VBS: Banker EA

Viruses and worms
1

I have a virus that I detected through a full scan and then once it was over It told me to do a boot scan. And once it was done i did both another full scan and a scan of the folder in which it is located. The name of the location is:

C:\Windows\System32\config\SOFTWARE.LOG1

I also checked the folder to see what was in there an it showed

C:\Windows\System32\config\SOFTWARE.LOG2

However, it does not show LOG.1

Additionally, i tried moving it to chest and it was not able to do so as it is supposedly being used at the moment.

2

https://forum.avast.com/index.php?topic=53253.0

3

Ok here they are

4

Could you let me know if this cures it :slight_smile:

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: 2016-02-04 16:28 - 2015-11-29 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2016-02-01 15:13 - 2015-11-29 20:23 - 00000000 ____D C:\Users\Angel Garcia\AppData\Roaming\Comodo 2016-02-01 15:13 - 2015-11-29 20:23 - 00000000 ____D C:\Users\Angel Garcia\AppData\Local\Comodo Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.

5

I did a full scan and a scan of the folder so far nothing.

6

Spoke to soon now it is detecting

C:\Windows\System32\config\SOFTWARE.LOG2

7

Does this only get detected on a full scan ?