Concerning Scan

[BradBenstin]

I scanned my computer this morning with Malwarebytes, database version 6826. It reported that a folder I have hidden in my Windows folder was infected with Trojan.Banker.

This folder, and all of its contents (C:\Windows\System33) were considered infected. If you move that infected folder anywhere else and scan it, it reports that it is not infected. I deleted System33 and made a new System33 folder with new contents in it, it scanned as infected. I tried creating a System34 folder and putting files into it as well as renaming the infected System33 folder to System332 to see if they'd be infected, they return not infected.

What prompted me to do this scan was because this morning my Gmail account was hijacked and a spam e-mail sent out to anyone I've ever e-mailed. I changed my password about 15 minutes after this occurred. It appears the person logged in twice as far as I can tell from Gmail's account activity logger:

POP3 China (115.49.37.228) Jun 9 ~8:45 pm (16 hours ago)

Browser China (222.142.181.195) Jun 10 9:45 am (3 hours ago)

I haven't done a Malwarebytes scan for a long time (several months I'd say), I keep AVG Free 2011 running in the background always.

Does anyone think this might just be a false positive, or is it more likely that someone has targeted my C:\Windows\System33 folder directly to obtain the information I had hidden there?

If it's the latter, the issue is still present and I don't know how to fix it.

[daledoc1]

Hello and welcome, BradBenstin:

Sorry to hear that your computer may be infected.

It sounds like you could use some help from the malware experts.

Alas, we do not work on malware detection or removal in this particular part of the General MBAM forum.

However, free, expert assistance can be found at the malware removal-HJT forum.

Here's how to get started:

1. First, please go to THIS PAGE, print out, read and follow as many instructions as you can, skipping any you are unable to complete.

2. Then, please describe your computer's symptoms as best you can and post the requested logs by starting a new thread at the Malware Removal-HJT forum . (Please use copy/paste to include the scan results directly in the body of your post, rather than attaching the log files.)

One of the authorized, trained experts will then assist you as soon as possible for one-on-one malware detection and removal.

When you post, please be sure to select Track This Topic & choose one of the email options, so that you will be notified when someone responds.

Please be patient and allow at least 24-48 hours before bumping your thread - the "0" reply count helps the experts spot your thread.

Other Support Options:

--- Alternatively, as a paying customer using MBAM PRO, you may wish instead to start a support ticket by contacting support at: support@malwarebytes.org; or

--- Premium, fee-based support options are available here.

NOTE: If you are a reseller, affiliate, technician, corporate, business, educational, government or non-profit customer then please contact corporate-support@malwarebytes.org and include full contact details along with your Reference # when you do, in order to ensure that you receive prompt assistance.

Also, please use the "Add Reply" button when replying here & at the other boards, so that it will be easier for everyone to follow the thread.

I hope this gets you started on cleaning up your system,

daledoc1

[BradBenstin]

Thank you, I have completed the steps and have posted them in the proper section.

http://forums.malwarebytes.org/index.php?showtopic=86916