Author Topic: What is it?  (Read 4042 times)

0 Members and 1 Guest are viewing this topic.

Offline shir

  • Newbie
  • *
  • Posts: 1
What is it?
« on: March 16, 2004, 07:28:51 AM »
What the viruses had (been) infected my comp...did you know them?
 ???16.03.2004 06:01:12   NT AUTHORITY\SYSTEM   1308   Sign of "Win32:Jeet [Trj]" has been found in "C:\WINDOWS\System32\msrexe.exe" file.  
16.03.2004 06:08:14   8TZ0SAHZK3JCU5Q\Антон   1740   Sign of "Win32:Jeet [Trj]" has been found in "c:\windows\system32\msrexe.exe" file.  
16.03.2004 06:10:48   NT AUTHORITY\SYSTEM   1308   Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\WINDOWS\system32\audio.exe" file.  
16.03.2004 06:44:49   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\SYSTEM32\CD_CLINT.DLL" file.  
16.03.2004 06:56:12   8TZ0SAHZK3JCU5Q\Антон   2800   Sign of "Win32:Trojan-gen. {VC}" has been found in "c:\windows\belt.exe" file.  
16.03.2004 07:17:50   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\audio.exe" file.  
16.03.2004 07:18:10   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Jeet [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0006434.exe" file.  
16.03.2004 07:18:15   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0006433.exe" file.  
16.03.2004 07:18:18   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Jeet [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0006431.EXE" file.  
16.03.2004 07:18:24   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:NcaseSpy [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0002796.EXE" file.  
16.03.2004 07:18:37   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:DyfucDldr-E [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0002775.exe" file.  
16.03.2004 07:18:41   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:DyfucDldr-E [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0002774.exe" file.  
16.03.2004 07:18:43   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:DyfucDldr-B [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0002776.dll" file.  
16.03.2004 07:18:51   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Jeet [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\outl32c.exe" file.  
16.03.2004 07:19:08   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Jeet [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\outl32c.exe.vir" file.  
16.03.2004 07:32:57   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Jeet [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\outl32c.exe.vir.vir" file.  
16.03.2004 07:33:07   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:DyfucDldr-E [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0002774.exe.vir" file.  
16.03.2004 07:35:12   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:DyfucDldr-E [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0002775.exe.vir" file.  
16.03.2004 07:35:21   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:DyfucDldr-B [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\A0002776.dll.vir" file.  
16.03.2004 07:35:40   NT AUTHORITY\SYSTEM   1188   Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Alwil Software\Avast4\DATA\moved\audio.exe.vir" file.  ???

Offline whocares

  • Super Poster
  • ***
  • Posts: 1698
  • I'm not a llama! :-)
Re:What is it?
« Reply #1 on: March 16, 2004, 08:35:46 AM »
Hi,

first delete all the Virus files in C:\Program Files\Alwil Software\Avast4\DATA\moved manually

then search the board for the remaining virus names; lots of topics on those yet

some should be removed by using spybot and ad-aware

Info&Removal for JEET:
http://www.virusbtn.com/resources/vgrep/vgrep.cgi?terms=Win32%3AJeet&product=1

you should also think of redoing your system from scratch, because you had an active Backdoor on it: anybody can/could have read/installed/deleted stuff on your PC
even if you don't want to format, scan&secure your system thoroughly; further advice/details in the board here

 ;)