Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

37 Infected Files... Gah!


  • Please log in to reply
1 reply to this topic

#1 theaussie1

theaussie1

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 09 January 2007 - 04:26 PM

here is what symantec corp told me yesterday. I had to uninstall Norton Antivirus because it wouldn't allow us to do anything. I just recently did a scan, and it came up with all this: (I have dealt with the trojan.vundo before, and already downloaded vundo fix, what can I do for the other stuff?)

82520 files scanned, 37 file(s) infected on your disk drives.

No viruses were detected in memory.
Your computer is free of known threats. Virus Detection does not check compressed files.
Your computer appears safe for now. For real-time protection from viruses, hackers and privacy threats, upgrade to Norton Internet Security™.

No viruses were detected in memory.
Your computer is infected with at least one known virus or Trojan horse.

No viruses were detected in memory.
Your computer is infected with at least one known virus or Trojan horse.

C:\WINDOWS\system32\agamfkcu.dll is infected with Trojan.Vundo
C:\WINDOWS\system32\aiibtoyy.exe is infected with Downloader
C:\WINDOWS\system32\aknbwqry.dll is infected with Trojan.Vundo
C:\WINDOWS\system32\bemsnyon.exe is infected with Spyware.ISearch
C:\WINDOWS\system32\bkomakfa.exe is infected with Downloader
C:\WINDOWS\system32\ebkgioik.exe is infected with Spyware.ISearch
C:\WINDOWS\system32\grdisiyr.dll is infected with Trojan.Vundo
C:\WINDOWS\system32\gwykvdjg.exe is infected with Downloader
C:\WINDOWS\system32\hwaidgsh.dll is infected with Trojan.Vundo
C:\WINDOWS\system32\knevxxjc.dll is infected with Trojan.Vundo
C:\WINDOWS\system32\njqbsaun.dll is infected with Trojan.Vundo
C:\WINDOWS\system32\ovansbrl.exe is infected with Trojan.Vundo
C:\WINDOWS\system32\ovcfxlyv.dll is infected with Infostealer
C:\WINDOWS\system32\pfcvlkrq.exe is infected with Spyware.ISearch
C:\WINDOWS\system32\pfvgqhmt.dll is infected with Trojan Horse
C:\WINDOWS\system32\pnjphvid.dll is infected with Trojan.Vundo
C:\WINDOWS\system32\yanuicrx.exe is infected with Spyware.ISearch
C:\WINDOWS\system32\ybubbvfb.dll is infected with Trojan.Adclicker
C:\WINDOWS\system32\CatRoot2\pibd.dll is infected with Trojan.Vundo
C:\WINDOWS\Downloaded Program Files\UDC6_0001_D19M1908NetInstaller.exe is infected with DriveCleaner
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6_0001_D19M1908NetInstaller.exe is infected with DriveCleaner
C:\Program Files\VSToolbar\VSToolBar.dll is infected with Spyware.ISearch
C:\Program Files\VSAdd-in\VSAdd-in.dll is infected with Trojan.Vundo
C:\Program Files\DriveCleaner 2006 Free\pv.exe is infected with DriveCleaner
C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe is infected with DriveCleaner
C:\Program Files\DriveCleaner 2006 Free\UDC6cw.exe is infected with DriveCleaner
C:\Program Files\DriveCleaner 2006 Free\UDCPChk.dll is infected with DriveCleaner
C:\Program Files\DriveCleaner 2006 Free\UDCShell.dll is infected with DriveCleaner
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe is infected with DriveCleaner
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe is infected with SystemDoctor
C:\Documents and Settings\Chris\Local Settings\Temp\k0toejut.exe is infected with ErrorSafe
C:\Documents and Settings\Chris\Local Settings\Temp\p2psetup.exe is infected with Adware.P2PNetworking
C:\Documents and Settings\Chris\Local Settings\Temp\pol7c7ov.exe is infected with ErrorSafe
C:\Documents and Settings\Chris\Local Settings\Temp\pol7c7ov.exe is infected with WinFixer
C:\Documents and Settings\Chris\Local Settings\Temp\UDC6_0001_D19M2808\installer.exe is infected with DriveCleaner
C:\Documents and Settings\Chris\Local Settings\Application Data\Mozilla\Firefox\Profiles\ki4iew81.default\Cache\B23E4567d01 is infected with ErrorSafe
C:\Documents and Settings\Chris\Local Settings\Application Data\Mozilla\Firefox\Profiles\ki4iew81.default\Cache\B23E4567d01 is infected with WinFixer

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:07 AM

Posted 09 January 2007 - 08:51 PM

Hi theaussie1, First welcome to BC. You got a lot and I feel we'll still be posting a Hijackthis log
But first lets get some out. Also some of these are info stealers,as such change any financial passwords and all passwords as they may be compromised.

Download and scan with AVG Anti-Spyware 7.5 Free in "SAFE MODE". How to start Windows in Safe Mode
Print out the AVG Install and Scan Instructions. HERE
Be sure to check for the any updates to all these programs after you install them.

Download,update and run SUPERAntiSypware, free version Home User . Run This scan in Safe Mode also. If for some reason you can't access safe mode, for now, run them in normal.

Now Run Windows Live OneCare
Be sure to click ONLY on the grey box below the picture of a wrench “Full Service Scan”
This may take some time especially it it needs to defragment the drive.
Please post back with any questions and results...
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users