Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is This A Backdoor Trojan? How To Remove. Gen.peed.emi.384a84a7


  • Please log in to reply
9 replies to this topic

#1 teachtom

teachtom

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 11 August 2007 - 04:16 PM

When I last ran My BitDefender Vol10 AV this could not be Disinfected or moved. Please tell me how to remove. I ran SAS, spybot, A-Squared Anti-Malware,and ATF Cleaner but showed to still be there. Thanks for your help. Here is what was on report Generic.Peed.Emi.384A84A7 Teachtom

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:09 AM

Posted 11 August 2007 - 05:27 PM

There were no results in Google for "Generic.Peed.Emi.384A84A7"
If you can locate the file that Bit Defender says is infected, submit it to Jotti. The link and instructions are below.
http://virusscan.jotti.org/

If you are unable to submit the file to Jotti, run and online virus scan using Kaspersky and let us know what malware if any it finds.
http://www.kaspersky.com/virusscanner

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:01:09 AM

Posted 11 August 2007 - 06:30 PM

Hi teachtom,

One of Agent.AF many aliases is Trojan.Peed.HXN (BitDefender).

The only Spyware removal tool that you haven't tried (that I know of) is Spyware Terminator.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#4 teachtom

teachtom
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 11 August 2007 - 10:47 PM

C:\Documents and Settings\Tom\Local Settings\Application Data\Identities\{DFF16927-88E6-4EAA-A097-460B7E65289B}\Microsoft\Outlook Express\Inbox.dbx=>(message 56) Infected: Generic.Peed.Eml.384A84A7
C:\Documents and Settings\Tom\Local Settings\Application Data\Identities\{DFF16927-88E6-4EAA-A097-460B7E65289B}\Microsoft\Outlook Express\Inbox.dbx=>(message 56) Disinfection failed
C:\Documents and Settings\Tom\Local Settings\Application Data\Identities\{DFF16927-88E6-4EAA-A097-460B7E65289B}\Microsoft\Outlook Express\Inbox.dbx=>(message 56) Move failed
Here is the virus report from my last scan. I also ran the Kaspersky, but it didn't catch it. Thanks

#5 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:01:09 AM

Posted 12 August 2007 - 12:44 AM

Jotti Virus Scan picked up this Trojan as well.

Did you run Spyware Terminator?

If so, please Post a HijackThis Log in the in the Hijack and Analysis Forum by following the directions in this link; Preparation Guide for use before posting a HijackThis Log .

Please do not post the log in this forum.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#6 teachtom

teachtom
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 12 August 2007 - 09:44 AM

Hi TMacK, I went into safe mode and ran SpyWare Terminator, then ran SAS. Both showed no problems found. I could not get BD AV to load in Safe mode, so I went into desktop and ran it. It showed the same problem as before. Generic.Peed.Emi.384A84A7. What should I do next? Thanks, Tom

#7 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:01:09 AM

Posted 12 August 2007 - 10:06 AM

Hi teachtom,

Follow the instructions in the thread from the BitDefender Forum.
Then run your BitDefender AV Scan.

Please report back the results.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#8 teachtom

teachtom
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 12 August 2007 - 08:33 PM

TMack Thanks for the help . I got my problem fixed at BD Forums. Many thanks. teachtom

#9 teachtom

teachtom
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 13 August 2007 - 07:05 AM

Please help. I still have this malware. I forgot to update my AV, then when I did and rescanned the gen.Peed was still there. I hope someone has new advice. Thank you.

teachtom

#10 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:01:09 AM

Posted 13 August 2007 - 11:00 AM

I think it's time for the Hijack Team to have a look at this.

Post a HijackThis Log in the in the Hijack and Analysis Forum by following the directions in this link; Preparation Guide for use before posting a HijackThis Log .

Please do not post the log in this forum and be patient for a reply as they are a very busy forum.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users