Page 3 of 3 FirstFirst 123
Results 21 to 29 of 29

Thread: BankerFox a &; Win32/nuqel Trojan

  1. #21
    Junior Member
    Join Date
    Jan 2011
    Posts
    28
    OK--I'll get back later. Thanks

  2. #22
    Junior Member
    Join Date
    Jan 2011
    Posts
    28
    ESET Results: 1 infected file
    C:\Program Files\OurBabyMaker_27EI\Installr\1.bin\27EIPlug.dl l a variant of Win32/Toolbar.MyWebSearch application

  3. #23
    Administrator GT500's Avatar
    Join Date
    May 2010
    Location
    Fortville, Indiana, USA
    Posts
    32
    My forums aren't allowing me to post instructions on using The Avenger to delete that file, which I am assuming is a bug in my web server (when I file bug reports it usually takes them 6-8 months for them to fix the issues, and they don't always completely fix them).

    The file is not a major issue. It is just MyWebSearch, which I did not see installed in the ComboFix log, so it's just an orphaned file sitting there most likely not being used. Since Malwarebytes' Anti-Malware will detect and remove MyWebSearch, it is not a big deal to leave the file, since if something tries to reinstall MyWebSearch it will just be removed the next time you scan with Malwarebytes' Anti-Malware.

    As for what exactly MyWebSearch is, it is just a toolbar that installs in your Internet browser (usually Internet Explorer or Firefox), and it resets your default search provider. It will also do basic tracking of what websites you visit, and send that information back to an online database for the purposes of targeted advertising. While it is not a major threat, there is a minor privacy concern. If you want, you can run the ESET online scan again, and allow it to delete detected infections.

    After that (if you decide to do it), please update Malwarebytes' Anti-Malware and run a Quick Scan. When it is done, and after you select to remove detected infections, it will present you with a log in Notepad. Before allowing it to restart your computer (assuming that it detects something), please copy and paste the contents of the log into a reply.
    For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...

  4. #24
    Junior Member
    Join Date
    Jan 2011
    Posts
    28
    It appears my Grandaughter has been on this site----I found it in my Program files. I'll let ESET try and deal with it before i delete it & let you know back. thanks

  5. #25
    Junior Member
    Join Date
    Jan 2011
    Posts
    28
    I deleated the file --ran Malwarebytes and nothing came back. If thata all, what do i do about removing anything you've had me instll.

  6. #26
    Administrator GT500's Avatar
    Join Date
    May 2010
    Location
    Fortville, Indiana, USA
    Posts
    32
    The ESET online scanner components can be removed from the Control Panel via Add/Remove Programs.

    For ComboFix, I'll quote the canned reply from GeeksToGo.com:

    Quote Originally Posted by Uninstalling ComboFix
    The following will implement some cleanup procedures as well as reset System Restore points:

    Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

    ComboFix /Uninstall
    This is essentially how to tell ComboFix to uninstall itself. It will also make some system changes, such as resetting System Restore points, resetting the Internet Explorer icon on your desktop, and I would believe turning off the display of hidden files and file extensions. Note that this will also delete all backups that ComboFix made before running, and it will also delete the files that ComboFix quarantined. Make certain that your computer is working the way it is supposed to before you run this uninstall command for ComboFix.

    Rkill can just be deleted, as it does not install anything. Note that Rkill is updated daily, as is ComboFix, so there is no need to keep around old versions of these tools.

    If there are any other tools that you used during this process, then you can delete them as well.

    Malwarebytes' Anti-Malware is free for you to keep and use if this is your home computer, so only uninstall it if you do not want to keep it. If you want to remove it, then I can provide a link to an automated uninstall utility, or you can simply uninstall it via Add/Remove Programs in the Control Panel.
    For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...

  7. #27
    Junior Member
    Join Date
    Jan 2011
    Posts
    28
    I think i'll hold on to Malwarebytes==Again thanks for all your assistance.

  8. #28
    Administrator GT500's Avatar
    Join Date
    May 2010
    Location
    Fortville, Indiana, USA
    Posts
    32
    You're quite welcome.

    You may also want to read the article at this link about preventing such things from happening again. The article isn't finished, but the software section is pretty much complete, and contains some very important information.
    For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...

  9. #29
    Junior Member
    Join Date
    Jan 2011
    Posts
    28
    I'll check it out---thanks again

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •