Requesting help trojan-downloader

Discussion in 'Malware Help (A Specialist Will Reply)' started by renklint, Apr 4, 2007.

  1. renklint

    renklint Private E-2

    I've followed the steps in the "Read and Run First" post.

    And Counterspy found some malware and deleted them. Bitdefender found som old viruses in an old mailbox that isn't used anymore. Panda found a lot of spyware (only harmless cookies)?

    Anyway 2 ways my problems is showing.
    When I hit ctrl-alt-del taskmgr will not start. There is a windows program that I don't now the english name of that stops it. (taskmanager will run in safe mode).
    If you rightclick This computer, under advanced, click the button perfomance. It's the program under the 3d tab that stops taskmgr.

    Firefox is extremely slow. I go to a page but it takes loong time before I can click a link. If I write something in a textbox, the text only appears after a while. I don't have the same problem with IE.

    Since the malware that counterspy found looked rather bad, and I don't know if the spyware that Panda found is anny bad, I wonder if someone can have a look at my logs.

    /Lars

    part 2 will follow
     

    Attached Files:

    renklint, Apr 4, 2007
    #1
  2. renklint

    renklint Private E-2

    The next 3 log-files.

    Thanks in advance.

    /Lars
     

    Attached Files:

    renklint, Apr 4, 2007
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    I believe the English name of what you are referring to is Data Execution Prevention!

    Based on the logs you have posted, you are not having malware problems other than what was already cleaned. The only file I question is the below:
    Code:
    "C:\WINDOWS\"
sudurv10.dll   2006-05-03           2  "SUDURV10.DLL"
    I do suggest that you uninstall CounterSpy now since you don't need it anymore.

    You problems could be something to do with your OS or a hardware conflict, however, just to be safe, let's run a rootkit scan since some rootkits can cause strange behavior.

    Now please download F-Secure's BlacklightBeta
    • Download fsbl.exe and save it to the Desktop.
    • Once saved... double click fsbl.exe to install the program.
    • Click accept agreement and Click scan
    • This application may trigger a warning from your antivirus. Let the driver load. Wait for it to finish.
    • If it displays any items...don't do anything with them yet. Just hit exit (close)
    • It will drop a log on Desktop that starts with fsbl....big number
    Please attach the BlackLight log.
     
    chaslang, Apr 5, 2007
    #3
  4. renklint

    renklint Private E-2

    Thank you for your time.

    You're absolutely right about the Data Execution Prevention, that's what prevents me from starting taskmanager.

    I've uninstalled and reinstalled Firefox, but it still works very slow. I noticed that all my preferences where still there. Startpage, installed add-ons etc. So Perhaps I should delete all firefox folders and start again.

    Tried to uninstall counterspy (closed it first) but got the error attached.

    Is there a way to determine which program that is dependent on the sudurv10.dll ?

    /Lars
     

    Attached Files:

    renklint, Apr 5, 2007
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It looks like you have some problems with your Windows Installer program. This is not malware.

    Right Click on it and Select Properties. Then click the Version tab and go thru the list of image names. See what Company it belongs to.
     
    chaslang, Apr 5, 2007
    #5
  6. renklint

    renklint Private E-2

    Ok, thanks again.


    /Lars
     
    renklint, Apr 5, 2007
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Did you find out who that DLL file belongs too?
     
    chaslang, Apr 5, 2007
    #7
  8. renklint

    renklint Private E-2

    No, the dll-file had no info.

    But the Firefox-problem had something with my XP-account to do.

    I created a new user, and have no problem any longer.

    /Lars
     
    renklint, Apr 5, 2007
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you are not having any other malware problems, it is time to do our final steps:
    1. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
    2. After doing the above, you should work thru the below link:
     
    chaslang, Apr 5, 2007
    #9
  10. renklint

    renklint Private E-2

    Ok, thanks for all info.

    Case closed.

    /Lars
     
    renklint, Apr 5, 2007
    #10
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Apr 5, 2007
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds