Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Problem!


  • Please log in to reply
4 replies to this topic

#1 jay_nation

jay_nation

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:03 AM

Posted 25 July 2006 - 07:15 AM

Virus/Spyware

Recently has my online banking details interrupted online and bank accessed luckly bank detected this and saved my cash!!

I use the following programs to help:

Ewido antispyware 4.0
Windows defender
Ad-Aware Se
Spyware blaster SE
Spybot search and destroy

I know its overkill but still got hacked and keep recieving a Trojan!!!!


My Last Ewido scan:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:32:54 25/07/2006

+ Scan result:



HKLM\SOFTWARE\Classes\CLSID\{ee2975b6-e8d5-405e-8448-8fe9590f6cfb} -> Adware.Generic : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mzoeut.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : Cleaned.
C:\Documents and Settings\John Paul Latham.INSPIRON5150\Cookies\john paul latham@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld43F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld46AB.tmp -> Trojan.Small : Error during cleaning.
C:\WINDOWS\system32\1024\ld5A34.tmp -> Trojan.Small : Error during cleaning.
C:\WINDOWS\system32\1024\ld6D6F.tmp -> Trojan.Small : Error during cleaning.
C:\WINDOWS\system32\atmclk.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dcomcfg.exe -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

Can anyone help what am i doing wrong? Wrong programs? Why Trojan keep coming back?

Many thanks

JP

BC AdBot (Login to Remove)

 


#2 Albert Frankenstein

Albert Frankenstein

  • Members
  • 2,707 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Michigan, USA
  • Local time:02:03 AM

Posted 25 July 2006 - 08:07 AM

Well, it seems you are on the right track, but you may need some specific expertise to clean your computer.

The best way to do this is to run a little program called HiJackThis. This program creates a log. Then you paste the log into the HiJackThis forum here at Bleeping Computer. An expert will help you get rid of the malware on your computer. It takes a little time, and it takes a little patience and you must be good at following instructions, as there will be some to follow. The following instructions will walk you through the process of creating a log:

FIRST
Read the Preparation Guide found HERE. It is very important that you follow ALL of the instructions found within. (There are many important steps in this guide that may clean your computer.)

NEXT
Post your system information along with a brief description of the problems you are having, and your HJT log in the HJT forum found HERE.

NOTE: Please, after you post your HJT log DO NOT make another post in the HJT forum until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post there will be 1 reply. The team member glancing over the replies might think someone is already helping you out and will not respond. So, just make your post and let it sit there until a team member responds. The volunteers who work that forum are very busy, so please be patient and wait. It can sometimes take a few days for a response. If after 5 days you still have gotten no response, then post a link to your HJT log HERE.

FINALLY
If, after finishing your work with the folks at the HJT forum you have issues with Windows related to the removal of the infection, then come to the other forums and let us help you get your computer back to normal.

You are in good hands! Good luck!
ALBERT FRANKENSTEIN
I'M SO SMART IT'S SCARY!


Currently home chillin' with the fam and my two dogs!


#3 jay_nation

jay_nation
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:03 AM

Posted 25 July 2006 - 08:14 AM

Hi there many thanks for your reply.

Very good advice just running all programs including new anti virus software...saving loggs an the will go to Hijack forum.

Have the program on system.

Much appreciated.

JP

#4 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:01:03 AM

Posted 25 July 2006 - 08:50 AM

It needs to be installed in your root drive, probably C: and the log created and posted in our Hijack This forum here:
http://www.bleepingcomputer.com/forums/posthjtlog.html

Before you post it please read the pinned instructions here:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

And after you post your log, please do not make any other attempts to fix anything, as it will change your computer to make your HJT log inaccurate.

#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:02:03 AM

Posted 26 July 2006 - 12:39 PM

Just some advice - IMO, the number one cause of infections of this type is caused by the user clicking on something unsafe - whether it's an email attachment, a popup ad, or a bad link.

I've had 3 infections in my time using computers and only one has caused any serious problems (it was the infection that hit all computers during Gulf War I). The other two were found and contained by my protection before they could do any harm.

I frequently spend time on the "bad" side of the internet while researching problems that have been posted on the forums - so why don't I get infected?

Here's what I think the reason is:
1) I have my antivirus and antispyware programs set on autoupdate - so they never get outdated.
2) I set my own firewall settings (Sygate Personal Firewall) - so I have to choose to let a lot of stuff out onto the web or in from the web
3) I will not ever click on something that I'm unsure about - without taking steps to "sandbox" it first. In the case of a popup (which slips by my popup blocker and my adblocker) - I'll shut down my browser before I click on it! In the case of an unknown attachment - there are freeware sandbox apps available for this on the web.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users