Trojan Horse tmprbf07a.exe

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

It appears my HPcompaq nx9005 notebook is infected with a trojan horse virus
(tmprbf07a.exe). I am running WindowsXP home SP2 with Norton Anti-virus
software and an up to date subscription. This virus is not detected by the
virus protection software until I open a browser on the internet. It normally
takes a couple of minutes for the warning to appear, however the message
states "repair failed - access denied". I have followed the recommended
symantec procedure for disposing of this virus but without success. Does
anyone have any suggestions?
6 answers Last reply
More about trojan horse tmprbf07a
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Please consult the experts in the virus removal newsgroup:
    news://msnews.microsoft.com/microsoft.public.security.virus

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User
    Microsoft Newsgroups

    Get Windows XP Service Pack 2 with Advanced Security Technologies:
    http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

    -------------------------------------------------------------------------------------------

    "wizardofeden" wrote:

    | It appears my HPcompaq nx9005 notebook is infected with a trojan horse virus
    | (tmprbf07a.exe). I am running WindowsXP home SP2 with Norton Anti-virus
    | software and an up to date subscription. This virus is not detected by the
    | virus protection software until I open a browser on the internet. It normally
    | takes a couple of minutes for the warning to appear, however the message
    | states "repair failed - access denied". I have followed the recommended
    | symantec procedure for disposing of this virus but without success. Does
    | anyone have any suggestions?
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    From: "wizardofeden" <wizardofeden@discussions.microsoft.com>

    | It appears my HPcompaq nx9005 notebook is infected with a trojan horse virus
    | (tmprbf07a.exe). I am running WindowsXP home SP2 with Norton Anti-virus
    | software and an up to date subscription. This virus is not detected by the
    | virus protection software until I open a browser on the internet. It normally
    | takes a couple of minutes for the warning to appear, however the message
    | states "repair failed - access denied". I have followed the recommended
    | symantec procedure for disposing of this virus but without success. Does
    | anyone have any suggestions?

    There are anti virus News Groups specifically for this type of discussion.

    microsoft.public.scripting.virus.discussion
    microsoft.public.security.virus
    alt.comp.virus
    alt.comp.anti-virus

    Dump the contents of the IE Temporary Internet Folder cache (TIF)

    start --> settings --> control panel --> internet options --> delete files

    1) Download the following three items...

    Trend Sysclean Package
    http://www.trendmicro.com/download/dcs.asp

    Latest Trend Pattern File.
    http://www.trendmicro.com/download/pattern.asp

    Ad-aware SE (free personal version v1.05)
    http://www.lavasoftusa.com/

    Create a directory.
    On drive "C:\"
    (e.g., "c:\New Folder")
    or the desktop
    (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

    Download Sysclean.com and place it in that directory.
    Download the Trend Pattern File by obtaining the ZIP file.
    For example; lpt520.zip

    Extract the contents of the ZIP file and place the contents in the same directory as
    sysclean.com.

    2) Update Ad-aware with the latest definitions.
    3) Disable System Restore
    http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    4) Reboot your PC into Safe Mode and shutdown as many applications as possible
    5) Using both the Trend Sysclean utility and Ad-aware, perform a Full Scan of your
    platform and clean/delete any infectors/parasites found.
    (a few cycles may be needed)
    6) Restart your PC and perform a "final" Full Scan of your platform using both the
    Trend Sysclean utility and Adaware
    7) Re-enable System Restore and re-apply any System Restore preferences,
    (e.g. HD space to use suggested 400 ~ 600MB),
    8) Reboot your PC.
    9) Create a new Restore point

    * Please report your results ! *


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "wizardofeden" wrote:
    > It appears my HPcompaq nx9005 notebook is infected with a
    > trojan horse virus
    > (tmprbf07a.exe). I am running WindowsXP home SP2 with Norton
    > Anti-virus
    > software and an up to date subscription. This virus is not
    > detected by the
    > virus protection software until I open a browser on the
    > internet. It normally
    > takes a couple of minutes for the warning to appear, however
    > the message
    > states "repair failed - access denied". I have followed the
    > recommended
    > symantec procedure for disposing of this virus but without
    > success. Does
    > anyone have any suggestions?

    i have checked numerous virus sites and tmprbf07a.exe doesn’t
    appear anywhere. Have you any more info i can work on.

