Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Avira alerted me to something and now I don't know what to do?


  • Please log in to reply
11 replies to this topic

#1 sandman512

sandman512

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 19 October 2011 - 04:15 PM

My Avira alerted me to something and now I don't know what to do. This is what came up, 'TR/Crypt.ULPM.Gen [trojan]
Please any help would be appreciated. THANKS!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:59 PM

Posted 19 October 2011 - 04:20 PM

What options does Avira give you regarding that infection?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 sandman512

sandman512
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 19 October 2011 - 04:36 PM

I believe it asked if I wanted to remove it, which I replied YES.
I am running a full AVIRA scan now, BUT I'm concerned if there is damage from it.
BTW, THANKS for the help!

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:59 PM

Posted 19 October 2011 - 06:22 PM

Let me know if full scan will find anything.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 sandman512

sandman512
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 19 October 2011 - 06:56 PM

Full scan detected (4) things. I quarantined them I believe. Just ran a FULL MBAM and no problems.
Thanks!

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:59 PM

Posted 19 October 2011 - 06:58 PM

No visible issues?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 sandman512

sandman512
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 19 October 2011 - 07:20 PM

Computer a little more slow then usual, but nothing outright.

Here is what AVIRA found:

The file 'C:\Users\Sandy\Desktop\Tom's Folder\cwm3.zip'
contained a virus or unwanted program 'EXP/Linux.Lotoor.G' [exploit]
Action(s) taken:
The file was moved to the quarantine directory under the name '03a886db.qua'.

The file 'C:\Users\Sandy\Desktop\EPIC\one.click.root.exploitv2.5.5.zip'
contained a virus or unwanted program 'EXP/Linux.Lotoor.G' [exploit]
Action(s) taken:
The file was moved to the quarantine directory under the name '6597c911.qua'.

The file 'C:\Users\Sandy\Downloads\OneClickRootCWM3.0.2.5-EC05.zip'
contained a virus or unwanted program 'EXP/Linux.Lotoor.G' [exploit]
Action(s) taken:
The file was moved to the quarantine directory under the name '4968f39d.qua'.

The file 'C:\Users\Sandy\Downloads\cwm3.zip'
contained a virus or unwanted program 'EXP/Linux.Lotoor.G' [exploit]
Action(s) taken:
The file was moved to the quarantine directory under the name '51f7dc33.qua'.

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:59 PM

Posted 19 October 2011 - 07:22 PM

It looks like all of them are some items downloaded by someone.
If they were never unzipped you should be OK.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 sandman512

sandman512
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 19 October 2011 - 07:24 PM

Funny, I don't recall downloading them(maybe my kids?). Anyway, I cannot be sure if they were unzipped or not. Is there anything I can or should do?
PS: Yes, I recall downloading them, they are stuff I use for my phone(ROMS etc...) They were most likely unzipped.

Edited by sandman512, 19 October 2011 - 07:26 PM.


#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:59 PM

Posted 19 October 2011 - 07:29 PM

If Avira and MBAM come up clean and there are no visible issues I wouldn't worry about it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 sandman512

sandman512
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 19 October 2011 - 07:33 PM

Great, thanks BRONI, much much appreciated!
Have a good night!

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:59 PM

Posted 19 October 2011 - 07:43 PM

You're very welcome Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users