TR/Trash.Gen [trojan]

View previous topic View next topic Go down

Solved Re: TR/Trash.Gen [trojan]

Post by vitrola on Wed Aug 18, 2010 1:54 am

Hello

very bad
No sound, no keyboard. I had to change the keyboard USB port. And when I try to close or minimize some windows is like not working, like freezing and after a time it works.
I'm very confused.
And Avira found yesterday the TR/Trash. Gen A0006184.exe again, moved to quarantine but it's like coming again?


vitrola
Novice
Novice

Posts Posts : 32
Joined Joined : 2010-07-17
OS OS : windows XP professional version 2002
Points Points : 23762
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: TR/Trash.Gen [trojan]

Post by Belahzur on Wed Aug 18, 2010 9:52 pm

Hello.

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Does Avira still say it now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: TR/Trash.Gen [trojan]

Post by vitrola on Thu Aug 19, 2010 1:25 am

Hello

No, not now.
And the sound and the keyboard are working OK, but from time to time, I have to change the keyboard USB connection to another USB port, and then, the problem is solved, but then, after a time, happen again. And the same with the sound system. Normally if I reboot the PC the sound comes back. It's happening long time ago.

What to do next?
Is the problem solved?

Cheers




vitrola
Novice
Novice

Posts Posts : 32
Joined Joined : 2010-07-17
OS OS : windows XP professional version 2002
Points Points : 23762
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: TR/Trash.Gen [trojan]

Post by Sneakyone on Fri Aug 20, 2010 3:17 am

Hi.

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: TR/Trash.Gen [trojan]

Post by vitrola on Fri Aug 20, 2010 7:07 am

Hello

Firstly I run it directly by mistake because I couldn't find the file path, and then as was never finishing to create a log, I thought I did it something wrong and then I tried to stop it, and finally I did it disconnecting energy supply.
But, then, I found the path of the commy file, and I follow your instructions. And this time the log came very quick.


ComboFix 10-08-18.04 - yo 20/08/2010 3:36.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.2037.1491 [GMT -3:00]
Running from: c:\documents and settings\yo\escritorio\commy.exe
Command switches used :: /stepdel
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\archivos de programa\\setup.exe
c:\archivos de programa\Setup.exe

.
((((((((((((((((((((((((( Files Created from 2010-07-20 to 2010-08-20 )))))))))))))))))))))))))))))))
.

2010-08-19 20:53 . 2010-08-19 20:54 -------- d-----w- c:\archivos de programa\memtest86+-4.10.usb.installer
2010-08-19 20:53 . 2010-08-19 20:53 144308 ----a-w- c:\archivos de programa\memtest86+-4.10.usb.installer.zip
2010-08-18 19:15 . 2010-08-18 19:15 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple Computer
2010-08-17 19:43 . 2010-08-17 19:43 -------- d-----w- C:\_OTL
2010-08-17 06:58 . 2010-08-17 06:58 -------- d-----w- c:\documents and settings\Administrador\Datos de programa\Malwarebytes
2010-08-15 20:04 . 2010-08-15 20:04 260384 ----a-w- c:\archivos de programa\SoftonicDownloader22897.exe
2010-08-15 07:27 . 2010-08-15 07:27 -------- d-----w- c:\documents and settings\yo\Datos de programa\.oit
2010-08-15 05:58 . 2010-08-15 05:58 -------- d-----w- c:\documents and settings\yo\Datos de programa\GlarySoft
2010-08-15 05:58 . 2010-08-15 05:58 -------- d-----w- c:\archivos de programa\Glary Undelete
2010-08-15 05:57 . 2010-08-15 05:57 3354016 ----a-w- c:\archivos de programa\gunsetup.exe
2010-08-15 05:54 . 2010-08-15 05:54 260400 ----a-w- c:\archivos de programa\SoftonicDownloader70493.exe
2010-08-15 03:36 . 2010-08-15 03:36 -------- d-----w- c:\archivos de programa\ESET
2010-08-14 19:28 . 2010-08-14 19:28 -------- d-----w- c:\archivos de programa\SoftLogica
2010-08-14 19:27 . 2010-08-14 19:28 1676456 ----a-w- c:\archivos de programa\handyrecovery4.exe
2010-08-14 18:33 . 2010-08-14 18:33 260400 ----a-w- c:\archivos de programa\SoftonicDownloader32483.exe
2010-08-14 17:05 . 2010-08-14 17:05 -------- d-----w- c:\archivos de programa\Kroll Ontrack
2010-08-14 17:01 . 2010-08-14 17:04 45192311 ----a-w- c:\archivos de programa\erprot.exe
2010-08-14 17:00 . 2010-08-14 17:00 260424 ----a-w- c:\archivos de programa\SoftonicDownloader12296.exe
2010-08-14 04:22 . 2010-08-14 04:22 -------- d-----w- c:\documents and settings\yo\Datos de programa\Apple Computer
2010-08-14 03:44 . 2010-08-18 19:15 -------- d-----w- c:\archivos de programa\QuickTime
2010-08-14 03:44 . 2010-08-14 03:44 -------- d-----w- c:\archivos de programa\Archivos comunes\Apple
2010-08-14 03:43 . 2010-08-14 03:44 -------- d-----w- c:\archivos de programa\Apple Software Update
2010-08-14 03:43 . 2010-08-14 03:43 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple
2010-08-13 22:18 . 2010-08-13 22:18 388096 ----a-r- c:\documents and settings\yo\Datos de programa\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-08-13 22:18 . 2010-08-13 22:18 -------- d-----w- c:\archivos de programa\TrendMicro
2010-08-13 22:15 . 2010-08-13 22:15 1401344 ----a-w- c:\archivos de programa\HijackThis.msi
2010-08-08 22:19 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-08 22:18 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-08 20:40 . 2010-08-08 20:40 6153352 ----a-w- c:\archivos de programa\mbam-setup-1.46.exe
2010-08-06 19:48 . 2010-08-06 19:48 -------- d-----w- c:\windows\Sun
2010-08-06 07:09 . 2010-08-07 05:09 -------- d-----w- c:\documents and settings\yo\Datos de programa\Youtube Downloader HD
2010-08-06 07:09 . 2010-08-06 07:09 -------- d-----w- c:\archivos de programa\Youtube Downloader HD
2010-08-06 07:08 . 2010-08-06 07:08 3513989 ----a-w- c:\archivos de programa\youtube_downloader_hd_setup.exe
2010-08-05 04:40 . 2010-08-05 04:40 503808 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4f72e18e-n\msvcp71.dll
2010-08-05 04:40 . 2010-08-05 04:40 499712 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4f72e18e-n\jmc.dll
2010-08-05 04:40 . 2010-08-05 04:40 348160 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4f72e18e-n\msvcr71.dll
2010-08-05 04:40 . 2010-08-05 04:40 61440 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-539a9a21-n\decora-sse.dll
2010-08-05 04:40 . 2010-08-05 04:40 12800 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-539a9a21-n\decora-d3d.dll
2010-08-02 16:01 . 2010-08-02 16:01 -------- d-----w- c:\documents and settings\yo\Datos de programa\Malwarebytes
2010-08-02 16:00 . 2010-08-08 22:22 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2010-08-02 16:00 . 2010-08-02 16:00 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Malwarebytes
2010-07-31 08:11 . 2010-08-12 01:32 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Spybot - Search & Destroy
2010-07-31 08:11 . 2010-08-02 21:56 -------- d-----w- c:\archivos de programa\Spybot - Search & Destroy
2010-07-30 18:22 . 2010-08-09 04:48 -------- d-----w- c:\archivos de programa\OTL
2010-07-30 05:35 . 2010-07-30 05:35 -------- d-----w- c:\archivos de programa\Archivos comunes\Adobe
2010-07-30 05:14 . 2010-07-30 05:14 -------- d-----w- c:\archivos de programa\JavaRa
2010-07-30 05:12 . 2010-07-30 05:12 -------- d-----w- c:\archivos de programa\Archivos comunes\Java
2010-07-30 05:12 . 2010-07-30 05:12 503808 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-250f7da7-n\msvcp71.dll
2010-07-30 05:12 . 2010-07-30 05:12 499712 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-250f7da7-n\jmc.dll
2010-07-30 05:12 . 2010-07-30 05:12 348160 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-250f7da7-n\msvcr71.dll
2010-07-30 05:12 . 2010-07-30 05:12 61440 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3042ecd6-n\decora-sse.dll
2010-07-30 05:12 . 2010-07-30 05:12 12800 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3042ecd6-n\decora-d3d.dll
2010-07-30 05:12 . 2010-07-30 05:11 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-30 05:11 . 2010-07-30 05:11 -------- d-----w- c:\archivos de programa\Java
2010-07-30 01:56 . 2010-07-30 01:56 -------- d-----w- c:\documents and settings\NetworkService\Escritorio

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-20 06:37 . 2009-07-14 23:06 -------- d-----w- c:\documents and settings\yo\Datos de programa\uTorrent
2010-08-19 15:32 . 2009-03-13 17:04 -------- d-----w- c:\documents and settings\yo\Datos de programa\dvdcss
2010-08-19 04:49 . 2009-03-13 15:58 -------- d-----w- c:\documents and settings\yo\Datos de programa\Vso
2010-08-17 22:24 . 2008-12-09 14:13 -------- d-----w- c:\documents and settings\yo\Datos de programa\Winamp
2010-08-16 05:10 . 2008-12-09 14:28 -------- d-----w- c:\archivos de programa\eMule
2010-08-14 17:05 . 2008-12-09 14:00 -------- d--h--w- c:\archivos de programa\InstallShield Installation Information
2010-08-14 17:04 . 2008-12-09 14:00 -------- d-----w- c:\archivos de programa\Archivos comunes\InstallShield
2010-08-13 01:20 . 2010-01-06 20:40 -------- d-----w- c:\archivos de programa\Ares
2010-08-12 01:21 . 2009-11-06 19:28 -------- d-----w- c:\archivos de programa\Last.fm
2010-08-11 14:45 . 2010-07-14 22:43 -------- d-----w- c:\documents and settings\yo\Datos de programa\vlc
2010-08-05 17:31 . 2010-06-22 21:21 -------- d-----w- c:\documents and settings\yo\Datos de programa\foobar2000
2010-08-05 03:44 . 2010-06-28 03:25 -------- d-----w- c:\archivos de programa\Burrrn
2010-08-03 15:49 . 2008-12-09 13:57 16608 ----a-w- c:\windows\gdrv.sys
2010-08-02 22:01 . 2010-06-22 04:16 -------- d-----w- c:\archivos de programa\Monkey's Audio
2010-08-02 21:53 . 2008-12-09 14:08 -------- d-----w- c:\archivos de programa\CCleaner
2010-08-02 21:51 . 2010-07-14 22:41 -------- d-----w- c:\archivos de programa\VLC
2010-08-02 21:50 . 2010-07-07 04:10 -------- d-----w- c:\archivos de programa\EVEREST Ultimate Edition
2010-08-02 21:49 . 2010-06-22 21:21 -------- d-----w- c:\archivos de programa\foobar2000
2010-08-02 21:44 . 2010-06-19 07:18 -------- d-----w- c:\archivos de programa\Illustrate
2010-08-02 21:33 . 2008-12-09 14:13 -------- d-----w- c:\archivos de programa\Winamp
2010-08-02 21:31 . 2010-05-03 16:07 -------- d-----w- c:\archivos de programa\RemoveWGA_Victorxxx
2010-08-02 21:30 . 2010-01-24 21:48 -------- d-----w- c:\archivos de programa\Avira
2010-08-02 21:29 . 2009-03-13 15:58 -------- d-----w- c:\archivos de programa\VSO
2010-08-02 21:25 . 2010-02-04 19:01 -------- d-----w- c:\archivos de programa\VirtualDub-1.9.8
2010-08-02 21:22 . 2010-06-19 00:19 -------- d-----w- c:\archivos de programa\TotalAudioConverter
2010-07-31 07:20 . 2008-12-09 14:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Lavasoft
2010-07-30 05:32 . 2009-11-02 23:42 -------- d-----w- c:\archivos de programa\VDOWNLOADER
2010-07-23 15:24 . 2010-05-03 15:17 -------- d-----w- c:\archivos de programa\TuneUp Utilities 2010
2010-07-17 22:16 . 2010-07-17 22:16 54744 ----a-w- c:\documents and settings\All Users\Datos de programa\WidgetServer\uninst.exe
2010-07-17 22:16 . 2010-07-17 22:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\WidgetServer
2010-07-16 21:45 . 2010-06-03 23:51 -------- d-----w- c:\archivos de programa\Winamp Detect
2010-07-16 21:45 . 2010-07-16 21:45 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Winamp Toolbar
2010-07-16 21:45 . 2010-07-16 21:45 -------- d-----w- c:\archivos de programa\Winamp Toolbar
2010-07-16 05:23 . 2001-08-24 10:00 51286 ----a-w- c:\windows\system32\perfc00A.dat
2010-07-16 05:23 . 2001-08-24 10:00 362564 ----a-w- c:\windows\system32\perfh00A.dat
2010-07-15 18:10 . 2010-07-15 18:10 -------- d-----w- c:\archivos de programa\Windows Media Connect 2
2010-07-14 20:11 . 2010-07-14 19:49 -------- d-----w- c:\archivos de programa\RealArcade
2010-07-12 20:27 . 2010-07-12 20:27 3299 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
2010-07-12 20:26 . 2010-06-18 01:31 869608 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-07-06 11:57 . 2010-05-03 15:18 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-07-06 11:52 . 2010-07-02 05:53 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-07-02 02:57 . 2010-07-02 02:57 -------- d-----w- c:\documents and settings\All Users\Datos de programa\McAfee
2010-06-30 12:32 . 2004-08-19 13:42 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 03:25 . 2010-06-28 03:25 -------- d-----w- c:\archivos de programa\burrrn_1.13
2010-06-25 16:20 . 2010-06-25 16:20 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb264.tmp.exe
2010-06-24 20:37 . 2010-06-24 20:37 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb22D.tmp.exe
2010-06-24 12:15 . 2004-08-19 13:42 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2004-08-19 13:42 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2004-08-19 13:41 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2004-08-19 13:30 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 16:10 . 2010-06-23 16:10 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb1C0.tmp.exe
2010-06-23 02:47 . 2010-06-23 02:47 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb13B.tmp.exe
2010-06-21 15:27 . 2004-08-03 21:14 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-21 15:05 . 2010-06-21 03:33 3151 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
2010-06-21 03:32 . 2010-06-21 03:32 3026 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
2010-06-21 03:27 . 2010-06-21 03:27 15349 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2010-06-17 14:03 . 2004-08-19 13:42 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 21:35 . 2004-08-03 21:14 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-14 21:33 . 2010-06-14 21:33 259072 ----a-w- c:\archivos de programa\Half-open_limit_fix_4.1.exe
2010-06-14 21:06 . 2010-06-14 21:06 260416 ----a-w- c:\archivos de programa\SoftonicDownloader81240.exe
2010-06-14 14:31 . 2008-12-09 13:50 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-08-19 13:42 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-04 19:31 . 2010-06-04 19:31 299864 ----a-w- c:\archivos de programa\dxwebsetup.exe
.

------- Sigcheck -------

[-] 2010-06-14 . CD00787894008369F56153B91FC28847 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\archivos de programa\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}"= "c:\archivos de programa\Softonic_ES\tbSof1.dll" [2010-05-10 2515552]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]
2010-05-10 17:39 2515552 ----a-w- c:\archivos de programa\Softonic_ES\tbSof1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}"= "c:\archivos de programa\Softonic_ES\tbSof1.dll" [2010-05-10 2515552]

[HKEY_CLASSES_ROOT\clsid\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C2ED826E-8903-4A9D-B0DF-3A8FB8EA918A}"= "c:\archivos de programa\Softonic_ES\tbSof1.dll" [2010-05-10 2515552]

[HKEY_CLASSES_ROOT\clsid\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-02 68856]
"uTorrent"="c:\archivos de programa\uTorrent\uTorrent.exe" [2009-07-15 288048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\archivos de programa\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\archivos de programa\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\archivos de programa\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\Real Alternative\\Media Player Classic\\mplayerc.exe"=
"c:\\Archivos de programa\\uTorrent\\uTorrent.exe"=
"c:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe"=
"c:\\Archivos de programa\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Archivos de programa\\eMule\\emule.exe"=
"c:\\Archivos de programa\\VLC\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"48312:UDP"= 48312:UDP:emule puerto
"45113:TCP"= 45113:TCP:emule puerto

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\archivos de programa\Avira\AntiVir Desktop\sched.exe [24/01/2010 06:48 p.m. 108289]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [06/07/2010 08:55 a.m. 1051968]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 05:24 a.m. 10064]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate;Servicio de actualización de Google (gupdate);c:\archivos de programa\Google\Update\GoogleUpdate.exe [03/02/2010 02:55 p.m. 135664]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\archivos de programa\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34]

2010-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2010-02-03 17:55]

2010-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2010-02-03 17:55]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: &Winamp Search - c:\documents and settings\All Users\Datos de programa\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\archivos de programa\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\yo\Datos de programa\Mozilla\Firefox\Profiles\pnydudbk.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - plugin: c:\archivos de programa\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\archivos de programa\Mozilla Firefox\plugins\npwachk.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Notify-WgaLogon - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-20 03:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-08-20 03:39:22
ComboFix-quarantined-files.txt 2010-08-20 06:39

Pre-Run: 111.494.111.232 bytes libres
Post-Run: 111.510.638.592 bytes libres

- - End Of File - - E6986F70A2103C9A126DFB97DB6835E8




vitrola
Novice
Novice

Posts Posts : 32
Joined Joined : 2010-07-17
OS OS : windows XP professional version 2002
Points Points : 23762
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: TR/Trash.Gen [trojan]

Post by Sneakyone on Sat Aug 21, 2010 3:54 am

Hi.

Re-running ComboFix to remove infections:

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:


    KillAll::

    TDL::
    c:\windows\system32\drivers\tcpip.sys

    Reboot::


  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: TR/Trash.Gen [trojan]

Post by vitrola on Sat Aug 21, 2010 7:41 am

Hello

ComboFix 10-08-18.04 - yo 21/08/2010 2:33.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.2037.1564 [GMT -3:00]
Running from: c:\documents and settings\yo\Escritorio\commy.exe
Command switches used :: c:\documents and settings\yo\Escritorio\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((( Files Created from 2010-07-21 to 2010-08-21 )))))))))))))))))))))))))))))))
.

