Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspected trojan


  • This topic is locked This topic is locked
3 replies to this topic

#1 Dr Danger

Dr Danger

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Big Red Bus Anywhere USA
  • Local time:08:06 AM

Posted 18 November 2011 - 01:51 PM

I recently had a Trojan:Win32/Serefef.0 With the help of the Malwarebytes tech we ran OTL and Combofix and a few other programs. It seemed that we removed it but now I am not sure. I unfortunatly did not have the 30 bucks to pay for the Malwarebytes trial and it has expired. I have not gotten my system back to normal since the trojan wrecked complete havoc on it. I get lots of crashes. I am unable to have my Administrater priveldges restored. I just recently was able to get my Iola System Mechanic installed and working again but it does so reluctently and hangs and crashes but will run now but not like before. i HAVE TRIED TO RUN mICROSOFT sAFETY (oops) Scanner and have not done so successfuly at this point. The first times I tried to download it it crashed. When I finaly did get a good download it would run until it got to the file C:\Windows\zip.exe This would happen each time I tried to run the Saftey Scanner and at 1.03 minutes get stuck on that file. I would like to proceed with another scan for the trojans or something else that may still be plauging my system and try and get things working normaly again. I have never been able to make a system restore point for some reason on this computer and so that has never been an option for me to restore the system to an earlier date. I am running Vista. if someone can help me I will do my best to stumble thru it but I am learning as I go and sometimes it takes me a minute to grasp the directions. Also when told to save a download to my desktop the download file in my vista goes into my documents and I have been unable to figure out how to save directly to my desk top as instructed. I tried installing Microsoft Security essentials when I first began having problems and although I dont think it was ever allowed because of the trojan to work or install correctly I have tried to remove it many times by using the APP REMOVER and it seems to still be stuck here in my system. One more thing is that somehow during the whole trojan war process my 2007 Microsoft Office Word program dissappeared. Not having the disc or code any longer available I had to install an XP VERSION OF WORD FROM 2003. Microsoft ACCESS was removed as well as the picture stuff. tHAT IS A REAL BUMMER. i STILL HAVE 2007 Power point and pulisher and my excel still works. Advice? Well I think that covers it. HELP PLEASE

Thank you

Dr Danger

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:12:06 PM

Posted 18 November 2011 - 02:15 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,204 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:07:06 PM

Posted 23 November 2011 - 01:53 PM

Hello ,
And :welcome: to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new DDS log (don't forget attach.txt)

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,204 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:07:06 PM

Posted 10 December 2011 - 06:47 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users