BleepingComputer.com: Malware Help Obfuscate Trojan and BDS Shiz

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Malware Help Obfuscate Trojan and BDS Shiz

#1 User is offline   madpuck 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 29-December 10

Posted 29 December 2010 - 05:02 PM

I am operating Windows XP Pro on a Compaq Evo computer. Avira came installed on this computer. This is my kids computer and after using it last weekend I realized that Google search results were being redirected to bogus websites.

This prompted me to install Malwarebytes Anti-Malware on Monday. Following installation my computer stalled during rebooting and then started to consistently reboot without opening Windows. There was a fatal system error c000021a and I finally was able to copy the necessary system32 files from the i386 folder from my windows cd. The computer then booted up into Windows however there were no shortcuts on my desktop, no taskbar and no start menu. I downloaded microTrend's housecall and ran it and it picked up nothing.


Next, I was able to start the Avira virus scan through task manager and it found a number of things which I have included the most recent below:

most recent scan --> contained a virus/malware or unwanted program 'BDS/Shiz.aqc.1' [backdoor]

During an earlier scan this afternoon --> contained a virus or unwanted program 'TR/Obfuscate.EK' [trojan]

During an earlier scan this afternoon -->contained a virus or unwanted program 'BDS/Spammy.LM' [backdoor]

This file was moved to quarantine within Avira. Earlier attempts to remove this file were unsuccessful by Avira and had said that it was attempting to perform action using ARK Library?

I have not rebooted by computer and am a little hesitant to do so at the moment. Any guidance would be greatly appreciated. Thanks

madpuck

This post has been edited by madpuck: 29 December 2010 - 05:53 PM

#2 User is offline   dmonyita 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 30-December 10

Posted 30 December 2010 - 09:14 AM

hello. please help me. i have the exact same problem. i hope that someone can help us solve our problem. thanks!

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users