|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
08-08-2007, 09:02 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2006
Posts: 14
OS: XP
|
PSW.Banker3.SXK Trojan Horse
Hi Tech Support Forum,
My AVG Software was performing it's daily scan and found the trojan horse PSW.Banker3.SXK. It immediately went in the Virus Vault, and thus far I've experienced no noticeable performance decrease or HiJacking of browsers. I deleted the files from the virus vault. Still, I'd like to make sure my system is clean. Note, although I believe I update Windows as recently as a month ago, I am prevented from using the update site now... Here are my Panda and HiJack this logs.... Deckard's System Scanner v20070807.62 Run by Paul Hancock on 2007-08-08 at 21:35:58 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 36: 2007-08-09 02:36:00 UTC - RP267 - Deckard's System Scanner Restore Point 35: 2007-08-09 01:58:57 UTC - RP266 - System Checkpoint 34: 2007-08-08 01:23:35 UTC - RP265 - System Checkpoint 33: 2007-08-07 01:08:40 UTC - RP264 - System Checkpoint 32: 2007-08-05 16:29:36 UTC - RP263 - System Checkpoint -- First Restore Point -- 1: 2007-06-28 12:07:56 UTC - RP232 - System Checkpoint Backed up registry hives. Performed disk cleanup. System Drive C: has 10.22 GiB (less than 15%) free. -- HijackThis (run as Paul Hancock.exe) ---------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:37:17 PM, on 8/8/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Digidesign\Drivers\MMERefresh.exe C:\Program Files\MagicTune Premium\MagicTuneEngine.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Logi_MwX.Exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Paul Hancock\Local Settings\Temporary Internet Files\Content.IE5\GLJF2BZ3\dss[1].exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Paul Hancock.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/mail?.intl=us R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\PPE.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.2.100.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1162953281468 O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5178 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 DigiFilter - c:\windows\system32\drivers\digifilt.sys <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro ToolsŪ> R0 TPkd - c:\windows\system32\drivers\tpkd.sys <Not Verified; PACE Anti-Piracy, Inc.; InterLok(R)> R1 NCPro - c:\windows\system32\drivers\mtictwl.sys <Not Verified; Samsung Electronics, Inc.; MagicTunePremium> R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI> R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi> R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete> R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> S3 dalwdmservice (dal service) - c:\windows\system32\drivers\dalwdm.sys <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro ToolsŪ> S3 MagicTune - c:\windows\system32\drivers\mtictwl.sys <Not Verified; Samsung Electronics, Inc.; MagicTunePremium> S3 MBX2DFU - c:\windows\system32\drivers\mbx2dfu.sys <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Digidesign Mbox 2> S3 W8100PCI (D-Link AirPlus G Wireless Driver) - c:\windows\system32\drivers\mrv8k51.sys <Not Verified; Marvell Semiconductor, Inc; Device driver for Marvell 802.11 NIC> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 DigiRefresh (Digidesign MME Refresh Service) - c:\program files\digidesign\drivers\mmerefresh.exe -s <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Digidesign MME Binder> R2 MagicTuneEngine - c:\program files\magictune premium\magictuneengine.exe S3 digiSPTIService - "c:\program files\digidesign\pro tools\digisptiservice.exe" <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools CD Ripping Service> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: D-Link AirPlus G DWL-G510 Wireless PCI Card Device ID: PCI\VEN_11AB&DEV_1FA6&SUBSYS_3B091186&REV_07\3&267A616A&0&70 Manufacturer: D-Link Name: D-Link AirPlus G DWL-G510 Wireless PCI Card PNP Device ID: PCI\VEN_11AB&DEV_1FA6&SUBSYS_3B091186&REV_07\3&267A616A&0&70 Service: W8100PCI -- Files created between 2007-07-08 and 2007-08-08 ----------------------------- 2007-08-08 21:37:09 0 d-------- C:\Program Files\Trend Micro 2007-08-08 20:15:48 0 d-------- C:\WINDOWS\system32\ActiveScan 2007-08-03 19:21:17 0 d-------- C:\Documents and Settings\Paul Hancock\Application Data\U3 2007-07-29 23:55:42 0 dr-h----- C:\$VAULT$.AVG 2007-07-23 19:00:53 0 d-------- C:\Program Files\Microsoft ActiveSync 2007-07-23 18:59:19 0 d-------- C:\WINDOWS\SHELLNEW 2007-07-23 18:59:07 0 d-------- C:\Program Files\Microsoft.NET 2007-07-21 08:23:25 0 d-------- C:\Documents and Settings\Paul Hancock\Application Data\IGN_DLM 2007-07-21 08:23:22 0 d-------- C:\Program Files\IGN 2007-07-21 07:55:44 0 d-------- C:\Documents and Settings\LocalService\Application Data\Macromedia 2007-07-21 07:55:25 0 dr------- C:\Documents and Settings\LocalService\Favorites 2007-07-15 17:21:15 0 d-------- C:\Program Files\MagicTune Premium 2007-07-15 17:20:42 12544 --a------ C:\WINDOWS\system32\drivers\MTiCtwl.sys <Not Verified; Samsung Electronics, Inc.; MagicTunePremium> 2007-07-15 17:20:36 0 d-------- C:\Program Files\SEC -- Find3M Report --------------------------------------------------------------- 2007-08-08 21:28:39 384 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000C-00001102-00000004-20021102}.dat 2007-08-08 21:28:39 384 --a------ C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000C-00001102-00000004-20021102}.dat 2007-08-08 20:04:33 0 d-------- C:\Documents and Settings\Paul Hancock\Application Data\Azureus 2007-08-08 19:30:44 0 d-------- C:\Documents and Settings\Paul Hancock\Application Data\AVG7 2007-08-05 19:29:47 8 --a------ C:\WINDOWS\system32\nvModes.dat 2007-08-05 17:46:43 0 d-------- C:\Documents and Settings\Paul Hancock\Application Data\Digidesign 2007-08-05 16:40:31 32 --a------ C:\WINDOWS\system32\msvcsv60.dll 2007-08-05 16:40:31 32 --a------ C:\WINDOWS\msocreg32.dat 2007-08-02 17:44:03 0 d-------- C:\Documents and Settings\Paul Hancock\Application Data\Vso 2007-07-28 22:14:42 0 d-------- C:\Program Files\Azureus 2007-07-23 19:00:05 0 d-------- C:\Program Files\Common Files 2007-07-22 00:28:08 0 d-------- C:\Program Files\DivX 2007-07-15 17:21:14 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-06-26 21:05:46 0 d-------- C:\Program Files\Common Files\Adobe 2007-06-05 18:18:40 95 --a------ C:\AUTOEXEC.BAT 2007-05-22 18:03:31 7988 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 01:22 PM] "nwiz"="nwiz.exe" [10/22/2006 01:22 PM C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [10/22/2006 01:22 PM C:\WINDOWS\system32\nvmctray.dll] "CTHelper"="CTHELPER.EXE" [10/06/2003 01:57 AM C:\WINDOWS\system32\CTHELPER.EXE] "SBDrvDet"="C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" [12/03/2002 07:06 PM] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 02:00 AM] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 12:50 PM] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [03/10/2004 05:26 PM] "Ptipbmf"="ptipbmf.dll" [06/20/2003 02:06 AM C:\WINDOWS\system32\ptipbmf.dll] "PCLEPCI"="C:\PROGRA~1\Pinnacle\PPE\PPE.EXE" [02/03/2004 04:13 PM] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [05/10/2007 06:09 PM] "DigidesignMMERefresh"="C:\Program Files\Digidesign\Drivers\MMERefresh.exe" [10/26/2005 01:21 AM] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/01/2006 04:57 PM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM] "Logitech Utility"="Logi_MwX.Exe" [11/07/2003 04:50 AM C:\WINDOWS\LOGI_MWX.EXE] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:00 AM] "igndlm.exe"="C:\Program Files\IGN\Download Manager\DLM.exe" [03/05/2007 01:57 PM] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] AutoRun\command- E:\LaunchU3.exe -a -- End of Deckard's System Scanner: finished at 2007-08-08 at 21:38:51 --------- Panda ActiveScan Incident Status Location Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Paul Hancock\Application Data\Mozilla\Firefox\Profiles\zssrvbu0.default\cookies.txt[.com.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Paul Hancock\Application Data\Mozilla\Firefox\Profiles\zssrvbu0.