« previous next »
Pages: [1]   Go Down

Author Topic: trojan  (Read 4291 times)

0 Members and 1 Guest are viewing this topic.

PurePompey

  • Guest
trojan
« on: October 02, 2008, 12:29:40 PM »
A0079861.exe  C:\system volume information\_restore...       win32:Fraudo (trj)
ieupdates.exe  C:\WINDOWS\system32                              win32:Fraudo (trj)
zs880000[1].exe  C:\Documents and settings\my name...      win32:Fraudo (trj)

Hi guys Avast has come up with the above i have moved these to the fault but to be honest don't know what it means or what to do with the files for the best. I understand that its a trojan but thats about it. whats the best advice for these files that you can give bearing in mind i am not a computer genius and don't really understand a lot about spy ware etc etc etc.
                 Thankyou
Logged

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89690
  • No support PMs thanks
Re: trojan
« Reply #1 on: October 02, 2008, 03:21:41 PM »
The win32.fraudo is the same as these antivirus 2008 style fake virus alerts trying to extract money (fraudulently) by having you buy the program.

Since this has been detected I would also suggest you run these other tools, see below. I would also suggest you clear your temporary internet files and temporary folders, etc.

If you haven't already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
1. SUPERantispyware On-Demand only in free version.

2. MalwareBytes Anti-Malware freeware version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

PurePompey

  • Guest
Re: trojan
« Reply #2 on: October 02, 2008, 09:12:18 PM »
Thanks David this makes sense as not to long ago i did get av2009 come up and even when i tried to stop the install it ignored my requests and avast alerted me i'll download both items you suggest.
Logged

PurePompey

  • Guest
Re: trojan
« Reply #3 on: October 02, 2008, 09:43:51 PM »
Malwarebytes' Anti-Malware 1.28
Database version: 1226
Windows 5.1.2600 Service Pack 3

02/10/2008 20:40:05
mbam-log-2008-10-02 (20-40-05).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 95978
Time elapsed: 20 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Ok so here are the results of the malware scan with the trj still in the avast chest i hope i've got this right will post results of SUPER once i can get the software on comp
Logged

PurePompey

  • Guest
Re: trojan
« Reply #4 on: October 02, 2008, 09:49:39 PM »
everytime i try and get the SUPER i keep getting corrupt installation detected???????
Logged

wyrmrider

  • Guest
Re: trojan
« Reply #5 on: October 02, 2008, 10:09:05 PM »
leave those files in the chest
It is really strange that MBAM did not find any additional Fragments from a fraudo infection
you can try and get SAS working
or how about an online scan with Kaspersky (use IE)
spybot search and destroy and A-squared are also reliable scanners
(due to possible False Positives always quarantine - do not remove/ delete

you can read the stickie at the top of this forum and post a Hijack this
read all the instructions

so -second opinion time
another AV scan
another Spybot/antimalware scn
Logged

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89690
  • No support PMs thanks
Re: trojan
« Reply #6 on: October 02, 2008, 10:40:36 PM »
Quote from: PurePompey on October 02, 2008, 09:49:39 PM
everytime i try and get the SUPER i keep getting corrupt installation detected???????

Are you using a download manager to download SAS ?
You could try another location to download - http://www.filehippo.com/download_superantispyware/.

Also Try this tool, RogueRemover, available here http://www.malwarebytes.org/rogueremover.php

av2009 might well have something to hide components so some more tools.
Also see, anti-rootkit, detection, removal & protection http://www.antirootkit.com/software/index.htm. Try these as they are some of the more efficient and user friendly anti-rootkit tools.
- Panda Rootkit Cleaner - http://research.pandasoftware.com/blogs/images/AntiRootkit.zip.
- Trend Micro RootkitBuster - http://www.trendmicro.com/download/rbuster.asp
- F-Secure Blacklight may not always be available, http://www.f-secure.com/blacklight
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »