malware installed by this bot. Further, there are specialized tools for dealing with this infection which will be provided by the HJT Team staff member who will assist you.

IMPORTANT NOTE: Backdoor Trojans are very dangerous because they provide a means of accessing a computer system that bypasses security mechanisms. Remote attackers use back door Trojans as part of an exploit to to gain unauthorized access to a computer and take control of it without your knowledge. When infected by one of them you should disconnect the computer from the Internet until your system is cleaned. If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums. You should consider all your passwords to be compromised. They should be changed by using a different computer and not the infected one. Do not change passwords or do any transactions while using the infected computer because an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breech. Because your computer was compromised please read How to report ID theft, fraud, drive-by installs, hijacking and malware.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:07:51 AM

Posted 02 January 2007 - 07:09 PM

DKP, Welcome to the BC.

Please follow all instructions given carefully.

I've split away your HJT log from this thread and moved it to the proper forum.

You'll find it here. http://www.bleepingcomputer.com/forums/ind...mp;#entry423376

Please be patient, wait for a response to it.

This thread is closed.

Edited by KoanYorel, 02 January 2007 - 07:10 PM.

The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users