Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't delete trojan and other thing


  • Please log in to reply
5 replies to this topic

#1 BronzeMOnkey

BronzeMOnkey

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 01 February 2009 - 08:32 AM

Hello, my friend told me about this site so I thought I would ask you guys for help.

I am not sure if this is the right forum but I cant seem to delete a trojan( I think it is a trojan) named Trojan.Brisv.A!inf that norton antivirus found. It said for me to download a program from the norton site that would delete the trojan but, according to the downloaded program, there is no trojan!

The other thing, is a detection of something called Bloodhound.PDF.3, but norton full system scan did not find this at all.

Also, I don't know if this matters but norton says under history "Connected to a protected network. ( GATEMAC 00 14 95 45 18 02)"

I know that the Trojan.Brisv.A!inf's location is somewhere in a specific folder but I did not want to delete the suspected file for fear that it might cause more harm.

I've already ran super anti spyware, ccleaner, malwarebytes, and spybot, which helped to fix my norton security ( fixed the virus auto-protect thing but thats all.)
Lastly,when I ran a hijackthis log these 2 two things seemed to standout( checked by that automated hijackthis thing at http://www.hijackthis.de/)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ares.mp3.es/start.php
C:\Program Files\Viewpoint\Common\ViewpointService.exe

I am not sure what to do and any help would be very very much appreciated and thank you people for your time.

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:01:00 PM

Posted 01 February 2009 - 10:48 AM

Are you using XP of Vista?

Open MBAM and click Update tab, select Check for Updates,when done
click Scanner tab,select FULL scan
After scan click Remove Selected, Post new scan log for review

Be sure to turn off System Restore and if you use Spybot's Teatimer application, disable it for now
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 BronzeMOnkey

BronzeMOnkey
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 01 February 2009 - 12:45 PM

I am using xp and system restore is off, also I am not using teatimer.

I updated but the scan didn't find anything new

Malwarebytes' Anti-Malware 1.33
Database version: 1713
Windows 5.1.2600 Service Pack 3

2/1/2009 9:42:39 AM
mbam-log-2009-02-01 (09-42-39).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 199839
Time elapsed: 1 hour(s), 35 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:00 PM

Posted 01 February 2009 - 05:44 PM

I am pretty sure Mark meant for you to have system restore on at this poiint in the disinfection
Chewy

No. Try not. Do... or do not. There is no try.

#5 BronzeMOnkey

BronzeMOnkey
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 01 February 2009 - 06:57 PM

So what should I do now then? Should I run malwarebytes again with system restore on?

#6 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:01:00 PM

Posted 02 February 2009 - 05:11 PM

No, don't bother

ATF
Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

After that, let's try a Kaspersky scan:


If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users