Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adobelan.exe


  • Please log in to reply
No replies to this topic

#1 aquaman

aquaman

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:13 AM

Posted 04 November 2007 - 03:36 PM

hi all,
I'm a newby, yes first post.
I've registered to find my self a cure to a F.... trojan that my antivirus and malware software did not found. NOD32 first and Norton 360 after

I've downloaded a torrent wit the infected file.

It caused 5 DOS windows to open , the names were:

load.exe
setup_aim6.exe
wr-1-312.exe
is68197.exe
and another one that cant remember each of them 4k, placed in the C:\

First the trojan erased all my Firefox settings and favorites, then shut down my firewall.

the only thing that I found is that it was a password back door from the MAHA family.

In safe mode I was able to erase them but they were re installed after a normal reboot

I followed the fantastic preparation guide before posting the hijackthis log, in between scanning surfed the web for answers...

I found that the cause were two files in the WINDOWS\system32: adobelan.exe and bdod.bin so I went to safe mode delete them, deleted the first 5 files
and gone forever.....

the only mention I founf in the web was from a swedish support forum, http://eforum.idg.se/viewmsg.asp?entriesid=994264

bye

Aquaman :thumbsup:

BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users