Author Topic: infected with Win32:TratBHO [Trj]. PLEASE HELP!  (Read 4195 times)

0 Members and 1 Guest are viewing this topic.

orysia

  • Guest
infected with Win32:TratBHO [Trj]. PLEASE HELP!
« on: April 30, 2008, 12:09:52 AM »
My computer is infected with the Win32:TratBHO [trj] .  I tried everything and I'm not sure if it helped or not and whether or not the virus is still there (most likely yes). I scanned with Avast which detected it but I can't remove or rename it. I scanned with other programs as well, but nothing seems to be working.
I'm pasting the log from combofix below. Anything else I need to do? Please help me out and let me know. I'm not very efficient with computers and I'm panicing because I have an important paper due in 12 hrs.

Thank you in advance!
-Orysia

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67198
Re: infected with Win32:TratBHO [Trj]. PLEASE HELP!
« Reply #1 on: April 30, 2008, 12:57:43 AM »
I suggest:

1. Disable System Restore and reenable it after step 3.
2. Clean your temporary files.
3. Schedule a boot time scanning with avast with archive scanning turned on.
4. Use SUPERantispyware and/or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
7. Immunize your system with SpywareBlaster or Windows Advanced Care.
8. Check if you have insecure applications with Secunia Software Inspector.
The best things in life are free.

orysia

  • Guest
Re: infected with Win32:TratBHO [Trj]. PLEASE HELP!
« Reply #2 on: April 30, 2008, 03:05:12 AM »
I  cleaned my temp files, scanned at boot time, tried quarantining/removing/renaming (except I recieved an error message saying that the file could not be found or was in use), and made a hijackthis log. I had a problem with the log as i recieved a message stating "the system denied write access to the host file. If any hijacked domains are in this file, hijack this will not may able to fix this. If that happens you need to edit the file yourself...". So I tried opening hijackthis as administrator and scanning which worked (but I'm not sure if properly).

orysia

  • Guest
Re: infected with Win32:TratBHO [Trj]. PLEASE HELP!
« Reply #3 on: April 30, 2008, 03:09:41 AM »
I might have uploaded the wrong log file?
Heres the new one.