Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How To Remove A Trojan Downloader Matcash ?


  • Please log in to reply
3 replies to this topic

#1 Cycy

Cycy

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Seattle
  • Local time:03:54 PM

Posted 10 March 2008 - 09:39 PM

Hello everybody,

I get last week those virus : Trojan.Downloader.Matcash.F and Trojan.Retapu.D detected by the scan of Bit defender.

I'm far away to be a professional in informatics

So my questions are :

Can I remove those Malwares?

How Can I do this?

Does somebody have time to help me?


Thank you for your future answers

BC AdBot (Login to Remove)

 


#2 Cycy

Cycy
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Seattle
  • Local time:03:54 PM

Posted 10 March 2008 - 10:01 PM

Hi,

2 month ago i reinstalled all my hardwares and drivers cause of Malwares, (my laptop is like new now). i really don't want to do it again !!
i will really appreciate if somebody can takes time to help me
So, this is my scan resume :

Just let you know that my D:\ driver is in fact my C:\


/-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 10/03/2008 17:52:45
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : C:\
D:\
Folders : 5101
Files : 76378
Memory processes scanned : 44
Archives : 11
Runtime packers : 2980
Identified viruses : 3
Infected files : 4
Memory processes infected : 1
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 3
Moved files : 2
I/O errors : 48
Scan time : 00:27:15
Scan speed (files/sec) : 46

Spyware Statistics

Registry keys scanned : 317
Registry keys infected : 0
Cookies scanned : 71
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0


Virus definitions : 986556
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[ ] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[ ] Enable heuristics
[ ] Show all files in log
[X] Report file: D:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1205196765.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies


Summary:

<System>=>D:\WINDOWS\mrofinu1423.exe (memory dump) Infected: Trojan.Downloader.Matcash.F
<System>=>D:\WINDOWS\mrofinu1423.exe (memory dump) Deleted
<System> Archive repacking successfully completed (actions successfully applied)
D:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender\Desktop\Quarantine\mrofinu1423.exe Infected: Trojan.Downloader.Matcash.F
D:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender\Desktop\Quarantine\mrofinu1423.exe Deleted
D:\Documents and Settings\Cycy\Local Settings\Temporary Internet Files\Content.IE5\XNQN0WUR\addz[1].exe Infected: Trojan.Retapu.D
D:\Documents and Settings\Cycy\Local Settings\Temporary Internet Files\Content.IE5\XNQN0WUR\addz[1].exe Disinfection failed
D:\Documents and Settings\Cycy\Local Settings\Temporary Internet Files\Content.IE5\XNQN0WUR\addz[1].exe Moved
D:\WINDOWS\mrofinu1423.exe.tmp Infected: Trojan.Downloader.Matcash.F
D:\WINDOWS\mrofinu1423.exe.tmp Deleted
D:\WINDOWS\system32\strmee.exe Infected: Trojan.Retapu.D
D:\WINDOWS\system32\strmee.exe Disinfection failed
D:\WINDOWS\system32\strmee.exe Moved



THANK YOU !

Edited by KoanYorel, 11 March 2008 - 07:46 AM.
to merge post and move to more appropriate forum


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:54 PM

Posted 11 March 2008 - 01:42 PM

What problems are you continuing to have? Your BD log indicates it was able to delete or remove what it found.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:54 PM

Posted 12 March 2008 - 07:15 AM

Please ask your questions in this thread and not by PM.

In your PM you advised getting pop ups. What are you doing when they start and can you describe them, what they say, etc?

You also indicated that you were having system crashes and restart problems.

The symptoms you describe could be malware related or they could be due to hardware or overheating problems caused by a failed processor fan, bad memory (RAM), failing power supply, underpowered power supply, CPU overheating, motherboard, video card, faulty drivers, BIOS and firmware problems, dirty hardware, etc. If the computer is overheating, it usually begins to restart on a more regular basis.

In Windows XP, the default setting is for the computer to reboot automatically when a fatal error or crash occurs. You should be able to see the error by looking in the Event Log. Read "How To Use the Event Viewer Applet".

An alternative is to turn off the automatic reboot feature so you can actually see the error code/STOP Message when it happens - this is also known as the Blue Screen Of Death (BSOD).

To change the recovery settings and Disable Automatic Rebooting, go to Start > Run and type: sysdm.cpl
Click Ok or just press WINKEY + Pause/Break keys to bring up System Properties.
  • Go to the Advanced tab and under "Startup and Recovery", click on the "Settings" button and go to "System failure".
  • Make sure "Write an event to the system log" is checked and that "Automatically restart" is UNchecked.
  • Click "OK" and reboot for the changes to take effect.
Doing this won't cure your problem but instead of crashing and restarting you will get a blue diagnostic screen with an error code and other information that will allow you to better trace your problem. You can use Google to search the error code or post it back here so we can help you identify the problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users