Llass.exe help please :P

ItWasLuck · Jun 17, 2007

So I recently noticed that llass.exe was running in my task manager, I did a little search up on the process and it turns out that it's a trojan.

So after that I booted up eWido Anti-spyware (AVG Antispyware 7.5) and it alerted me that Llass.exe was on my computer, I clicked Clean / Quarantine and it did quarantine it for about 10 seconds then an alert for llass.exe popped up again, So I went through that cycle about 500 times and now I'm posting here for some help.

Trojan Info
llass.exe
Path: C:/WINDOWS/system32/llass.exe
Infected With: Backdoor.Bandok.ab

I've searched for fixes and couldn't find any so I decided to come here for help.

Thank you in advance
~ItWasLuck

TimW · Jun 17, 2007

Welcome to Major Geeks!!

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis
Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:

CounterSpy

AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy

Bitdefender - from step 6

Panda Scan - from step 6

runkeys.txt - the log from GetRunKey.bat

newfiles.txt - the log from ShowNew.bat

HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

ItWasLuck · Jun 18, 2007

I actually installed F-Secure anti-virus/Anti-Malware which I didn't realize where free for people who use Cogeco Cables internet service.

When I installed it, F-Secure sent me to the patch shit which gave me a program called F-sasser which actually removed it completely. (I know how to do the steps with normal startup,etc,etc just that it wasn't working but this patch fixed it)

Thanks for the help but indeed I found a patch after downloading another project, Sorry I wasted your time ^^, I've attached the file in a Zip that I used examine it and look what it does if you would like to.

TimW · Jun 18, 2007

If you think that you have removed all the malware .....no problem.

If you want us to double check...please attach the logs and we will look at them and see if there are any lingering traces.

ItWasLuck · Jun 20, 2007

Heh, It's gone don't worry .

My mother is a security tech for a large cable company (Didn't realize that was here title) so I asked her

TimW · Jun 20, 2007

No problem ...safe surfing.

Log in or Sign up

Llass.exe help please :P

ItWasLuck Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

ItWasLuck Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

ItWasLuck Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member