Help with Trojan Hunter................

Discussion in 'malware problems & news' started by Cozumeldiver, Feb 3, 2004.

Thread Status:
Not open for further replies.
  1. Cozumeldiver

    Cozumeldiver Guest

    I just ran Trojan Hunter and found these are they all bad ? I had it clean the actual trojans.

    Found possible trojan file: C:\Program Files\GroksterSupport\GroksterSupport.exe (SDBot)    (What's a possible trojan file?)    (Submit for analysis...)    (Add to ignore list)
    Found possible trojan file: C:\Program Files\LimeShop\LimeShop.exe (SDBot)    (What's a possible trojan file?)    (Submit for analysis...)    (Add to ignore list)
    Found possible trojan file: C:\Program Files\WebSavingsfromEbates\WebSavingsfromEbates.exe (SDBot)    (What's a possible trojan file?)    (Submit for analysis...)    (Add to ignore list)
    Found trojan file: C:\System Volume Information\_restore{0146B196-FB8A-4FA6-9170-4B12E2B93B15}\RP591\A0069739.exe/02m9Uwr.exe (TrojanDownloader.Optimize.100)
    Found possible trojan file: C:\System Volume Information\_restore{0146B196-FB8A-4FA6-9170-4B12E2B93B15}\RP591\A0069739.exe/02m9Uwr.exe (SDBot)    (What's a possible trojan file?)    (Submit for analysis...)    (Add to ignore list)
    Found trojan file: C:\System Volume Information\_restore{0146B196-FB8A-4FA6-9170-4B12E2B93B15}\RP593\A0070093.exe/WhNeu.exe (TrojanDownloader.Optimize.100)
    Found possible trojan file: C:\System Volume Information\_restore{0146B196-FB8A-4FA6-9170-4B12E2B93B15}\RP593\A0070093.exe/WhNeu.exe (SDBot)    (What's a possible trojan file?)    (Submit for analysis...)    (Add to ignore list)
    Found trojan file: C:\WINDOWS\ARUpdate.exe (TrojanDownloader.ARU.100)
    Found possible trojan file: C:\WINDOWS\system32\cbiuninstall.exe (Suspicious: UPX-packed file in Windows System folder)    (What's a possible trojan file?)    (Submit for analysis...)    (Add to ignore list)
    Found trojan file: C:\WINDOWS\system32\H@tKeysH@@k.DLL (KLog.HotkeyHook.100)
    Found trojan file: C:\WINDOWS\system32\H@tKeysH@@k.DLL (KLog.HotkeyHook)
    Found possible trojan file: C:\WINDOWS\system32\xmforgert.exe (Suspicious: UPX-packed file in Windows System folder)    (What's a possible trojan file?)    (Submit for analysis...)    
     
  2. Cozumeldiver

    Cozumeldiver Guest

    Nevermind. Decided to download Boclean and let that monitor for future hacker intrusions. Great site though and some good advice posted here. Thanks.
     
  3. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,330
    Location:
    Netherlands
    Hi Cozumeldiver,

    Seeing that a lot of the found malware was found in your Restore Points (making them worthless) I would advise you to disable System Restore, reboot and re-enable System Restore.
    Do a full scan until you are satisfied you are clean and make a manual Restore Point.

    More information about dis- and enabling System Restore for Windows ME can be found here: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239

    The same article for Windows XP can be found here:
    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039

    Regards,

    Pieter
     
Loading...
Thread Status:
Not open for further replies.