Win32:Trogan-Gen

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Win32:Trogan-Gen

Post by pfensome@virginmedia.com on Thu 16 Aug 2012, 3:59 am

First topic message reminder :

hi there,
My son seems to have picked up a set of viruses with variations of the Win32:Trogan, ive tryed to clean them using avast but avast is still picking up the same variants with increasing frequency, ive used my basic knowledge to try and remove but without luck. A friend of mine suggested i turn it over to the proffesionals and suggested this site, so here i am

i have attached the logs as they were way to long to post, all help greatly appreciated.

OTL logfile created on: 8/15/2012 4:48:09 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Sean\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.84 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 51.86% Memory free
7.68 Gb Paging File | 5.82 Gb Available in Paging File | 75.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 42.02 Gb Free Space | 18.04% Space Free | Partition Type: NTFS
Drive D: | 232.49 Gb Total Space | 224.98 Gb Free Space | 96.77% Space Free | Partition Type: NTFS
Drive E: | 6.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SEAN-LAPTOP | User Name: Sean | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/15 16:46:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Sean\Desktop\OTL.com
PRC - [2012/08/11 16:48:35 | 000,927,840 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
PRC - [2012/07/03 17:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/07/03 17:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/07/03 17:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2012/01/03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/08/27 18:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
PRC - [2010/08/15 20:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2010/06/03 17:09:00 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010/03/09 01:23:22 | 001,086,760 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
PRC - [2010/01/15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/07/28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe



pfensome@virginmedia.com

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2012-08-16
Operating System : windows 7 home premium

View user profile

Back to top Go down


Re: Win32:Trogan-Gen

Post by pfensome@virginmedia.com on Fri 24 Aug 2012, 1:10 am

Tried Action Centre, tried various windows help files and support forums, tried to check for corrupted files using sfc/scannow from the command prompt.
all help is pointing towards this service (Background Intelligent Transfer Service (BITS) service) but its missing from my system.msc list.

pfensome@virginmedia.com

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2012-08-16
Operating System : windows 7 home premium

View user profile

Back to top Go down

Re: Win32:Trogan-Gen

Post by Superdave on Fri 24 Aug 2012, 6:22 am

I did some searching and found a bunch of links here. One of them might help.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Win32:Trogan-Gen

Post by pfensome@virginmedia.com on Fri 24 Aug 2012, 9:04 am

thanks very much Superdave for all your help with this Trojan and the advice given, ive looked through those links and i just dont have the time at the moment to go through them, i will be away from tomorrow on vacation but will start again on this as soon as i get back. im assuming it will be ok to post in this thread once i return to add in some feedback of where i am with the Laptop.
Best regards.

pfensome@virginmedia.com

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2012-08-16
Operating System : windows 7 home premium

View user profile

Back to top Go down

Re: Win32:Trogan-Gen

Post by Superdave on Fri 24 Aug 2012, 9:11 am

[You must be registered and logged in to see this link.] wrote:thanks very much Superdave for all your help with this Trojan and the advice given, ive looked through those links and i just dont have the time at the moment to go through them, i will be away from tomorrow on vacation but will start again on this as soon as i get back. im assuming it will be ok to post in this thread once i return to add in some feedback of where i am with the Laptop.
Best regards.
Yes, please keep me posted. Bonne vacation!

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Win32:Trogan-Gen

Post by pfensome@virginmedia.com on Mon 10 Sep 2012, 8:52 pm

Hi Superdave,
went thro those links and even reset the update history and windows components and its still not updating, same error. BITS services is still not listed in services.msc.

pfensome@virginmedia.com

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2012-08-16
Operating System : windows 7 home premium

View user profile

Back to top Go down

Re: Win32:Trogan-Gen

Post by Superdave on Tue 11 Sep 2012, 9:23 am

Please try the information in this link. It's down at the bottom of the list.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Win32:Trogan-Gen

Post by Sponsored content Today at 7:37 pm


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum