Jump to content

trojan downloader


Recommended Posts

Hello I got infected with this fake trojan downloader this morning. I have the full version of your program. How do I set it so that this can't get in my computer. I am posting the file below. If I have my settings wrong let me know. I update every 2am and run the short scan. I always have it running for protection.

I love your program and it saved my sons new laptop from a horrible onslaught of trojans right after he bought it, he got infected. I started it in safe mode and it cleared everything!

Malwarebytes' Anti-Malware 1.44

Database version: 3902

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

3/23/2010 9:06:16 AM

mbam-log-2010-03-23 (09-05-59).txt

Scan type: Full Scan (C:\|)

Objects scanned: 265174

Time elapsed: 1 hour(s), 50 minute(s), 53 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 20

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Amor MPEG to DVD Burner v1.7\keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Apis DVD Ripper v2.24\Patch\Patch.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Aurora DVD Copy v3.1.0\Aurora DVD Copy v3.1.0 keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\BlazeDVD v3.0 Pro\BlazeDVD v3.0 Pro Keygen.exe (Malware.Packer.Gen) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\CD DVD Data Recovery V1.0.65\Keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\DVD Audio Extractor v3.3.3\DVD Audio Extractor v3.3.3 KeyGen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\DVD Composer v1.0.1\Patch.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\DVD Ghost v.2.1\DVD Ghost\DVD Ghost keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\DVD Power Burner 2006 Pro v2.7.1\DVD Power Burner Pro v2.7.1 keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\DVD Rebuilder Pro Edition v1.00.RC5.1\DVD Rebuilder Pro Edition v1.00.RC5.1 keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\DVD XCopy Deluxe v6.0\Patch.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Easy DVD CD Burner v3.0.49\Crack\eburn.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Easy DVD to DVD Copy Pro v3.0.18\Easy DVD to DVD Copy Pro v3.0.18\Crack\DVDCopy.exe (Malware.Packer.Morphine) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\HT Burn DVD v3.2 Retail\HT Burn DVD v3.2 Retail Keygen.exe (Malware.Packer.Gen) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Lavavo DVD Ripper v3.02\Lavavo DVD Ripper v3.02 keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Magic DVD Copier v4.0\keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Sony DVD Architect v3.0c\Sony DVD Architect v3.0c\Sony DVD Architect v3.0c keygen.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Super Clone DVD v4.20050106\Patch\Patch.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\Super DVD Creator v8.5.8.0.2005.4.26\Patch\Patch.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\Owner\Desktop\New Folder\AutoPlay\Docs\ZJMedia WinAVI DVD Copy v4.5\Patch\Patch.exe (Trojan.Downloader) -> No action taken.

Link to post
Share on other sites

Hi.

If you need help with malware problems, please copy this post to the Malware Removal - HiJackThis logs subforum. This isn't the right place for your post.

But I can say, it's not recommended to use Keygens, they aren't usually safe :lol:

Thanks I told my husband that same thing :unsure:

I will repost to that forum if the crap comes back!

Link to post
Share on other sites

Try to locate and simply delete the files and scan again. Is there a option to set the program to quarantine the infected files when found?

The files are in quarantine. Now my malwarebytes won't upgrade so I sent a ticket to the support team for that.

I am so irritated but with good help I will fix this! Years ago I saved a windows98 system infected with 13 trojans. It took a long time but that thing worked for many years after that, until a storm took out the hard drive.

Thanks Fran

Link to post
Share on other sites

Have now solved the immediate problem by going into safe mode and scanning/removing with the Malwarebytes system. Without going into safe mode, the invader wouldn't let me run the system.

These bogus antivirus attacks seem to me to amount to criminal activity--extortion comes to mind: holding access to the computer to ransom for money--so is there being any official action being taken against them? It strikes me that the credit card trail from people who have been taken in could be used.

Link to post
Share on other sites

Have now solved the immediate problem by going into safe mode and scanning/removing with the Malwarebytes system. Without going into safe mode, the invader wouldn't let me run the system.

These bogus antivirus attacks seem to me to amount to criminal activity--extortion comes to mind: holding access to the computer to ransom for money--so is there being any official action being taken against them? It strikes me that the credit card trail from people who have been taken in could be used.

Did you mean those viruses that steal your credit card information allowing the bad guys to use it?

I think thats the second worse infection there can be. I have CCleaner to clear temp data from my browser and system to prevent any kind of misuse of them so that type of malware doesn't harm me.

At larger scale, people can blame themselves if they lose their credit card info to baddies by getting infected. Everyone who uses the internet or even computers should spend that few hours to learn the basics about internet security etc. Only by keeping an eye on the users processes and regular functions you can notice possible infections. Then there's one simple way of securing your personal data, preventing trojan downloaders and backdoors etc. from working: unplug your internet cable and they can't lurk information out of your computer. You can relax and handle the infection without rushing.

Don't think that your system will blow up in the air if you don't do something fast. Take your time and you might get something done :unsure:

Link to post
Share on other sites

  • Root Admin

If you feel you're still infected please follow the advise below.

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someon has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.