2010-08-19 20:53 . 2010-08-19 20:54 -------- d-----w- c:\archivos de programa\memtest86+-4.10.usb.installer
2010-08-19 20:53 . 2010-08-19 20:53 144308 ----a-w- c:\archivos de programa\memtest86+-4.10.usb.installer.zip
2010-08-18 19:15 . 2010-08-18 19:15 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple Computer
2010-08-17 19:43 . 2010-08-17 19:43 -------- d-----w- C:\_OTL
2010-08-17 06:58 . 2010-08-17 06:58 -------- d-----w- c:\documents and settings\Administrador\Datos de programa\Malwarebytes
2010-08-15 20:04 . 2010-08-15 20:04 260384 ----a-w- c:\archivos de programa\SoftonicDownloader22897.exe
2010-08-15 07:27 . 2010-08-15 07:27 -------- d-----w- c:\documents and settings\yo\Datos de programa\.oit
2010-08-15 05:58 . 2010-08-15 05:58 -------- d-----w- c:\documents and settings\yo\Datos de programa\GlarySoft
2010-08-15 05:58 . 2010-08-15 05:58 -------- d-----w- c:\archivos de programa\Glary Undelete
2010-08-15 05:57 . 2010-08-15 05:57 3354016 ----a-w- c:\archivos de programa\gunsetup.exe
2010-08-15 05:54 . 2010-08-15 05:54 260400 ----a-w- c:\archivos de programa\SoftonicDownloader70493.exe
2010-08-15 03:36 . 2010-08-15 03:36 -------- d-----w- c:\archivos de programa\ESET
2010-08-14 19:28 . 2010-08-14 19:28 -------- d-----w- c:\archivos de programa\SoftLogica
2010-08-14 19:27 . 2010-08-14 19:28 1676456 ----a-w- c:\archivos de programa\handyrecovery4.exe
2010-08-14 18:33 . 2010-08-14 18:33 260400 ----a-w- c:\archivos de programa\SoftonicDownloader32483.exe
2010-08-14 17:05 . 2010-08-14 17:05 -------- d-----w- c:\archivos de programa\Kroll Ontrack
2010-08-14 17:01 . 2010-08-14 17:04 45192311 ----a-w- c:\archivos de programa\erprot.exe
2010-08-14 17:00 . 2010-08-14 17:00 260424 ----a-w- c:\archivos de programa\SoftonicDownloader12296.exe
2010-08-14 04:22 . 2010-08-14 04:22 -------- d-----w- c:\documents and settings\yo\Datos de programa\Apple Computer
2010-08-14 03:44 . 2010-08-18 19:15 -------- d-----w- c:\archivos de programa\QuickTime
2010-08-14 03:44 . 2010-08-14 03:44 -------- d-----w- c:\archivos de programa\Archivos comunes\Apple
2010-08-14 03:43 . 2010-08-14 03:44 -------- d-----w- c:\archivos de programa\Apple Software Update
2010-08-14 03:43 . 2010-08-14 03:43 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple
2010-08-13 22:18 . 2010-08-13 22:18 388096 ----a-r- c:\documents and settings\yo\Datos de programa\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-08-13 22:18 . 2010-08-13 22:18 -------- d-----w- c:\archivos de programa\TrendMicro
2010-08-13 22:15 . 2010-08-13 22:15 1401344 ----a-w- c:\archivos de programa\HijackThis.msi
2010-08-08 22:19 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-08 22:18 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-08 20:40 . 2010-08-08 20:40 6153352 ----a-w- c:\archivos de programa\mbam-setup-1.46.exe
2010-08-06 19:48 . 2010-08-06 19:48 -------- d-----w- c:\windows\Sun
2010-08-06 07:09 . 2010-08-07 05:09 -------- d-----w- c:\documents and settings\yo\Datos de programa\Youtube Downloader HD
2010-08-06 07:09 . 2010-08-06 07:09 -------- d-----w- c:\archivos de programa\Youtube Downloader HD
2010-08-06 07:08 . 2010-08-06 07:08 3513989 ----a-w- c:\archivos de programa\youtube_downloader_hd_setup.exe
2010-08-05 04:40 . 2010-08-05 04:40 503808 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4f72e18e-n\msvcp71.dll
2010-08-05 04:40 . 2010-08-05 04:40 499712 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4f72e18e-n\jmc.dll
2010-08-05 04:40 . 2010-08-05 04:40 348160 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4f72e18e-n\msvcr71.dll
2010-08-05 04:40 . 2010-08-05 04:40 61440 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-539a9a21-n\decora-sse.dll
2010-08-05 04:40 . 2010-08-05 04:40 12800 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-539a9a21-n\decora-d3d.dll
2010-08-02 16:01 . 2010-08-02 16:01 -------- d-----w- c:\documents and settings\yo\Datos de programa\Malwarebytes
2010-08-02 16:00 . 2010-08-08 22:22 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2010-08-02 16:00 . 2010-08-02 16:00 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Malwarebytes
2010-07-31 08:11 . 2010-08-12 01:32 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Spybot - Search & Destroy
2010-07-31 08:11 . 2010-08-02 21:56 -------- d-----w- c:\archivos de programa\Spybot - Search & Destroy
2010-07-30 18:22 . 2010-08-09 04:48 -------- d-----w- c:\archivos de programa\OTL
2010-07-30 05:35 . 2010-07-30 05:35 -------- d-----w- c:\archivos de programa\Archivos comunes\Adobe
2010-07-30 05:14 . 2010-07-30 05:14 -------- d-----w- c:\archivos de programa\JavaRa
2010-07-30 05:12 . 2010-07-30 05:12 -------- d-----w- c:\archivos de programa\Archivos comunes\Java
2010-07-30 05:12 . 2010-07-30 05:12 503808 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-250f7da7-n\msvcp71.dll
2010-07-30 05:12 . 2010-07-30 05:12 499712 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-250f7da7-n\jmc.dll
2010-07-30 05:12 . 2010-07-30 05:12 348160 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-250f7da7-n\msvcr71.dll
2010-07-30 05:12 . 2010-07-30 05:12 61440 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3042ecd6-n\decora-sse.dll
2010-07-30 05:12 . 2010-07-30 05:12 12800 ----a-w- c:\documents and settings\yo\Datos de programa\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3042ecd6-n\decora-d3d.dll
2010-07-30 05:12 . 2010-07-30 05:11 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-30 05:11 . 2010-07-30 05:11 -------- d-----w- c:\archivos de programa\Java
2010-07-30 01:56 . 2010-07-30 01:56 -------- d-----w- c:\documents and settings\NetworkService\Escritorio

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-21 05:38 . 2009-07-14 23:06 -------- d-----w- c:\documents and settings\yo\Datos de programa\uTorrent
2010-08-20 21:46 . 2010-02-04 18:52 -------- d-----w- c:\archivos de programa\Softonic_ES
2010-08-20 13:38 . 2010-05-03 15:17 -------- d-----w- c:\archivos de programa\TuneUp Utilities 2010
2010-08-19 15:32 . 2009-03-13 17:04 -------- d-----w- c:\documents and settings\yo\Datos de programa\dvdcss
2010-08-19 04:49 . 2009-03-13 15:58 -------- d-----w- c:\documents and settings\yo\Datos de programa\Vso
2010-08-17 22:24 . 2008-12-09 14:13 -------- d-----w- c:\documents and settings\yo\Datos de programa\Winamp
2010-08-16 05:10 . 2008-12-09 14:28 -------- d-----w- c:\archivos de programa\eMule
2010-08-14 17:05 . 2008-12-09 14:00 -------- d--h--w- c:\archivos de programa\InstallShield Installation Information
2010-08-14 17:04 . 2008-12-09 14:00 -------- d-----w- c:\archivos de programa\Archivos comunes\InstallShield
2010-08-13 01:20 . 2010-01-06 20:40 -------- d-----w- c:\archivos de programa\Ares
2010-08-12 19:26 . 2010-05-03 15:18 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-12 19:19 . 2010-07-02 05:53 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-12 01:21 . 2009-11-06 19:28 -------- d-----w- c:\archivos de programa\Last.fm
2010-08-11 14:45 . 2010-07-14 22:43 -------- d-----w- c:\documents and settings\yo\Datos de programa\vlc
2010-08-05 17:31 . 2010-06-22 21:21 -------- d-----w- c:\documents and settings\yo\Datos de programa\foobar2000
2010-08-05 03:44 . 2010-06-28 03:25 -------- d-----w- c:\archivos de programa\Burrrn
2010-08-03 15:49 . 2008-12-09 13:57 16608 ----a-w- c:\windows\gdrv.sys
2010-08-02 22:01 . 2010-06-22 04:16 -------- d-----w- c:\archivos de programa\Monkey's Audio
2010-08-02 21:53 . 2008-12-09 14:08 -------- d-----w- c:\archivos de programa\CCleaner
2010-08-02 21:51 . 2010-07-14 22:41 -------- d-----w- c:\archivos de programa\VLC
2010-08-02 21:50 . 2010-07-07 04:10 -------- d-----w- c:\archivos de programa\EVEREST Ultimate Edition
2010-08-02 21:49 . 2010-06-22 21:21 -------- d-----w- c:\archivos de programa\foobar2000
2010-08-02 21:44 . 2010-06-19 07:18 -------- d-----w- c:\archivos de programa\Illustrate
2010-08-02 21:33 . 2008-12-09 14:13 -------- d-----w- c:\archivos de programa\Winamp
2010-08-02 21:31 . 2010-05-03 16:07 -------- d-----w- c:\archivos de programa\RemoveWGA_Victorxxx
2010-08-02 21:30 . 2010-01-24 21:48 -------- d-----w- c:\archivos de programa\Avira
2010-08-02 21:29 . 2009-03-13 15:58 -------- d-----w- c:\archivos de programa\VSO
2010-08-02 21:25 . 2010-02-04 19:01 -------- d-----w- c:\archivos de programa\VirtualDub-1.9.8
2010-08-02 21:22 . 2010-06-19 00:19 -------- d-----w- c:\archivos de programa\TotalAudioConverter
2010-07-31 07:20 . 2008-12-09 14:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Lavasoft
2010-07-30 05:32 . 2009-11-02 23:42 -------- d-----w- c:\archivos de programa\VDOWNLOADER
2010-07-17 22:16 . 2010-07-17 22:16 54744 ----a-w- c:\documents and settings\All Users\Datos de programa\WidgetServer\uninst.exe
2010-07-17 22:16 . 2010-07-17 22:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\WidgetServer
2010-07-16 21:45 . 2010-06-03 23:51 -------- d-----w- c:\archivos de programa\Winamp Detect
2010-07-16 21:45 . 2010-07-16 21:45 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Winamp Toolbar
2010-07-16 21:45 . 2010-07-16 21:45 -------- d-----w- c:\archivos de programa\Winamp Toolbar
2010-07-16 05:23 . 2001-08-24 10:00 51286 ----a-w- c:\windows\system32\perfc00A.dat
2010-07-16 05:23 . 2001-08-24 10:00 362564 ----a-w- c:\windows\system32\perfh00A.dat
2010-07-15 18:10 . 2010-07-15 18:10 -------- d-----w- c:\archivos de programa\Windows Media Connect 2
2010-07-14 20:11 . 2010-07-14 19:49 -------- d-----w- c:\archivos de programa\RealArcade
2010-07-12 20:27 . 2010-07-12 20:27 3299 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
2010-07-12 20:26 . 2010-06-18 01:31 869608 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-07-02 02:57 . 2010-07-02 02:57 -------- d-----w- c:\documents and settings\All Users\Datos de programa\McAfee
2010-06-30 12:32 . 2004-08-19 13:42 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 03:25 . 2010-06-28 03:25 -------- d-----w- c:\archivos de programa\burrrn_1.13
2010-06-25 16:20 . 2010-06-25 16:20 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb264.tmp.exe
2010-06-24 20:37 . 2010-06-24 20:37 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb22D.tmp.exe
2010-06-24 12:15 . 2004-08-19 13:42 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2004-08-19 13:42 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2004-08-19 13:41 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2004-08-19 13:30 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 16:10 . 2010-06-23 16:10 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb1C0.tmp.exe
2010-06-23 02:47 . 2010-06-23 02:47 501936 ----a-w- c:\documents and settings\All Users\Datos de programa\Google\Google Toolbar\Update\gtb13B.tmp.exe
2010-06-21 15:27 . 2004-08-03 21:14 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-21 15:05 . 2010-06-21 03:33 3151 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
2010-06-21 03:32 . 2010-06-21 03:32 3026 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
2010-06-21 03:27 . 2010-06-21 03:27 15349 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2010-06-17 14:03 . 2004-08-19 13:42 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 21:35 . 2004-08-03 21:14 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-14 21:33 . 2010-06-14 21:33 259072 ----a-w- c:\archivos de programa\Half-open_limit_fix_4.1.exe
2010-06-14 21:06 . 2010-06-14 21:06 260416 ----a-w- c:\archivos de programa\SoftonicDownloader81240.exe
2010-06-14 14:31 . 2008-12-09 13:50 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-08-19 13:42 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-04 19:31 . 2010-06-04 19:31 299864 ----a-w- c:\archivos de programa\dxwebsetup.exe
.

------- Sigcheck -------

[-] 2010-06-14 . CD00787894008369F56153B91FC28847 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-21 05:37 . 2010-08-21 05:37 16384 c:\windows\temp\Perflib_Perfdata_1d4.dat
- 2010-08-10 20:13 . 2009-05-26 11:40 764280 c:\windows\SoftwareDistribution\Download\a55343ca369382122a33905d7c85c623\update\update.exe
- 2010-08-10 20:13 . 2010-02-22 14:24 764280 c:\windows\SoftwareDistribution\Download\5223781abe26bac8c269db40b449266e\update\update.exe
- 2010-08-10 20:13 . 2009-05-26 11:40 764280 c:\windows\SoftwareDistribution\Download\2e0fac0ea201ad36dd05526d7f006f50\update\update.exe
- 2010-08-10 20:13 . 2009-05-26 11:40 764280 c:\windows\SoftwareDistribution\Download\2a3aa2e80cf03d0dddb69e41a0cb1cec\update\update.exe
- 2010-08-10 20:13 . 2010-02-22 14:24 764280 c:\windows\SoftwareDistribution\Download\0ce8722a568559fda0b0b60725066c1b\update\update.exe
+ 2010-08-13 14:57 . 2010-08-13 14:57 919552 c:\windows\Installer\1bb39bf.msp
+ 2010-08-13 14:57 . 2010-08-13 14:57 547328 c:\windows\Installer\1bb38dd.msp
- 2010-06-14 07:40 . 2010-06-14 07:40 1172480 c:\windows\SoftwareDistribution\Download\2a3aa2e80cf03d0dddb69e41a0cb1cec\sp3qfe\msxml3.dll
- 2010-06-14 07:42 . 2010-06-14 07:42 1172480 c:\windows\SoftwareDistribution\Download\2a3aa2e80cf03d0dddb69e41a0cb1cec\sp3gdr\msxml3.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\archivos de programa\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}"= "c:\archivos de programa\Softonic_ES\tbSof0.dll" [2010-08-20 2734688]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]
2010-08-20 21:46 2734688 ----a-w- c:\archivos de programa\Softonic_ES\tbSof0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}"= "c:\archivos de programa\Softonic_ES\tbSof0.dll" [2010-08-20 2734688]

[HKEY_CLASSES_ROOT\clsid\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C2ED826E-8903-4A9D-B0DF-3A8FB8EA918A}"= "c:\archivos de programa\Softonic_ES\tbSof0.dll" [2010-08-20 2734688]

[HKEY_CLASSES_ROOT\clsid\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\archivos de programa\uTorrent\uTorrent.exe" [2009-07-15 288048]
"swg"="c:\archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-02 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\archivos de programa\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\archivos de programa\QuickTime\qttask.exe" [2010-08-10 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[BU]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\archivos de programa\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\Real Alternative\\Media Player Classic\\mplayerc.exe"=
"c:\\Archivos de programa\\uTorrent\\uTorrent.exe"=
"c:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe"=
"c:\\Archivos de programa\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Archivos de programa\\eMule\\emule.exe"=
"c:\\Archivos de programa\\VLC\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"48312:UDP"= 48312:UDP:emule puerto
"45113:TCP"= 45113:TCP:emule puerto

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\archivos de programa\Avira\AntiVir Desktop\sched.exe [24/01/2010 06:48 p.m. 108289]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [12/08/2010 04:23 p.m. 1051968]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 05:24 a.m. 10064]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate;Servicio de actualización de Google (gupdate);c:\archivos de programa\Google\Update\GoogleUpdate.exe [03/02/2010 02:55 p.m. 135664]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\archivos de programa\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34]

2010-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2010-02-03 17:55]

2010-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2010-02-03 17:55]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: &Winamp Search - c:\documents and settings\All Users\Datos de programa\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\archivos de programa\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\yo\Datos de programa\Mozilla\Firefox\Profiles\pnydudbk.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - plugin: c:\archivos de programa\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\archivos de programa\Mozilla Firefox\plugins\npwachk.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-21 02:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1652)
c:\windows\system32\WININET.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\archivos de programa\Avira\AntiVir Desktop\avguard.exe
c:\archivos de programa\Java\jre6\bin\jqs.exe
c:\archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
.
**************************************************************************
.
Completion time: 2010-08-21 02:39:24 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-21 05:39
ComboFix2.txt 2010-08-20 06:39

Pre-Run: 110.902.861.824 bytes libres
Post-Run: 111.179.915.264 bytes libres

- - End Of File - - 0E6F39089D3E70C9FD24AE74C43E4985

vitrola
Novice
Novice

Posts Posts : 32
Joined Joined : 2010-07-17
OS OS : windows XP professional version 2002
Points Points : 23762
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: TR/Trash.Gen [trojan]

Post by Sneakyone on Sat Aug 21, 2010 6:09 pm

Hi.

Please go to [You must be registered and logged in to see this link.] and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.


  • I'm livin' life in the fast lane.

    Sneakyone
    Master
    Master

    Posts Posts : 2707
    Joined Joined : 2010-01-10
    Gender Gender : Male
    OS OS : Windows 7 Ultimate 64-bit
    Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
    Points Points : 56074
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Solved Re: TR/Trash.Gen [trojan]

    Post by vitrola on Sun Aug 22, 2010 7:08 am

    Hello

    KASPERSKY ONLINE SCANNER 7.0: scan report
    Sunday, August 22, 2010
    Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
    Kaspersky Online Scanner version: 7.0.26.13
    Last database update: Saturday, August 21, 2010 10:32:30
    Records in database: 4131719
    --------------------------------------------------------------------------------

    Scan settings:
    scan using the following database: extended
    Scan archives: yes
    Scan e-mail databases: yes

    Scan area - My Computer:
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\

    Scan statistics:
    Objects scanned: 48013
    Threats found: 0
    Infected objects found: 0
    Suspicious objects found: 0
    Scan duration: 02:30:17

    No threats found. Scanned area is clean.

