I’m not finding very useful or specific information regarding this trojan when I search. It popped up last night during a full scan, on a secondary drive that used to be my main OS drive, but is now a storage drive. The infection was found on F:\pagefile.sys. In Avast, I optioned to Fix Automatically and it was subsequently deleted per the results. I’m currently running a second scan to see if it pops up again.

Can anyone provide more knowledge on this trojan? The questions I have are: is it active if it’s on my storage drive? If it infected a system file like pagefile.sys, will deleting it result in complete removal? What does this trojan do specifically? How concerned should I be?

Thanks for reading.

http://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/troj_broban.a

http://blog.trendmicro.com/trendlabs-security-intelligence/multiplatform-boleto-fraud-hits-users-in-brazil/

https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Broban

follow instructions here https://forum.avast.com/index.php?topic=53253.0
we need Malwarebytes and Farbar Recovery Scan Tool logs, attach the logs, 3 logs total

see below the box you write in … Attachments and other options

When done a expert will check logs and assist you

I did see those links, but the explanations are very short and don’t offer much into what this trojan does – thanks for taking the time to look it up though.

Here are the logs you requested. I also added a GMER log from a rootkit scan I did yesterday.

I did see those links, but the explanations are very short and don't offer much into what this trojan does --

Addition.txt is missing.

Addition.txt

Pagefile.sys is a repository that is not really needed on a slave drive so can be removed

No indication of malware on the active system

OK, I had Avast delete it when it found it anyways. I haven’t seen it pop back up on a secondary scan.

Thanks for the look-over.

When malware is an “info stealer” what kind of info does it steal? Seems like a broad term.

When malware is an "info stealer" what kind of info does it steal? Seems like a broad term.

http://blog.trendmicro.com/trendlabs-security-intelligence/multiplatform-boleto-fraud-hits-users-in-brazil/

The [b]BROBAN[/b] malware family is frequently used in boleto fraud. These arrive via spammed emails, which typically contain fake messages alleging that the user has “debts” to the government that must be paid.

click the Technical information tab
https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Broban

Collects your sensitive information

This threat can collect your sensitive information without your consent. This can include:

The keys you press
The applications you open
Your web browsing history
Your credit card information
Your user names and passwords
It can also imitate a legitimate website to lure you into revealing your sensitive information.