Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help With Cryp Tap Virus (oukgjnwa.dll)


  • Please log in to reply
3 replies to this topic

#1 RueDBaga

RueDBaga

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 23 February 2008 - 12:39 AM

I would really appreciate anyone who can help me get rid of a virus on Windows XP. The security notification reads as follows:

Infected file: C:\windows\system32\oukgjnwa.dll

Virus name: Cryp Tap

Thank you very much in advance.

BC AdBot (Login to Remove)

 


m

#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,719 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:28 AM

Posted 23 February 2008 - 12:50 AM

Hello RueDBaga,

What program gave you the alert?

I can find no information on that file. Please upload and scan that file at JottiScan and Virus Total.

Please post the results as a reply and indicate which is from Jotti and which from Virus Total.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 RueDBaga

RueDBaga
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 23 February 2008 - 01:18 AM

Thanks for your help, Orange Blossom.

The program that gave me the alert is Trend Micro PC-cillin Internet Security Notification.

Here are the results from JottiScan. The file is still in the queue for Virus Total. I'll post those results when I get them.


Jotti:

File: oukgjnwa.dll
Status: INFECTED/MALWARE
MD5: 06f5250ac5e706e459639e3de62d67c2
Packers detected: -
Bit9 reports: file not found

Scanner results
A-Squared: Found Adware.Win32.Virtumonde.bjc
AntiVir: Found TR/Vundo.DRT
ArcaVir: Found Adware.Virtumonde.Bdm
Avast: Found Win32:Adware-gen
AVG Antivirus:Found BHO.CXR
BitDefender: Found Trojan.Vundo.DRT
ClamAV: Found Adware.Virtumonde-475
CPsecure: Found Adware.W32.Virtumonde.bjc
Dr.Web: Found Trojan.Virtumod.232
F-Prot Antivirus: Found nothing
F-Secure Anti-Virus: Found not-a-virus:AdWare.Win32.Virtumonde.gen (4, 1, 400)
Fortinet: Found nothing
Ikarus: Found not-a-virus:AdWare.Win32.Virtumonde.bjc
Kaspersky Anti-Virus: Found not-a-virus:AdWare.Win32.Virtumonde.gen
NOD32: Found Win32/Adware.Virtumonde application
Norman Virus Control: Found W32/Virtumonde.IZU
Panda Antivirus: Found nothing
Rising Antivirus: Found AdWare.Win32.Virtumonde.bjc
Sophos Antivirus: Found Troj/Virtum-Gen
VirusBuster: Found nothing
VBA32: Found nothing

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,719 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:28 AM

Posted 23 February 2008 - 01:36 AM

Hello RueDBaga,

The Jotti scan has provided enough information, so you don't need to post the Virus Total Scan. You have a Vundo/Virtumonde infection. Please follow the directions in this guide. If you have any questions in working through it, please ask in a reply to this thread. When you have finished the guide, please post the Vundo Fix log as a reply.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users