I read previous posts on this. Still cannot figure it out.
I ran a scan and both instances won’t allow me to move to chest, delete, etc. etc.
Win 32-trojan and Win 32-Malware
Thanks
I read previous posts on this. Still cannot figure it out.
I ran a scan and both instances won’t allow me to move to chest, delete, etc. etc.
Win 32-trojan and Win 32-Malware
Thanks
What are the file names and locations ?
Access denied can be legitimate depending on the file name and location, there is also files being in use and as such access will be denied.
For the future and when we resolve this - Deletion isn’t really a good first option (you have none left), ‘first do no harm’ don’t delete, send virus to the chest and investigate.
What are the file names and locations ? :
C:\Windows\SysWOW64\ctfmondyt.exe
C:\Windows\SysWOW64\gz13101.dll
I think because of their being in the syswow64 folder they might well be protected, however the file names look a little suspect a google search finds very little, mainly this topic, which is highly suspect for files in the syswow64 folder.
This is the only other google hit aside from this topic, http://www.prevx.com/filenames/2580913654289487341-X1/CTFMONDYT.EXE.html, now I don’t know if prevx 3.0 is 64 bit compatible.
So the access denied may have more to do with it being malware than simply being in the syswow64 folder.
Unfortunately you have a 64bit OS and can’t use the avast boot-time scan as it isn’t available on 64bit OSes yet. So you could try booting into safe mode and running an avast scan from there. Having said that you need to confirm your OS as if it is a 32bit version then the syswow64 would be an invalid folder ?
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file). Again I don’t know if these are 64bit compatible…
Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
Also available a portable version of SAS, http://www.superantispyware.com/portablescanner.html, no installation required.
Thanks, DavidR. Have a good evening.