Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: I think I got a Trojan, please help me.

  1. #11
    Junior Member
    Join Date
    Jun 2008
    Posts
    9

    Default

    I have a question though. I ran casper sky after I posted the last log, and at 67% it said there were 3 threats and 7 infected items. Is this expected? Also should I take AVG Free off my system, it hardly ever catches anything.

  2. #12
    Junior Member
    Join Date
    Jun 2008
    Posts
    9

    Default

    Here is the Kaspersky log. Please tell me if everything is fine or if I need to take more steps to get rid of whatever the threats and stuff are. And if I just need to take the steps you just gave me.

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7 REPORT
    Thursday, June 19, 2008
    Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Thursday, June 19, 2008 15:17:52
    Records in database: 879503
    --------------------------------------------------------------------------------

    Scan settings:
    Scan using the following database: extended
    Scan archives: yes
    Scan mail databases: yes

    Scan area - My Computer:
    C:\
    D:\

    Scan statistics:
    Files scanned: 39555
    Threat name: 3
    Infected objects: 7
    Suspicious objects: 0
    Duration of the scan: 01:11:17


    File name / Threat name / Threats count
    C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-439830c0 Infected: Exploit.Java.Gimsh.b 1
    C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-50c10158.zip Infected: Exploit.Java.Gimsh.b 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\buplsan.dll.vir Infected: Trojan.Win32.BHO.ebx 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\papdfim.dll.vir Infected: Trojan.Win32.BHO.ebx 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\tapdfo.dll.vir Infected: Trojan.Win32.BHO.ebx 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\tupdfan.dll.vir Infected: Trojan.Win32.BHO.ebx 1
    C:\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.a 1

    The selected area was scanned.

  3. #13
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi

    Show hidden files
    -----------------
    * Click Start.
    * Open My Computer.
    * Select the Tools menu and click Folder Options.
    * Select the View Tab.
    * Under the Hidden files and folders heading select Show hidden files and folders.
    * Uncheck the Hide protected operating system files (recommended) option.
    * Click Yes to confirm.
    * Click OK.

    Delete these:
    C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-439830c0
    C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-50c10158.zip

    Then we need to re-hide system files. To do so, please follow the steps below:
    1. Double-click My Computer.
    2. Click the Tools menu, and then click Folder Options.
    3. Click the View tab.
    4. Put a check by
      Hide file extensions for known file types.
    5. Under the
      Hidden files
      folder, select
      Show hidden files and folders.
    6. Check
      Hide protected operating system files.
    7. Click Apply, and then click OK.



    These will be deleted when you uninstall ComboFix:
    C:\QooBox\Quarantine\C\WINDOWS\system32\buplsan.dll.vir Infected: Trojan.Win32.BHO.ebx 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\papdfim.dll.vir Infected: Trojan.Win32.BHO.ebx 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\tapdfo.dll.vir Infected: Trojan.Win32.BHO.ebx 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\tupdfan.dll.vir Infected: Trojan.Win32.BHO.ebx 1

    This is ok:
    C:\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.a 1
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  4. #14
    Junior Member
    Join Date
    Jun 2008
    Posts
    9

    Default

    thanks so much. Everything is fixed.

  5. #15
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

    Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

    If it has been less than five days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •