Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan Patched!IK


  • Please log in to reply
3 replies to this topic

#1 tim876

tim876

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 30 June 2012 - 02:48 PM

I noticed google redirect type symptoms (search, and get crappy redirected results), and went straight to work

things i tried:

microsoft malware tool -> found nothing

symatec stinger -> found nothing

malwarebytes full scan -> found nothing

hitman pro

2 infected files

svchost.exe - trojan.Patched!IK

winlogon.exe - trojan.Patched!IK

I tried to repair, but it couldnt delete them


a search for these 2 files on the c drive shows the system32 copy of winlogin as 532 kb, and the servicepack/386 copy as 496 kb (they are both 496 kb on the similar non infected laptop i'm typing on)

system32 copy of svchost.exe as 39 kb, and the servicepack/386 copy as 14 kb. Again, they are both 14 kb on the non infected dell c810 laptop i'm typing on, running xp service pack 3)

infected computer is a dell c840, running xp service pack 3

it wont let me copy over the servicepack/386 version of the files over the infected ones

driving me nuts

TIA

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 AM

Posted 30 June 2012 - 02:49 PM

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

Edited by narenxp, 30 June 2012 - 02:50 PM.


#3 tim876

tim876
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 01 July 2012 - 10:43 AM

I ran the DDS tool, but it freezes up, with no other applications are running (confirmed by task manager, and glary utilities startup manager)

is it possible to do the rest and post it?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 AM

Posted 01 July 2012 - 11:03 AM

Try this as suggested by boopme

http://www.bleepingcomputer.com/forums/topic458269.html

OTL log should be good




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users