Jump to content

Persistant Trojan


Recommended Posts

Hi all, I've got a bad trojan that just can't be eradicated. It's in C:\Users\ME\AppData\Roaming\Microsoft\Windows\Startmenu\Programs\Startup\win.exe

Every time I delete it, the log is the same,

Malwarebytes' Anti-Malware 1.44

Database version: 3811

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

7/25/2010 12:40:18 PM

mbam-log-2010-07-25 (12-40-18).txt

Scan type: Quick Scan

Objects scanned: 107629

Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

Furthermore, when i try to update, it brings up Error Code:732, please contatct MBAM team

Is this due to the trojan, or should i do something specific about this?

Thanks for any help in advance

Link to post
Share on other sites

Hello solarius, :)

Malwarebytes' Anti-Malware 1.44

Database version: 3811

You have both 2 program versions and over 500 DB version out of date!

So please follow the instructions below to update the program:

For Windows Vista and Windows 7:

  1. Click on the Start vista-7-start.png button and select Control Panel
  2. Click on Programs and Features
  3. Uninstall Malwarebytes' Anti-Malware
  4. Restart your computer very important
  5. Download and run mbam-clean.exe from here
  6. It will ask to restart your computer, please allow it to do so very important
  7. After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here. Remember to enable your Anti-Virus after installation.

Note:

  • You will need to reactivate the program using the license you were sent via email if using the Pro version
  • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
    Restart the computer again and verify that MBAM is in the task tray if using the Pro version.
  • Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

If the problem persists, I would recommend having an expert helper to check the system. As we don't work on Malware removal or diagnostics in this forum, please read carefully and follow the directions below so that a qualified expert helper can check your system for free -

  • If you have already submitted for assistance at one of the other support sites on the Internet, then you should not post a new topic here and stay working with the helper from that site until the issue is resolved.
  • Please print out, read, and follow the directions here, skipping any steps you are unable to complete.
  • Then post a NEW topic here, remember to describe your problem along with the necessary logs (MBAM ,DDS, GMER) in that topic. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.
  • One of the expert helpers there will give you one-on-one assistance when one becomes available.
  • After posting your new topic, make sure under options (top right of your topic screen), you select Track this topic and choose one of the Email options (prefer Immediate Email Notification) so that you're alerted when someone has replied to your post.
  • Please be patient when waiting for an expert help as the expert helpers can get a bit busy.
  • Please try not to post back (bump) your topic within the first 48 hours. Expert helpers will find the topics which has a zero post count first. If you bump your topic, expert helpers may think the topic is replied and jump to other posts.
    If there is no reply from any experts after 48 hours, you can reply the topic for asking help again or send a Private Message to a Moderator asking for assistance.
  • Please do not alter the system (eg install or uninstall any software, conduct some fixes, use any removal/scanning tool) after posting unless it is told by the expert helper. Using these other tools often makes the cleanup task more difficult and time consuming.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or via here for a prioritized support. Please remember to quote your cleverbridge Reference Number from the confirmation e-mail when requesting assistance.

If you're a Corporate or Technician Licensed customer seeking assistance please send an email to corporate-support@malwarebytes.org. Please quote your order reference number when you send the request.

NOTE: If for some reason you're unable to run some of the tools in the first link, then skip that step and move on to the next one. If you can't even run any tools in safe mode, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Thank You :)

PS Please use the "ADDREPLY" t_reply.gif button at bottom of forum window instead of other ones when you start replying. :)

Edit - correcting typos.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.