Am I Infected? Cognac & B.exe In Mcconfig
Please continue to follow my instructions and reply back until I give you the "all clean". Are you still connecting to the internet when you log on? Note: Some malware may prevent mbam-setup.exe from downloading and running. A case like this could easily cost hundreds of thousands of dollars. http://www.bleepingcomputer.com/forums/t/313721/am-i-infected-cognac-bexe-in-mcconfig/
If I have helped you then please consider donating to continue the fight against malware Back to top #42 schrauber schrauber Mr.Mechanic Malware Response Team 24,794 posts OFFLINE Gender:Male Location:Munich,Germany Start here -> Malware Removal Forum. It's 100% free. We invite you to ask questions, share experiences, and learn.
Symptoms: Alerts from efficient anti-virus program is one visible sign that Trojan Cognac is present on the computer. Doing so could cause changes to the directions I have to give you and prolong the time required. Cognac & b.exe in mcconfig Started by Simon T , Apr 30 2010 06:05 AM Page 1 of 3 1 2 3 Next This topic is locked 41 replies to this C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\it_reg.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
There are plenty of ways on how you can safeguard the PC against this type of threat. c:\fjaiekpk.exe (Trojan.Agent) -> No action taken. c:\documents and settings\user\local settings\Temp\install.exe (Trojan.Dropper) -> No action taken. you could check here c:\documents and settings\user\local settings\Temp\taskmgr.exe (Trojan.Dropper) -> No action taken.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> No action taken. https://forums.techguy.org/threads/b-exe-msa-exe-msantivirus-help.842593/ c:\WINDOWS\system32\drivers\smss.exe (Trojan.Agent) -> No action taken. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. It sometimes does not work within normal mode. 0 LVL 2 Overall: Level 2 Windows XP 1 Anti-Spyware 1 Anti-Virus Apps 1 Message Expert Comment by:adminpps ID: 245858972009-06-09 Well, combofix
C:\Documents and Settings\All Users\Documents\My Music\Sony-Soundforge-70+keygen-by-ZorRo\Sony.Sound.Forge.KeyGen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. More about the author I understand this probably isn't the best place to get help, so I'm going to post a thread on Bleeping Computer, and will just use my workaround for the time being. Get blank screen when logging off or switching user and have to restart3. Short URL to this thread: https://techguy.org/842593 Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account?
Covered by US Patent. A good set of instructions can be found here: http://greatis.com/appdata/d/s/str.sys.htm Go to Solution 5 5 2 +1 4 Participants adminpps(5 comments) LVL 2 Windows XP1 Anti-Spyware1 Anti-Virus Apps1 thinktechsolutions(5 comments) HainKurt(2 Thank you BasedGod CAGiversary! 4340 Posts Joined 8.6 Years Ago lolwut? 100% 149 0 - - - Posted 16 July 2009 - 07:12 AM Logfile of Trend Micro http://avissoft.net/am-i/am-i-infected-please-see-hjt-log.php Have you tried AVG?
Double Click mbam-setup.exe to install the application. c:\documents and settings\user\local settings\Temp\install.48349.exe (Trojan.Downloader) -> No action taken. If I have helped you then please consider donating to continue the fight against malware Back to top #35 schrauber schrauber Mr.Mechanic Malware Response Team 24,794 posts OFFLINE Gender:Male Location:Munich,Germany
Join 91117 other members!
Started by Dj DHoLa , Jun 30 2009 04:27 AM Please log in to reply 5 replies to this topic #1 Dj DHoLa Dj DHoLa Authentic Member Authentic Member 24 posts c:\windows\kb913800.exe c:\windows\system32\drivers\str.sys c:\windows\system32\dumphive.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg . ((((((((((((((((((((((((( Files Created from 2009-05-09 to 2009-06-09 ))))))))))))))))))))))))))))))) . 2009-06-09 19:54 . 2009-06-09 19:54 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-06-09 19:54 . 2009-06-09 19:54 11952 c:\documents and settings\user\local settings\Temp\services.exe (Trojan.Dropper) -> No action taken. Thank you!
Click Exit on the Main menu to close the program. c:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken. Now I ran the hijack this program and this is what it found Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:19:33 PM, on 6/9/2009 Platform: Windows XP SP2 (WinNT news Thank you BasedGod CAGiversary! 4340 Posts Joined 8.6 Years Ago lolwut? 100% 149 0 - - - Posted 17 July 2009 - 04:05 AM Here's the earliest log
Try manually first, imo. Security programs like anti-virus and firewall can be rendered useless by Trojan Cognac. Sign In Use Facebook Use Twitter Need an account? It is very sluggish.
Gmer is crashing the computer (blue screen) so I am posting without this file.Hope you can help me,Si Attached Files Attach.txt 10.4KB 4 downloads Edited by Simon T, 30 April 2010 c:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken. Memory Modules Infected: \\?\globalroot\systemroot\system32\geyekrlabbkxku.dll (Trojan.TDSS) -> No action taken. If malwarebytes isn't doing the trick, I'd try a few other anti-virus programs and see if they can clean it up.
scanning hidden autostart entries ... If I have helped you then please consider donating to continue the fight against malware Back to top #7 Simon T Simon T Topic Starter Members 23 posts OFFLINE Local Double-click mbam-setup.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an Using the site is easy and fun.
Once Trojan Cognac is run on the PC, it will make changes on the system especially on Windows registry. I would suggest a reformat if you don't know how to backup/repair your registry. Virus cleanup?