8 replies to this topic

[TheFiresInTheSky]

it was located in windows>system32>usb496.dat\[UPX]

[Andavari]

See what Jotti online malware scan, and VirusTotal report.

[TheFiresInTheSky]

wanna finish your sentence there andavari? LOL
all the searches ive done, come up in spanish. trojano is also spanish.

[AndyManchesta]

Hi Aaron

Please follow Andavari's advise and have the file scanned at VirusTotal or Jotti's which he has provided links for in his post, this file maybe related to Trojan Delf or could be a keylogger file so its best you get it scanned to be sure. You can also run Hijack This and post it on the HJT Forum if you want the log checking for problems. This file will possibly have this startup entry showing in the log.

O4 - HKLM \ run: [Advanced Message server] rundll32.exe usb496.dat, Execute

[TheFiresInTheSky]

i already deletedd it using avast. i just was wondoring where it came from and what it did.

[AndyManchesta]

Hi Aaron

Its impossible to say what it is or where it came from unless you remember downloading it, Trojano - 1503 doesnt mean anything except for being the name Avast have give to the file, there isnt an infection called Trojano - 1503 so having the file scanned could of revealed if it was a keylogging file or a component of Trojan Delf. Its good its not on your system now but you may want to run one or two online scanners to be sure there isnt more problems on your PC.

[krit86lr]

neighberaaron, on Jun 11 2006, 03:42 PM, said:

i already deletedd it using avast.

I used to always delete things right away too. Then Andy would/will ask me to send stuff to him, or upload files and they are gone already. So now I try to remember not to delete anything until I am told to do so. lol

[Andavari]

krit86lr, on Jun 11 2006, 04:27 PM, said:

So now I try to remember not to delete anything until I am told to do so.

The problem is there's a ton of malware floating about, however the only detections I've ever had on my two systems from 1998 to current were only false positives. I guess I'm super careful or very lucky, but then again I've always used more than one antivirus scanner and if anything is detected I scan it with a multitude of av scanners just to be sure.

[krit86lr]

Andavari, on Jun 11 2006, 07:47 PM, said:

The problem is there's a ton of malware floating about, however the only detections I've ever had on my two systems from 1998 to current were only false positives. I guess I'm super careful or very lucky, but then again I've always used more than one antivirus scanner and if anything is detected I scan it with a multitude of av scanners just to be sure.

Yeah, I had a notepad.exe file detected by Trend Micro and I deleted before uploading it. It would have been better if I had waited and checked it out more thoroughly first. This wasn't on my pc btw.

And I think that you are just very careful which makes you lucky. I have been lucky by following your advice. My machine hasn't been infected yet. *knock on wood*

ty btw