Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Kaspersky Trojan issue


  • Please log in to reply
6 replies to this topic

#1 michael24

michael24

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 13 May 2012 - 08:14 AM

I had MSE and it stopped working yesterday morning I finally got rid of it and installed it again ever since then these damn trojanswin64 and backdoor trojans have been popping up I keep quarantining them but some it only allows me to ignore them while disinfect and delete are blacked out and I can not click on them.That must mean certain ones are so malicious its gonna be very difficult to get rid of them.

If I ignore them though and thats the only option doesnt that mean that unleashes the trojans when you ignore them? This has me very worried and it continues to keep saying its secure but then minutes later it keeps catching backdoor trojans and trojans and it either lets me quarantine or delete them or only allows me to ignore (recommended)<<<Thats what it says for some of them and thats the only choice it gives me.

Please help me this is gonna destroy my computer.

It just popped up file anti virus HEUR:Backdoor.Win64.Generic it keeps doing this please help me. :(

BC AdBot (Login to Remove)

 


#2 michael24

michael24
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 13 May 2012 - 08:21 AM

It also keeps saying TrojanWin64.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:12 PM

Posted 13 May 2012 - 10:01 AM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#4 michael24

michael24
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 13 May 2012 - 03:30 PM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


I think it was done.




I have no idea how to post that log here.

Edited by michael24, 13 May 2012 - 03:31 PM.


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:12 PM

Posted 13 May 2012 - 04:04 PM

Just copy and paste the contents of notepad

#6 michael24

michael24
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 14 May 2012 - 08:37 AM

Just copy and paste the contents of notepad



Thats the problem in safe mode with networking it showed different results and in normal mode I dont think it finished scanning .



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-13 16:08:17
-----------------------------
16:08:17.681 OS Version: Windows x64 6.0.6002 Service Pack 2
16:08:17.681 Number of processors: 3 586 0x203
16:08:17.681 ComputerName: USER-PC UserName: User
16:08:22.099 Initialize success
16:09:26.059 AVAST engine defs: 12051301
16:11:54.966 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:11:54.966 Disk 0 Vendor: WDC_WD6400AAKS-75A7B2 01.03B01 Size: 610480MB BusType: 3
16:11:54.982 Disk 0 MBR read successfully
16:11:54.982 Disk 0 MBR scan
16:11:54.982 Disk 0 Windows VISTA default MBR code
16:11:55.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:11:55.013 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
16:11:55.029 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 595439 MB offset 30801920
16:11:55.060 Disk 0 scanning C:\Windows\system32\drivers
16:12:02.657 Service scanning
16:12:19.599 Modules scanning
16:12:19.599 Disk 0 trace - called modules:
16:12:19.645 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:12:19.661 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007886640]
16:12:19.661 3 CLASSPNP.SYS[fffffa60015cbc33] -> nt!IofCallDriver -> [0xfffffa800773d270]
16:12:19.677 5 acpi.sys[fffffa60010fbfde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800775b940]
16:12:23.265 AVAST engine scan C:\Windows
16:12:27.833 AVAST engine scan C:\Windows\system32
16:15:51.887 AVAST engine scan C:\Windows\system32\drivers
16:16:11.730 AVAST engine scan C:\Users\User
16:27:49.981 Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
16:27:49.990 The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-13 16:59:40
-----------------------------
16:59:40.908 OS Version: Windows x64 6.0.6002 Service Pack 2
16:59:40.908 Number of processors: 3 586 0x203
16:59:40.908 ComputerName: USER-PC UserName: User
17:01:38.801 Initialize success
17:02:09.626 AVAST engine defs: 12051301
17:02:22.059 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:02:22.074 Disk 0 Vendor: WDC_WD6400AAKS-75A7B2 01.03B01 Size: 610480MB BusType: 3
17:02:22.152 Disk 0 MBR read successfully
17:02:22.168 Disk 0 MBR scan
17:02:22.168 Disk 0 Windows VISTA default MBR code
17:02:22.199 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:02:22.230 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
17:02:22.261 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 595439 MB offset 30801920
17:02:22.386 Disk 0 scanning C:\Windows\system32\drivers
17:03:02.275 Service scanning
17:04:29.508 Modules scanning
17:04:29.508 Disk 0 trace - called modules:
17:04:29.555 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys acpi.sys ataport.SYS pciide.sys
17:04:30.070 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007848060]
17:04:30.070 3 CLASSPNP.SYS[fffffa60017d1c33] -> nt!IofCallDriver -> [0xfffffa80077bda80]
17:04:30.070 5 PCTCore64.sys[fffffa6001221f38] -> nt!IofCallDriver -> [0xfffffa80077b75d0]
17:04:30.070 7 acpi.sys[fffffa60008fdfde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80077b7940]
17:04:44.016 AVAST engine scan C:\Windows
17:07:30.188 AVAST engine scan C:\Windows\system32
17:19:25.276 Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
17:19:25.354 The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-13 16:59:40
-----------------------------
16:59:40.908 OS Version: Windows x64 6.0.6002 Service Pack 2
16:59:40.908 Number of processors: 3 586 0x203
16:59:40.908 ComputerName: USER-PC UserName: User
17:01:38.801 Initialize success
17:02:09.626 AVAST engine defs: 12051301
17:02:22.059 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:02:22.074 Disk 0 Vendor: WDC_WD6400AAKS-75A7B2 01.03B01 Size: 610480MB BusType: 3
17:02:22.152 Disk 0 MBR read successfully
17:02:22.168 Disk 0 MBR scan
17:02:22.168 Disk 0 Windows VISTA default MBR code
17:02:22.199 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:02:22.230 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
17:02:22.261 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 595439 MB offset 30801920
17:02:22.386 Disk 0 scanning C:\Windows\system32\drivers
17:03:02.275 Service scanning
17:04:29.508 Modules scanning
17:04:29.508 Disk 0 trace - called modules:
17:04:29.555 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys acpi.sys ataport.SYS pciide.sys
17:04:30.070 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007848060]
17:04:30.070 3 CLASSPNP.SYS[fffffa60017d1c33] -> nt!IofCallDriver -> [0xfffffa80077bda80]
17:04:30.070 5 PCTCore64.sys[fffffa6001221f38] -> nt!IofCallDriver -> [0xfffffa80077b75d0]
17:04:30.070 7 acpi.sys[fffffa60008fdfde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80077b7940]
17:04:44.016 AVAST engine scan C:\Windows
17:07:30.188 AVAST engine scan C:\Windows\system32
17:19:25.276 Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
17:19:25.354 The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"
17:35:55.640 Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
17:35:55.655 The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"


This is what I got though.Hope it helps.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:12 PM

Posted 14 May 2012 - 08:51 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users