Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Solved: PWSteal.Banker.B in C:\windows\system32\ntfs32.dll

1K views 1 reply 1 participant last post by  StumpedTechy 
#1 ·
Ugh someone help with this bugger. I have the PC really clean and this is the last reminent that needs to be taken out.

Upon bootup or opening any file that access the internet I.E. Ad-Aware for internet update, I.E. for web browsing, or anything. I get a NAV popup for PWSteal.Banker.B it shows the file as C:\windows\system32\ntfs32.dll and it can't clean or delete the file. I have gone in as admin, I have done safe mode. Nothing seems to let me get rid of the bugger. I did a search on ntfs32.dll and didn't come back with much. I looked up on Syantecs website about PWSteal.Banker.B but the registry items it says it creates are not in my registry and the symptoms do not look the same.

Please help!
 
#2 ·
N/M I solved it myself. I had ran about 4 different scanners but had not ran HijackThis. Upon running it there were over 200 entries that were C:\windows and 3 letters and C:\windows\system\ and three letters. Once I got rid of all of those and rebooted then NAV was able to remove and quarantine the original problem file itself.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top