    Selected area has been scanned.

    vitrola
    Novice
    Novice

    Posts Posts : 32
    Joined Joined : 2010-07-17
    OS OS : windows XP professional version 2002
    Points Points : 23762
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Solved Re: TR/Trash.Gen [trojan]

    Post by Sneakyone on Sun Aug 22, 2010 6:04 pm

    Hi.

    How is your machine running now?


    I'm livin' life in the fast lane.

    Sneakyone
    Master
    Master

    Posts Posts : 2707
    Joined Joined : 2010-01-10
    Gender Gender : Male
    OS OS : Windows 7 Ultimate 64-bit
    Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
    Points Points : 56074
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Solved Re: TR/Trash.Gen [trojan]

    Post by vitrola on Sun Aug 22, 2010 9:23 pm

    Hello
    It's working fine.
    Thank you very much to you and Belazur for your help, I appreciate all of your help.
    Kindest regards
    Sebastian

    vitrola
    Novice
    Novice

    Posts Posts : 32
    Joined Joined : 2010-07-17
    OS OS : windows XP professional version 2002
    Points Points : 23762
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Solved Re: TR/Trash.Gen [trojan]

    Post by Sneakyone on Mon Aug 23, 2010 12:23 am

    You're welcome, glad to help. Smile

    Your computer is now clean. Now, time to remove the tools used, and update your computer to prevent vulnerability.

    Updating System Restore
    Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
    • Select Start > All Programs > Accessories > System tools > System Restore.
    • On the dialogue box that appears select Create a Restore Point
    • Click NEXT
    • Enter a name e.g. Clean
    • Click CREATE.


    You now have a clean restore point.

    To get rid of the bad ones:
    • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
    • In the Drop down box that appears select your main drive e.g. C
    • Click OK
    • The System will do a calculation of temporary/old files, and then display a dialogue box.
    • Select the More Options Tab.
    • At the bottom will be a System Restore box with a CLEANUP button click this
    • Accept the Warning and select OK again, the program will close and you are done.


    ========

    Removing the tools
    Now, to remove all of the tools we used and the files and folders they created, please do the following:

    Download [You must be registered and logged in to see this link.] by OldTimer:
    • Save it to your Desktop.
    • Double click OTC.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.
      Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.


    ============

    Service Pack upgrade
    Please consider upgrading to Windows XP SP3, because it includes all previously released updates. It also includes a small number of new functionalities. Some of the updates that Service Pack 3 provides, you may not have. It is now available via Windows Update.

    More info about SP3: [You must be registered and logged in to see this link.]

    =====

    Update Programs
    Please download the newest version of Adobe Acrobat Reader from [You must be registered and logged in to see this link.]

    Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
    Go to the Control Panel and enter Add or Remove Programs.
    Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

    Once old versions are gone, please install the newest version.



    Please download the newest version of Java from [You must be registered and logged in to see this link.].

    Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
    Go to the Control Panel and enter Add or Remove Programs.
    Search in the list for all previous installed versions of Java (J2SE Runtime Environment). Please uninstall/remove each of them.

    Once old versions are gone, please install the newest version.

    ===========

    Here are some prevention tips I have provided:

    1. Don't download files from untrusted websites or websites that seem suspious.

    2. Don't use torrents they are a good way to get lots of malware.

    3. Don't download and use cracks/warez/keygens they are illegal and are another good way to contract malware.

    4. Disable autorun [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.]

    5. Always make sure you have the latest Windows updates. windowsupdate.microsoft.com

    6. Don't ever click on the links inside of a popup.

    7. Make sure you know what you install you can make sure it is not know for being a virus by just simply searching about it on google.

    8. Use a Site Advisor so you don't go to sites that will infect you. [You must be registered and logged in to see this link.]

    9. Also there are many holes and flaws in Internet Explorer I recommend using [You must be registered and logged in to see this link.] to keep you more safe.

    10. Always keep your [You must be registered and logged in to see this link.] and Adobe updated.

    11. Don't fall for the Scareware. What is Scareware? it is a website made to download a rogue Antivirus on your system that will scare you into buying their fake software due to false detections.

    12. Always have a Firewall and a Antivirus.

    Thanks for choosing GeekPolice, see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?

    For more information please visit [You must be registered and logged in to see this link.]


    I'm livin' life in the fast lane.

    Sneakyone
    Master
    Master

    Posts Posts : 2707
    Joined Joined : 2010-01-10
    Gender Gender : Male
    OS OS : Windows 7 Ultimate 64-bit
    Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
    Points Points : 56074
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Solved Re: TR/Trash.Gen [trojan]

    Post by vitrola on Tue Aug 24, 2010 4:06 am

    Hello
    I did every thing you recomend me.
    Thanks a lot.

    Sebastian

    vitrola
    Novice
    Novice

    Posts Posts : 32
    Joined Joined : 2010-07-17
    OS OS : windows XP professional version 2002
    Points Points : 23762
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    Solved Re: TR/Trash.Gen [trojan]

    Post by Sneakyone on Wed Aug 25, 2010 2:47 am

    You're welcome, glad to help. Smile


    I'm livin' life in the fast lane.

    Sneakyone
    Master
    Master

    Posts Posts : 2707
    Joined Joined : 2010-01-10
    Gender Gender : Male
    OS OS : Windows 7 Ultimate 64-bit
    Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
    Points Points : 56074
    # Likes # Likes : 0

    View user profile

    Back to top Go down

    View previous topic View next topic Back to top

    - Similar topics

     
    Permissions in this forum:
    You cannot reply to topics in this forum