Got Trojan...

the other day while on a site.[only window opened at the time]

While I was on the site,an Avast window came up ,bottom right,said it was scanning a ‘suspicious’ file-then Quickly said everything was “OK”.

I closed the site i was on and scanned -first with Malwarebytes-which found a trojan !so i was able to rid of it.then…ran a full AVAST scan.

My questions…
First-is it best to stay clear of the site I was on when I go it?

or is it now safe to go back-since malwarbytes got rid of the trojan?

AND why didn’t AVAST block it like it has blocked ‘bugs’ in the past ?
i have since updated my AVAST [couple days ago] after someone here let me know how to chk and do that.

What was it that MBAM found ?

i deleted it -so i only know it was a trojan.

Normally its put to quarantine.

Open the interface and click the quarantine on top in the window.

The scan log is located under the log tab at top in MBAM

i deleted it from ‘quarantine’

OK.

Then do what Pondus said.

Save the log to your desktop and attach it here. :wink:

yeah.welll-i don’t know how to do that…

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.18.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702

11/18/2013 1:53:55 PM
mbam-log-2013-11-18 (13-53-55).txt

Scan type: Full scan (C:|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 273589
Time elapsed: 26 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\I386\COMRES.DL_ (Trojan.FakeMS) → Quarantined and deleted successfully.

(end)

anyway…

how safe is it to go back to the site where i picked up the bug?

how safe is it to go back to the site where i picked up the bug?
what is the URL ..... post it none clickable .... http as hxxp and www as wxw

wxw.hxxp://mycountryhome.yuku.com

while you’re at it would you ck :
wxw.hxxp://happytrails68468.yuku.com

nothing show up on the online scanners i tested With

hxxp://mycountryhome.yuku.com http://www.quttera.com/detailed_report/mycountryhome.yuku.com

hxxp://happytrails68468.yuku.com/ http://www.quttera.com/detailed_report/happytrails68468.yuku.com

Zulu not working here.

ahah! prob with country home .that’s where i picked it up.

thanks so much.

what’s ZULU?

Zulu ZScaler is an website analysing service.

http://zulu.zscaler.com/

oh.thanks.maybe wasn’t working b/c those boards are ‘private’.
thanks again!

You can just enter a URL and click scan.

But for some odd reason it wasnt working.

oh i see.ok.thanks!

I get a 301 Moved Permanently - no avast alerts!
Here are the zulu scan results: http://zulu.zscaler.com/submission/show/9d28b91b1686c2b44431a0f9e7743fbf-1385246919

Here Sucuri’s scan results: http://sitecheck.sucuri.net/results/happytrails68468.yuku.com/

Think the malware has been closed now: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=209.132.196.%

pol

not following this~“a 301 Moved Permanently - no avast alerts!”
but thanks again for all your help!!:slight_smile: