Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Videoegg Publisher


  • Please log in to reply
8 replies to this topic

#1 dizzydee

dizzydee

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:03:48 PM

Posted 27 January 2008 - 04:14 PM

First off all sorry if this is in the wrong place, but i keep getting viruses from this videoegg publisher, plus trojans, i dont know how it got there or what it is, ive googled it but still am not sure about it, can anyone tell me what it is, and if its safe to delete it from my add or remove programmes, many thanks, Dee

BC AdBot (Login to Remove)

 


m

#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,723 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:48 PM

Posted 27 January 2008 - 04:42 PM

Hello dizzydee,

From what I see, VideoEgg can be used to publish videos or movies from your computer and other hardware devices to the internet. However, many sites discuss VideoEgg in connection with marketing and advertising and that VideoEgg is a plug-in to a website.

I found the above information primarily from two sites:
http://www.videoegg.com/
http://videoontheweb.wordpress.com/2006/03...at-is-videoegg/

If you didn't deliberately download VideoEgg, it is possible that it was installed off a website somehow.

I have a few questions to start:

What is alerting you to the trojans?

What are the names of the trojans?

What is your operating system? Windows XP Home, Windows XP Pro, Vista etc.

What security programs do you have installed?

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 dizzydee

dizzydee
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:03:48 PM

Posted 27 January 2008 - 04:52 PM

Thankyou for replying orangeblossom, I have windows xp sp2, mcafee internet security suit 2008, spywareblaster,superantispyware free, and A-squared free. I did not down load this videoegg publisher, but have been getting alot of tracking cookies from them, plus when im on msn when i sign out, it sends messages to who i have been talking to, but ive never sent them, i decided to do a online scan to see if they could pick anything up, i used bitdefender here is what it found.Scanned File
Status

C:\Documents and Settings\DIZZY\Application Data\VideoEgg\Updater\updater.exe
Infected with: Trojan.Generic.25658

C:\Documents and Settings\DIZZY\Application Data\VideoEgg\Updater\updater.exe
Deleted

C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP25\A0003084.exe
Detected with: Adware.Generic.1891

C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP25\A0003084.exe
Deleted

C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP27\A0003342.exe
Infected with: Backdoor.Agent.AAC

C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP27\A0003342.exe
Deleted

C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP29\A0003906.exe
Infected with: Trojan.Generic.25658

C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP29\A0003906.exe
Deleted





many thanks for your help. Dee

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,268 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:48 PM

Posted 27 January 2008 - 09:23 PM

Hello dizzydee. it looks as if these malwares are hiding in the System Restore files. The other issue I see is a Backdoor agent.
We can try to remove these in two ways I believe. But the Backdoor is one of the three most dangerous nasties. They steal information off your PC and send it back to the malware home. This is called 'calling home.' You at this point have to consider your PC compromised any financial info(banks,credit card info)has probably been taken and sent. Also all passwords. These all need to be changed if present on the PC. That said there is really no guarantee that the computer can ever truly be considered safe short of a full format.
If you want to press on with cleaning we can try some things. The decision is yours.
Did you run the scans you have done from safe mode?

Please read (thanks Quietman7)
When should I re-format
Reformatting the computer or troubleshooting; which is best?

You can Clear and Reset your restore points and see how that goes. Tho I personally believe it better to have at least a bad restore point than none while cleaning out malware.

The easiest and safest way to do this is:
Go to Start > Programs > Accessories > System Tools and click "System Restore".
Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
Then use Disk Cleanup to remove all but the most recently created Restore Point.
Go to Start > Run and type: Cleanmgr
Click "OK".
Click the "More Options" Tab.
Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

Also can you retrieve and post the SUPERAntispyware report....
To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.

Edited by boopme, 27 January 2008 - 09:26 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 dizzydee

dizzydee
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:03:48 PM

Posted 28 January 2008 - 03:52 AM

Hi boopme, thankyou for your reply, ive decided to do a complete reinstall just to be on the safe side, after i have done this and updated everything, what do i need to do to protect my ebay account, as i used it yesterday to purchase a couple of things, now im worried, i know to change my passwords and that, but is there anything else i need to do, many thanks for your help so far, Dee PS i also have just done a scan with superantispyware free in safe mode and it came up clean. I will wait for a reply before i do anything else many thanks once again Dee

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,268 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:48 PM

Posted 28 January 2008 - 02:26 PM

Hello Dee and you're welcome. The first thing is a recommendation. It's something I do. I use one and only one Credit card for ALL online activity. Therby if something goes awry you need to stop only one card. Secondly I would cancel any existing cards and get new numbers. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums.

Please read these BC tutorials to help strenghthen yourself on the net.
Best Practices - Internet Safety for 2008".
Simple and easy ways to keep your computer safe".
How did I get infected?, With steps so it does not happen again!".
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:48 PM

Posted 28 January 2008 - 03:10 PM

How to report ID theft, fraud, drive-by installs, hijacking and malware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 dizzydee

dizzydee
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:03:48 PM

Posted 28 January 2008 - 04:26 PM

Thankyou boopme, for all your help and support, many thanks :thumbsup:


Thankyou too quietman, i am going read that now, many thanks :flowers:


What an excellent team we have on here :trumpet:

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,268 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:48 PM

Posted 28 January 2008 - 05:10 PM

Thank you and your most welcome from Q7 and myself !!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users