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@ad.yieldmanager[1].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@adrevolver[2].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@ads.pointroll[2].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@advertising[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@atdmt[2].txt Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@burstnet[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@doubleclick[1].txt Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@fastclick[1].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@media.adrevolver[1].txt Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@mediaplex[1].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@questionmarket[1].txt Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@realmedia[1].txt Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@target[1].txt Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@tribalfusion[2].txt Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Paul Hancock\Cookies\paul_hancock@www.burstbeacon[1].txt |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
08-10-2007, 08:54 PM
|
#3 (permalink) |
|
Registered User
Join Date: Jun 2006
Posts: 14
OS: XP
|
Re: PSW.Banker3.SXK Trojan Horse
The aaw2007.exe (Adaware) was mistakenly being caught by AVG. The most recent AVG update remdied this....
http://www.lavasoftsupport.com/index...20&#entry52029 Still not sure about the Agent.EYS and PSW.Banker3... |
|
|
|
|
08-12-2007, 10:35 PM
|
#5 (permalink) | |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 26,798
OS: WinXP and Vista
|
Re: PSW.Banker3.SXK Trojan Horse
Hello hanoihancock,
I'm not seeing anything in these logs. Quote:
Clear your Internet Explorer7 cookies. * Click on the Start button, then >Control Panel>Internet Options>General tab * Under Browsing History, click on Delete. * In the Delete Browsing History box that opens, click on Delete cookies -------------------------------------------------------------------- Also please run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course: Establish an internet connection & Perform an online scan with Internet Explorer at Kaspersky Online Scanner Answer Yes, when prompted to install an ActiveX component.
**Note for Internet Explorer 7 users** If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%. |
|
|
|
|
|
08-13-2007, 04:12 PM
|
#6 (permalink) |
|
Registered User
Join Date: Jun 2006
Posts: 14
OS: XP
|
Re: PSW.Banker3.SXK Trojan Horse
Ried,
The original infections were in the Program Files folder. I immediately zapped the directories in question. The Programs were ConvertXtoDVD and WINRAR. I'm starting to think AVG saved me right off the bat. It's just weird that the Windows Update site started malfunctioning at the same time. I'm going to devote some more time to troubleshooting the Windows Update issue asif it were not related to th ePSW.Banker3 trojan... The Kaspersky scan turned up clean. I'm attaching the log. Lemme know what you think. Hanoihancock |
|
|
|
|
08-13-2007, 08:12 PM
|
#7 (permalink) |
|
Registered User
Join Date: Jun 2006
Posts: 14
OS: XP
|
Re: PSW.Banker3.SXK Trojan Horse
Ried,
When attempting to get windows updates through the MicrosoftUpdate site, I was not prompted to trust ActiveX controls and received Error #0x80428008 for which there was little support on the Windows site. http://www.update.microsoft.com/micr....aspx?ln=en-us However, I WAS prompted to trust ActiveX controls and WAS able to get Windows updates from the WindowsUpdateCatalog site! http://v4.windowsupdate.microsoft.co...llowv4cat=true Since updating through the second link, I've been able to update through the first link. I'll post this jury rig on a more appropriate forum. Thanks for your patience! Hanoihancock |
|
|
|
|
08-14-2007, 07:58 AM
|
#8 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 26,798
OS: WinXP and Vista
|
Re: PSW.Banker3.SXK Trojan Horse
You're welcome--and yes, you'd be better served by the Windows XP folks regarding that oddity with Windows Updates.
|
|
|
|
| Thread Tools | |
|
|
