Spyware, Viruses, & Security forum

General discussion

Virus 5a3psl02.exe PLEASE HELP

by dajizobizo / January 15, 2009 2:27 PM PST

This is a virus that i can not find anything on. i know it is because when i pops up it brings my comp to the desktop window and 75% of the time throws a W.E. pop-up. When i bring up the task manager and end the process tree it stop all pop-up incoperated with 5apsl02.exe. Can anyone help me find a removal tool or a program to get rid of it. I google it and find nothing. Plz help

Discussion is locked
You are posting a reply to: Virus 5a3psl02.exe PLEASE HELP
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Virus 5a3psl02.exe PLEASE HELP
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
You could give the following a try......
by Marianna Schmudlach / January 15, 2009 2:39 PM PST

Please download Malwarebytes Anti-Malwareand save it to your desktop.
alternate download link 1
alternate download link 2

* Make sure you are connected to the Internet.
* Double-click on mbam-setup.exe to install the application.
* When the installation begins, follow the prompts and do not make any changes to default settings.
* When installation has finished, make sure you leave both of these checked:
o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware
* Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

* If an update is found, the program will automatically update itself.
* Press the OK button to close that box and continue.
* If you encounter any problems while downloading the updates,
manually download them from here
and just double-click on mbam-rules.exe to install.
Alternatively, you can update through MBAM's interface from a clean computer,
copy the definitions (rules.ref) located in
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes'
Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.

On the Scanner tab:

* Make sure the "Perform Quick Scan" option is selected.
* Then click on the Scan button.
* If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
* The scan will begin and "Scan in progress" will show at the top.
It may take some time to complete so please be patient.
* When the scan is finished, a message box will say "The scan completed successfully.
Click 'Show Results' to display all objects found".
* Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

* Click on the Show Results button to see a list of any malware that was found.
* Make sure that everything is checked, and click Remove Selected.
* When removal is completed, a log report will open in Notepad.
* The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
* Copy and paste the contents of that report in your next reply and exit MBAM.

Note:-- If MBAM encounters a file that is difficult to remove,
you may be asked to reboot your computer so it can proceed with the disinfection process.
Regardless if prompted to restart the computer or not, please do so immediately.
Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


Download and scan with SUPERAntiSpyware Free for Home Users

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):

Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.

* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".


F-SECURE -- Vista 32-bit, XP Home Edition and Professional 32-bit, 2000 SP 4, Internet Explorer 7.0 & 6.0

Scans for malware and rootkits.

Please perform a scan with F-secure online scanner

1. Scroll to the bottom of the page and click on "Start Scanning"
You may receive an alert on the address bar at this point to install the ActiveX control, please do so.
2. After installed, click on Accept on the license agreement.
3. Click "Full System Scan" to download the scanning components and begin scan and cleaning.
4. When the scan completes, click the "I want to decide item by item" button.
5. For each item found, Select "Disinfect" and click "Next".

Pls. let us know how you are doing.

Collapse -
TYVM
by dajizobizo / January 15, 2009 5:14 PM PST

Alright i think it found the problem. im going to use the other programs suggested just to make sure.
Thank you very much!

Jizobizo

Malwarebytes' Anti-Malware 1.33
Database version: 1656
Windows 5.1.2600 Service Pack 3

1/16/2009 4:09:36 AM
mbam-log-2009-01-16 (04-09-31).txt

Scan type: Full Scan (C:\|D:\|E:\|G:\|I:\|)
Objects scanned: 133241
Time elapsed: 23 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 21

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Application Data\Solt Lake Software (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009 (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\BASE (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\DELETED (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\SAVED (Rogue.ProAntispyware2009) -> No action taken.

Files Infected:
C:\WINDOWS\system32\5a3pSl02.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\20090104192215421.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081209065915531.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081209071038328.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081209072811406.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081209082124656.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081209153535265.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081209153725953.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081209155015500.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081210090934125.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081210091728984.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081210094258875.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081210114842859.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081211165222796.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081211201542421.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081211222240906.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081211224801265.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081211232821000.log (Rogue.ProAntispyware2009) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20090102074128375.log (Rogue.ProAntispyware2009) -> No action taken.
C:\WINDOWS\system32\5a3pSl02.exe.a_a (Trojan.Agent) -> No action taken.

Collapse -
You have to let MalwareBytesAntiMalware DELETE the........
by Marianna Schmudlach / January 15, 2009 11:53 PM PST
In reply to: TYVM

findings.

Back at the main Scanner screen:

* Click on the Show Results button to see a list of any malware that was found.
* Make sure that everything is checked, and click Remove Selected.

Collapse -
re
by dajizobizo / January 16, 2009 3:31 AM PST

I did i just saved the log before i hit the remove button. it has been about 12 hrs and i have not seen the proplem again so MBAM is great Thank you again for the help.

Collapse -
(NT) Super ! Great Job ! You Are Very Welcome ;)
by Marianna Schmudlach / January 16, 2009 4:03 AM PST
In reply to: re
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

We are giving away 'Black Panther' swag!

Four lucky readers will be taking home *Marvel*ous "Black Panther" prizes, including magazines autographed by the King of Wakanda himself! Giveaway ends Feb. 25, 2018.