Adobe.exe trojan

Discussion in 'malware problems & news' started by dime, Mar 22, 2005.

Thread Status:
Not open for further replies.
  1. dime

    dime Registered Member

    Joined:
    Mar 22, 2005
    Posts:
    1
    I need some advice on a trojan

    the trojan creates a folder:

    C:\System Volume Information\homedir\
    or
    C:\System Volume Information\.temp

    there are sub folders named something like:

    [ 1 ] look here
    [ 2 ] DivX and DivX2
    [ 3 ] Music

    Also a service named: Remote Administrator Service is running

    the path to execute is:

    "C:\WINDOWS\system32\adobe.exe" /service

    It appears the trojan is used to store files on you computer for peer to peer access.

    I have stopped the service, removed the adobe.exe and deleted the files and every thing seem sto be ok, but was wondering if anyone knows the cause of this or has any info on it?

    Thanks
     
  2. sultan_emerr

    sultan_emerr Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    18
    Location:
    Tokyo, Japan
    If you are sure that it is a trojan, and not just an auto updater for that program, then I would download, install and update : A² (a-squared) free - A2 - a Freeware Anti-Trojan, Anti-Worm, Anti-Dialer and Anti-Spyware (Anti-Malware) Software =
    http://downloads-zdnet.com.com/3000-2239_2-10262216.html ,
    and then run the scan(s) and follow directions for healing any/all infections found, then Disable system restore = http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm , reboot and then re-enable system restore.



     
Loading...
Thread Status:
Not open for further replies.