November 16th, 2014, 02:16 PM
#1
[Inactive] MBAM Found Trojan Downloader on Regular Check
I've been keeping up Mbam and running other scans regularly and trying to keep Secunia up to date. This latest scan found PUPs and a file listed as a Trojan Downloader. I had them quarentined.www.malwarebytes.org
November 17th, 2014, 03:40 PM
#2
Please, observe following rules:Read all of my instructions very carefully .If you're stuck, or you're not sure about certain step, always ask before doing anything else. Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest. Never run more than one scan at a time. Keep updating me regarding your computer behavior, good, or bad. The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know. If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum. I close my topics if you have not replied in 5 days .RogueKiller from one of the following links and save it to your Desktop:Link 1 Link 2 Close all the running programs Windows Vista/7/8 users: right click on RogueKiller.exe , click Run as Administrator Otherwise just double-click on RogueKiller.exe Pre-scan will start. Let it finish. Click on SCAN button. Wait until the Status box shows Scan Finished Click on Delete . Wait until the Status box shows Deleting Finished . Click on Report and copy/paste the content of the Notepad into your next reply. RKreport.txt could also be found on your desktop.If more than one log is produced post all logs. If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again Create new restore point before proceeding with the next step.... http://www.smartestcomputing.us.com/...t-all-windows/ Malwarebytes Anti-Rootkit Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights. Double click on downloaded file. OK self extracting prompt. MBAR will start. Click "Next " to continue. Click in the following screen "Update " to obtain the latest malware definitions. Once the update is complete select "Next " and click "Scan ". When the scan is finished and no malware has been found select "Exit ". If malware was detected, make sure to check all the items and click "Cleanup ". Reboot your computer. Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:"mbar-log-{date} (xx-xx-xx) .txt" "system-log.txt" This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes icon in the system tray and click on Exit .
November 19th, 2014, 05:46 PM
#3
Hello Broni,
November 19th, 2014, 05:55 PM
#4
Is the computer bootable in any mode?
November 19th, 2014, 06:26 PM
#5
Hello Broni,
November 19th, 2014, 06:37 PM
#6
Tried "Last known good configuration"?
November 19th, 2014, 09:43 PM
#7
I booted on "Last known good configuration" and it loked like I was OK. However, when I choose my desktop to go to, it went to the Blue Stop screen.
November 19th, 2014, 10:00 PM
#8
NOTE 1. Use another working computer to download Farbar Recovery Scan Tool. Use USB flash drive to transfer it from good computer to the bad one.Panda USB Vaccine , or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.Vista or Windows 7 enter System Recovery Options . To enter System Recovery Options from the Advanced Boot Options: Restart the computer. As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears. Use the arrow keys to select the Repair your computer menu item. Select US as the keyboard language settings, and then click Next . Select the operating system you want to repair, and then click Next . Select your user account an click Next . To enter System Recovery Options by using Windows installation disc: Insert the installation disc. Restart your computer. If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings. Click Repair your computer . Select US as the keyboard language settings, and then click Next . Select the operating system you want to repair, and then click Next . Select your user account and click Next . On the System Recovery Options menu you will get the following options: Startup Repair System Restore Windows Complete PC Restore Windows Memory Diagnostic Tool Command Prompt Select Command Prompt In the command window type in notepad and press Enter . The notepad opens. Under File menu select Open . Select "Computer" and find your flash drive letter and close the notepad. In the command window type e :\frste :\frst64Enter Note: Replace letter e with the drive letter of your flash drive. The tool will start to run. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt ) on the flash drive. Please copy and paste it to your reply.
November 22nd, 2014, 10:21 AM
#9
OK Broni,ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. http://www.geekstogo.com/forum/topic...ery-scan-tool/
November 22nd, 2014, 10:24 AM
#10
OK Broni,ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. http://www.geekstogo.com/forum/topic...ery-scan-tool/
November 22nd, 2014, 10:27 AM
#11
Sorry for the double post. The forum sent me to a new page saying the message did not send and to wait 30 seconds and post again.
November 22nd, 2014, 10:29 PM
#12
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system FRST(FRST64) Fix button just once and wait.
November 22nd, 2014, 11:00 PM
#13
Broni,
November 22nd, 2014, 11:03 PM
#14
There is no sign of any infection anymore so you must have some other issues.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
Forum Rules
Reply With Quote
