Author Topic: win32:trojan-gen.{UPX!} (Read 3435 times)

jamtubes · « **on:** June 07, 2007, 05:31:12 PM »

Hello,
My computer is infected with the above and I can't seem to remove it. So if anyone could help that would be great.
I have downloaded and run HighjackThis here is the log report:

I have attached the log file.

If this makes any sense to anyone and could instruct me what to do next it would be much appreciated.

Thanks Tom

DavidR · « **Reply #1 on:** June 07, 2007, 06:09:39 PM »

What Operating System are you using ? is it up to date ?
What actions have you taken to try and resolve the problem ?

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? Check the avast! Log Viewer (right click the avast icon), Warning section, this contains information on all avast detections.

Do you mean it can't be removed or dealt with or it keeps coming back, can you expand ?

I haven't checked the log file, but it would have been better if you had left it in the post. That way it is available to be viewed as a reference by those checking the topic without having to download a file (firefox).

FreewheelinFrank · « **Reply #2 on:** June 07, 2007, 06:34:26 PM »

Hi jamtubes,

Try the usual free adware/spyware scanners.

AVG Anti-Spyware (Requires Win2k/XP)
a-Squared Free
Ad-Aware
Spybot Search & Destroy

Download, install and update all the programs. Disconnect from the internet (pull the plug) before running scans in Safe Mode if possible.

This entry seems to be Vundo, so run the VunfoFix tool as well:

O2 - BHO: (no name) - {2E73DE73-F887-47D9-BDAF-77B2AFF0E426} - D:\WINDOWS\system32\ddccb.dll

http://www.atribune.org/content/view/24/2/

jamtubes · « **Reply #3 on:** June 07, 2007, 06:37:00 PM »

I'm running XP SP2. I have tried spybot, CWshredder and Ada-ware.

I have random IE open up with random webpages when browsing the internet. Avast is unable to remove
Virus Name Location
Win32:trojan-gen.{UPX!} notepad.exe D:\windows\$NTservicepackUnistal$
Win32:trojan-gen.{other} {83F12660-B62C-41C7-9663-992D9FF52089}.exe D:\Windows\system32.

The most recent log file exceeded maxium lines in a post, so I had to attach it, sorry.

FreewheelinFrank · « **Reply #4 on:** June 07, 2007, 06:46:39 PM »

Try AVG Anti-Spyware and the VundoFix tool.

jamtubes · « **Reply #5 on:** June 07, 2007, 09:01:42 PM »

Quote from: FreewheelinFrank on June 07, 2007, 06:46:39 PM

Try AVG Anti-Spyware and the VundoFix tool.

Cheers Frank. It looks like AVG and vundofix has done the trick. Vundofix found numerous dll files and avg found fair few things aswell.

Thanks for your help.

Tom

FreewheelinFrank · « **Reply #6 on:** June 07, 2007, 09:11:05 PM »

No problem!

Author Topic: win32:trojan-gen.{UPX!} (Read 3435 times)

jamtubes

win32:trojan-gen.{UPX!}

DavidR

Re: win32:trojan-gen.{UPX!}

FreewheelinFrank

Re: win32:trojan-gen.{UPX!}

jamtubes

Re: win32:trojan-gen.{UPX!}

FreewheelinFrank

Re: win32:trojan-gen.{UPX!}

jamtubes

Re: win32:trojan-gen.{UPX!}

FreewheelinFrank

Re: win32:trojan-gen.{UPX!}