You are viewing our Forum Archives. To view or take place in current topics click here.
Some sort of virus?
Posted:

Some sort of virus?Posted:

lortar
  • Wise One
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
So, I logged on to my pc today and i saw an image of an eye on my task bar, it was called KLbyAY, 0 results of Google and it told me to go to a file transfer protocol link, I don't know why and the link didn't even work and then it dissapeared.

Anyone have an idea?
#2. Posted:
JohnnyUK
  • Ladder Climber
Status: Offline
Joined: Jun 27, 201410Year Member
Posts: 348
Reputation Power: 18
Status: Offline
Joined: Jun 27, 201410Year Member
Posts: 348
Reputation Power: 18
See if you have anything un usual installed to your computer. If you have not, then run a virus scan using [ Register or Signin to view external links. ]
#3. Posted:
lortar
  • Wise One
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
Yea, I looked in my download and recently installed and removed some stuff but it only dissapeared by itself so I couldn't find a way to remove it at all. Lets see what this scan sais.
#4. Posted:
Ever
  • Winter 2020
Status: Offline
Joined: Mar 10, 201311Year Member
Posts: 6,134
Reputation Power: 546
Status: Offline
Joined: Mar 10, 201311Year Member
Posts: 6,134
Reputation Power: 546
I suggest running a scan on your computer.

Try using Malwarebytes.

[ Register or Signin to view external links. ]
#5. Posted:
lortar
  • Wise One
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
Im scanning my PC with KasperSky which my family bought, is it good enough?
#6. Posted:
SNES
  • TTG Contender
Status: Offline
Joined: Dec 30, 201112Year Member
Posts: 3,644
Reputation Power: 199
Status: Offline
Joined: Dec 30, 201112Year Member
Posts: 3,644
Reputation Power: 199
Could be... Run a scan like everyone in this post
is saying and let us know.
#7. Posted:
JohnnyUK
  • Ladder Climber
Status: Offline
Joined: Jun 27, 201410Year Member
Posts: 348
Reputation Power: 18
Status: Offline
Joined: Jun 27, 201410Year Member
Posts: 348
Reputation Power: 18
lortar wrote Im scanning my PC with KasperSky which my family bought, is it good enough?


That should be good enough, but I personally do not use it.

Anyway, scan your computer with it, and see if it picks anything up.
#8. Posted:
Linear
  • TTG Senior
Status: Offline
Joined: Dec 31, 201013Year Member
Posts: 1,255
Reputation Power: 41
Status: Offline
Joined: Dec 31, 201013Year Member
Posts: 1,255
Reputation Power: 41
Scan with malwarebytes, your bought antivirus will not scan for things malwarebytes will.
#9. Posted:
lortar
  • Wise One
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
Status: Offline
Joined: Dec 25, 201013Year Member
Posts: 570
Reputation Power: 21
Malwarebytes Anti-Malware
[ Register or Signin to view external links. ]

Scan Date: 21/07/2014
Scan Time: 10:28:35
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.20.07
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tom

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 430308
Time Elapsed: 4 hr, 33 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
Trojan.Agent.VBS, C:\Windows\SysWOW64\taskmngr.exe, 4292, , [1fa8f9a82f4c0a2c601dbae8d13013ed]

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}, , [93345e431e5d79bda0fdce8e976b7c84],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, , [8641a6fb94e7e55138345f75847ed42c],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, , [4c7becb58cefa78fa6c77064a45e3ac6],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, , [2e9990110e6daa8cb7b7cc08ec16b947],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, , [23a4e6bb7308f6404c23c80ca55d28d8],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [25a228793d3ebf77d2b08b77bf45639d],
Adware.TryMedia, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Trymedia Systems, , [5671cdd4ea91092d36cd76ef33d049b7],
PUP.Optional.Spigot.A, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, , [07c00f92ed8e67cfd68df42d54b0fb05],

Registry Values: 0
(No malicious items detected)

Registry Data: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, [ Register or Signin to view external links. ] , Good: (www.google.com), Bad: ( [ Register or Signin to view external links. ]

Folders: 1
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC, , [e4e3f3ae97e45adc48f35e59ae546c94],

Files: 7
Trojan.Agent.VBS, C:\Windows\SysWOW64\taskmngr.exe, , [1fa8f9a82f4c0a2c601dbae8d13013ed],
PUP.Optional.Softonic.A, C:\Users\Tom\Downloads\SoftonicDownloader_for_morphvox-voice-changer.exe, , [8245fba6e19a1c1a9c9644e4b74a53ad],
Trojan.MSIL, C:\Users\Tom\Downloads\InstallIW4M.exe, , [ab1cb0f1116ac96d7099c48fca370ef2],
PUP.Optional.Verti, C:\Users\Tom\Downloads\MediaPlayerClassic.exe, , [a42301a01d5e85b1eafc197afe060af6],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx, , [e4e3f3ae97e45adc48f35e59ae546c94],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, , [e4e3f3ae97e45adc48f35e59ae546c94],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx, , [e4e3f3ae97e45adc48f35e59ae546c94],

Physical Sectors: 0
(No malicious items detected)


(end)
#10. Posted:
JohnnyUK
  • Ladder Climber
Status: Offline
Joined: Jun 27, 201410Year Member
Posts: 348
Reputation Power: 18
Status: Offline
Joined: Jun 27, 201410Year Member
Posts: 348
Reputation Power: 18
lortar wrote Malwarebytes Anti-Malware
[ Register or Signin to view external links. ]

Scan Date: 21/07/2014
Scan Time: 10:28:35
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.20.07
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tom

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 430308
Time Elapsed: 4 hr, 33 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
Trojan.Agent.VBS, C:\Windows\SysWOW64\taskmngr.exe, 4292, , [1fa8f9a82f4c0a2c601dbae8d13013ed]

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [6166346da2d976c001275dff3ec49f61],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}, , [93345e431e5d79bda0fdce8e976b7c84],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, , [8641a6fb94e7e55138345f75847ed42c],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, , [4c7becb58cefa78fa6c77064a45e3ac6],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, , [2e9990110e6daa8cb7b7cc08ec16b947],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, , [23a4e6bb7308f6404c23c80ca55d28d8],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [25a228793d3ebf77d2b08b77bf45639d],
Adware.TryMedia, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Trymedia Systems, , [5671cdd4ea91092d36cd76ef33d049b7],
PUP.Optional.Spigot.A, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, , [07c00f92ed8e67cfd68df42d54b0fb05],

Registry Values: 0
(No malicious items detected)

Registry Data: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-671848400-2200805228-3528557114-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, [ Register or Signin to view external links. ] , Good: (www.google.com), Bad: ( [ Register or Signin to view external links. ]

Folders: 1
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC, , [e4e3f3ae97e45adc48f35e59ae546c94],

Files: 7
Trojan.Agent.VBS, C:\Windows\SysWOW64\taskmngr.exe, , [1fa8f9a82f4c0a2c601dbae8d13013ed],
PUP.Optional.Softonic.A, C:\Users\Tom\Downloads\SoftonicDownloader_for_morphvox-voice-changer.exe, , [8245fba6e19a1c1a9c9644e4b74a53ad],
Trojan.MSIL, C:\Users\Tom\Downloads\InstallIW4M.exe, , [ab1cb0f1116ac96d7099c48fca370ef2],
PUP.Optional.Verti, C:\Users\Tom\Downloads\MediaPlayerClassic.exe, , [a42301a01d5e85b1eafc197afe060af6],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx, , [e4e3f3ae97e45adc48f35e59ae546c94],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, , [e4e3f3ae97e45adc48f35e59ae546c94],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx, , [e4e3f3ae97e45adc48f35e59ae546c94],

Physical Sectors: 0
(No malicious items detected)


(end)


As it says, it detected a trojan.

Did you have it removed? You should be prompted to have the trojan removed.

You may also need to restart your computer afterwards.
Jump to:
You are viewing our Forum Archives. To view or take place in current topics click here.