    --
    Posted using the http://www.windowsforumz.com interface, at author's request
    Articles individually checked for conformance to usenet standards
    Topic URL: http://www.windowsforumz.com/Security-Admin-Trojan-Horse-tmprbf07a.exe-ftopict350458.html
    Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1104928
  4. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    From: "marko1" <UseLinkToEmail@WindowsForumz.com>


    |
    | i have checked numerous virus sites and tmprbf07a.exe doesn’t
    | appear anywhere. Have you any more info i can work on.
    |
    | --
    | Posted using the http://www.windowsforumz.com interface, at author's request
    | Articles individually checked for conformance to usenet standards
    | Topic URL:
    http://www.windowsforumz.com/Security-Admin-Trojan-Horse-tmprbf07a.exe-ftopict350458.html
    | Visit Topic URL to contact author (reg. req'd). Report abuse:
    http://www.windowsforumz.com/eform.php?p=1104928

    That's because *any* infector can be named *anything* !

    To really get an idea what the infector is, it should be submitted to Virus Total --
    http://www.virustotal.com/flash/index_en.html
    The submission will then be tested against 16 different AV vendor's scanners.

    Another way to submit is to send the suspect file to the following email address
    scan<at>virustotal.com
    { replace <at> with @ } with only the word SCAN as the subject.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
  5. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Excellent this worked.
    Followed your advice to the letter and the Trend sysclean package found the
    virus and reported the following;
    First Scan
    C:\windows\gcasServ.exe found virus [Troj_Dloader.bn]
    1st action move failed
    2nd action delete deleted
    Second Scan
    Again found the infected file but this time cured the file.

    No problems since.

    Thank-you for your help.

    Regards
    Gordon Brett

    "David H. Lipman" wrote:

    > From: "wizardofeden" <wizardofeden@discussions.microsoft.com>
    >
    > | It appears my HPcompaq nx9005 notebook is infected with a trojan horse virus
    > | (tmprbf07a.exe). I am running WindowsXP home SP2 with Norton Anti-virus
    > | software and an up to date subscription. This virus is not detected by the
    > | virus protection software until I open a browser on the internet. It normally
    > | takes a couple of minutes for the warning to appear, however the message
    > | states "repair failed - access denied". I have followed the recommended
    > | symantec procedure for disposing of this virus but without success. Does
    > | anyone have any suggestions?
    >
    > There are anti virus News Groups specifically for this type of discussion.
    >
    > microsoft.public.scripting.virus.discussion
    > microsoft.public.security.virus
    > alt.comp.virus
    > alt.comp.anti-virus
    >
    > Dump the contents of the IE Temporary Internet Folder cache (TIF)
    >
    > start --> settings --> control panel --> internet options --> delete files
    >
    > 1) Download the following three items...
    >
    > Trend Sysclean Package
    > http://www.trendmicro.com/download/dcs.asp
    >
    > Latest Trend Pattern File.
    > http://www.trendmicro.com/download/pattern.asp
    >
    > Ad-aware SE (free personal version v1.05)
    > http://www.lavasoftusa.com/
    >
    > Create a directory.
    > On drive "C:\"
    > (e.g., "c:\New Folder")
    > or the desktop
    > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
    >
    > Download Sysclean.com and place it in that directory.
    > Download the Trend Pattern File by obtaining the ZIP file.
    > For example; lpt520.zip
    >
    > Extract the contents of the ZIP file and place the contents in the same directory as
    > sysclean.com.
    >
    > 2) Update Ad-aware with the latest definitions.
    > 3) Disable System Restore
    > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    > 4) Reboot your PC into Safe Mode and shutdown as many applications as possible
    > 5) Using both the Trend Sysclean utility and Ad-aware, perform a Full Scan of your
    > platform and clean/delete any infectors/parasites found.
    > (a few cycles may be needed)
    > 6) Restart your PC and perform a "final" Full Scan of your platform using both the
    > Trend Sysclean utility and Adaware
    > 7) Re-enable System Restore and re-apply any System Restore preferences,
    > (e.g. HD space to use suggested 400 ~ 600MB),
    > 8) Reboot your PC.
    > 9) Create a new Restore point
    >
    > * Please report your results ! *
    >
    >
    > --
    > Dave
    > http://www.claymania.com/removal-trojan-adware.html
    > http://www.ik-cs.com/got-a-virus.htm
    >
    >
    >
  6. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    From: "wizardofeden" <wizardofeden@discussions.microsoft.com>

    | Excellent this worked.
    | Followed your advice to the letter and the Trend sysclean package found the
    | virus and reported the following;
    | First Scan
    | C:\windows\gcasServ.exe found virus [Troj_Dloader.bn]
    | 1st action move failed
    | 2nd action delete deleted
    | Second Scan
    | Again found the infected file but this time cured the file.
    |
    | No problems since.
    |
    | Thank-you for your help.
    |
    | Regards
    | Gordon Brett

    You're welcome !

    Thanx for updating the thread.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
Ask a new question

Read More

Virus Trojan Windows XP