« previous next »
Pages: [1]   Go Down

Author Topic: Virus Backdoor.Bifrose Help  (Read 9226 times)

0 Members and 1 Guest are viewing this topic.

Xtreme2damax

  • Guest
Virus Backdoor.Bifrose Help
« on: June 15, 2006, 07:39:50 PM »
Hi I'm having a problem, I recently downloaded the free trial of smartftp, off of a not so reputable website. It seems the exe was infected by a virus, that some hacker placed in it.

At first the virus was a trojan.downloader, and after I cleared that out I found another virus.

The virus's name is Backdoor.Bifrose, and it infected Nvcpl32.exe in my C:\windows\System32\ Directory.

The reason I know it was smart ftp, that was infected is because, my system was totally clean before installing smart ftp, and after I installed it, it was infected.

Two places on my hard drive are infected, one is: Nvcpl32.exe in my windows\system32 directory, and the other place that is infected is:

C:\Documents and Settings\***\Local Settings\Temp\SmartFtp.exe .

Can anyone give me an Idea of what to do, or which files need to be deleted to get this off my system and keep it off?

What additional malicious files may need to be deleted, that the trojan.downloader, or the Backdoor.Bifrose may of downloaded?

Thank You very much to anyone that can help, I'd really appreciate it if someone can help me solve my Problem, Thank You ;)
Logged

Spiritsongs

  • Guest
Re: Virus Backdoor.Bifrose Help
« Reply #1 on: June 15, 2006, 07:53:44 PM »
 :)  Hi :

      In one of your other posts, you mentioned lots of info
      about your machine, but never mentioned the name of
      your OS . Assuming you have Win XP, we usually
      recommend using "Ewido" available from www.ewido.net .
      This good & FREE program "specializes" in detecting and
      removing trojans, worms, generic dialers, etc that the
      other anti-malware programs are not that good .
      There's a "tutorial" at :
      www.greyknight17.com/spy/Tutorials/ewidoQuickGuide.pdf .

      Are you sure Norton is COMPLETELY removed from your
      machine ?
Logged

Xtreme2damax

  • Guest
Re: Virus Backdoor.Bifrose Help
« Reply #2 on: June 15, 2006, 09:11:31 PM »
Yeah my Operating System is Windows XP Home Edition.

I did have Norton uninstalled, But decided to reinstall it, Norton found the Backdoor.Bifrose, while avast did not.

The file that carried the trojan was my Smartftp client, that someone posted a trojanized version of on a download site, and is probably not a conflict between Norton, and avast. The files infected were smartftp.exe, and Nvcpl32.exe in my system32 folder

I do use avast as well, to scan for viruses that norton may not be able to pick up on, and Vice-Versa.

I did do a search on google on Backdoor.Bifrose, But the Files mentioned that are malicious from the Backdoor.Bifrose trojan, are not even present on my system,

such as plugin1.dat was not present on my system, the only trace I found of the backdoor.bifrose, was from a virus scan, and a couple registry entries that symantec said this trojan created, even a couple of the registry entries were not present at all.

I came here to post, because I use avast, and also the files on my system that were infected with the backdoor.bifrose, were not listed on symantec as being part of the backdoor.bifrose trojan. So I am thinking that this is a fairly new varient of the trojan.

This is not the first time I have had a problem with this trojan, I dealt with it before I reformated my system the last time, before I started using avast, I wasnt sure which program caused this trojan, but this time around, I found out that it was my smartftp client that I downloaded that some hacker trojanized.

Thank you if you can help, right now I am going to get that ewido program and scan, to see if I am still infected with the trojan.
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: Virus Backdoor.Bifrose Help
« Reply #3 on: June 16, 2006, 04:06:48 AM »
Quote from: Xtreme2damax on June 15, 2006, 09:11:31 PM
I do use avast as well, to scan for viruses that norton may not be able to pick up on, and Vice-Versa.
I'm fully sure this won't work... sooner or later you'll get problems... two antivirus will conflic.
Even if you use one of these two disabled... Norton won't work and, specially, avast won't work with even traces of Norton left behind after uninstallation.

Quote from: Xtreme2damax on June 15, 2006, 09:11:31 PM
Thank you if you can help, right now I am going to get that ewido program and scan, to see if I am still infected with the trojan.
Good solution: ewido  8)
Logged
The best things in life are free.

Xtreme2damax

  • Guest
Re: Virus Backdoor.Bifrose Help
« Reply #4 on: June 16, 2006, 09:00:14 PM »
Since someone mentioned ewido anti-malware here, I'm going to ask this question:

I noticed that ewido has a fully functional 14 day trial version, and after those 14 days it becomes a feature limited freeware edition.

My question is, after the 14 days what features become disabled? Will I still be able to update it, and do a full system scan, and scan for trojans and viruses?

Also I noticed with ewido, that it detects any cookies or tracking cookies as an infection or malware, Now msn.com uses tracking cookies I believe, and nothing there is malicious.

Thanks to anyone, that can give me info on what I asked ;)
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89096
  • No support PMs thanks
Re: Virus Backdoor.Bifrose Help
« Reply #5 on: June 16, 2006, 09:19:21 PM »
The element you lose after 14 days is the resident guard process other than that there is no issues, but you have to manually update as opposed to automatic updates. I update mine once a week prior to running a manual scan.

MSN and trust ;D with the stunts MS are playing with WGA I wouldn't trust then as far as I could throw them. For the most part cookies are benign, but you have to ask yourself what is supposedly being tracked by the MSN cookie and if it is essential to your use of MSN. If deleted it, it will be created the next time you sign in I assume unless you block it and that may block your access to MSN.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Xtreme2damax

  • Guest
Re: Virus Backdoor.Bifrose Help
« Reply #6 on: June 16, 2006, 09:44:29 PM »
Btw, I forgot to mention in my last post, That an admin or a moderator can close this thread. I have since solved my problem with the backdoor.bifrose

I solved it by deleting the infected program right off my hard drive, I then popped in my emachines restore DVD, and restored my computer to the way it was, when I first bought it (the Operating system that is), and then after everything was restored, I Uninstalled Norton antivirus, installed Zonealarm Firewall, Avast, and ewido. Since then (Yesterday) I have not had a problem :)

I had no choice but to do a full system restore, even though I cleaned the virus, deleted it, and cleaned the registry of any trace of it, My system was still running slow as heck.

anyway before this thread closes, I heard people were having problems with the microsofts WGA (Windows Genuine Advantage) Tool. I don't know what the deal with that was, because I haven't had any Problems with the WGA Tool from microsoft.

Maybe someone could explain to me, what the problem people were having with WGA was, so I may avoid installing it again. Thanks
Logged

Spiritsongs

  • Guest
Re: Virus Backdoor.Bifrose Help
« Reply #7 on: June 17, 2006, 03:11:17 AM »
 :)  Hi all :

      People are having trouble with the "Genuine Advantage
      Notification ( KB 905474 ) " , NOT with the "Genuine
      Advantage Validation Tool ( KB 892130 ) ".
Logged
Pages: [1]   Go Up
« previous next »