Results 1 to 7 of 7

Thread: Im Infected With Something

  1. #1
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    238

    Im Infected With Something

    over the months i have had several antiviruses including avg, windows live oncare, antivir, and recently avast. however i had avg when i accidently downloaded a virus and it did not seem to get rid of it. so i switched to windows. that didn't do it either. so i switched to antivir. that one got rid of most of the viruses becasue by then more had come. but after that it kept going off like every hour on the hour. so i switched to avast. this one seemed to do the trick. but revently it picked up another 8. i thought they were all gone because i did a complete system scan and deleted the ones it picked up. the on access scanner had finally gotten to scan windows system folders and it picked theses guys.

    C:\WINDOWS\system32\wqvnpeqq.dll
    C:\WINDOWS\system32\rrksfvlm.dll
    C:\WINDOWS\SYSTEM32\RRKSFVLM.DLL
    C:\WINDOWS\SYSTEM32\WQVNPEQQ.DLL

    i dont know what they are but it says that they are viruses. please help becasue they keep showin up. thanx

  2. #2
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584
    where did u get infected and when?
    ive been hearing about outbreaks on zlob and Trojan-Spy.Win32@mx lately..

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Those look like randomly generated file names to me?

    Send copies to: http://virusscan.jotti.org/

    and: http://www.virustotal.com/vt/?9f4b11...bc0b1f8617:eng

    They will run them through a whole range of AVs some of which should tell you what it is. Visit their sites and look for removal instructions.

    Also get http://www.ccleaner.com/ and run it. Clear your history and browser cache as well.

    Try running your scans in safe mode if you haven't already done so.

  4. #4
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    Adaware and Spybot might be some help. File Hippo has all sorts of handy things including ccleaner.

    If your AV is going off every hour it sounds like you have some kind of dropper on there. I once mis clicked a link and got myself a dropper. It was 3 days before the definition for it came out. What a fun three days.

    If you feel daring have a look in start -> run -> msconfig and disable anything that looks similar to the files you posted.

    But do stick with an AV, just because it can't clean it yet doesn't mean it never will. Make sure your AV is updating correctly too.

    All else fails, hijack this might be in order.

    Re Zlob: I just cleaned up that very virus this morning.

    Virus 'Troj/Zlob-Gen' has been detected in "C:\WINDOWS\SYSTEM32\hp863B.tmp". Cleanup unavailable.
    *100 on a laptop.
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.

  5. #5
    Junior Member
    Join Date
    Jul 2006
    Posts
    11
    might i suggest housecall.trendmicro.com this online virus scanner will take care of viruses and spyware. It hasn't failed me yet.

  6. #6
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    Hi

    Are you running any versions of MSN Messenger if so what version, if it's 3 then you may have gotten infected with any number of "LOP" variants...

    How_to_get_rid_of_LOP

    Description

    Lop, which stands for Live Online Portal, is a browser hijacker that resets the start and search pages in IE. (Its aliases include: C2; Lop C2Media; Lop.com; Tubmo; Ultimate Browser Enhancer; as well as Lop/Active and variants such as Lop/Dialer, Lop/IMZ, and Lop/Trinity.) Lop variants also may install an Accessories toolbar in IE, add shortcuts to the Favorites menu, monitor online activity, install a porn dialer, and load other spyware and third-party programs onto the system.

    Lop is an ActiveX control that installs itself automatically on any PC that comes into contact with its affiliated sites, many of which have four-letter domain names such as Aavc.com, Samz.com, Srox.com, and Wfix.com. Lop also has been known to masquerade as a downloadable MP3 search utility.

    How To Tell If Lop Is Present On Your System

    Start and search pages redirect traffic to Lop.com or one of its affiliated sites. Another symptom of Lop is the presence of numerous unexplained dial-up attempts.

    How To Get Rid Of Lop With Ad-Aware

    Among the anti-spyware utilities that can remove Lop variants is Ad-Aware SE. By opening the utility and clicking its Scan Now button, Ad-Aware SE will scour the contents of your Windows drive for evidence of Lop and other spyware programs. When the scan is complete, click Next and choose the Critical Objects tab to see everything that Ad-Aware found. Select all spyware-related items on the list and then click the Next button. Click OK to verify that you want to remove the selected objects to a quarantine folder. If Ad-Aware cannot remove an item, it will give you the option of deferring its removal until the next time you reboot. You can close Ad-Aware when the quarantine is complete.
    Useful link to check your browser for hijack.. http://www.doxdesk.com/parasite/

    Messenger Plus info... http://inetexplorer.mvps.org/answers/45.html
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  7. #7
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    238
    i tried running avast in safe mode and it seem to have done the trick.cant possibly imagine why though. i ran several scans to be sure and their all clean. thanx for all the help

Similar Threads

  1. Infected computer
    By cyd in forum AntiVirus Discussions
    Replies: 11
    Last Post: May 25th, 2006, 08:41 PM
  2. The Bulgarian and Soviet Virus Factories
    By foxdie in forum AntiVirus Discussions
    Replies: 11
    Last Post: April 4th, 2004, 02:52 AM
  3. Hacked Red Hat 7.3
    By t3gilligan in forum *nix Security Discussions
    Replies: 18
    Last Post: February 28th, 2004, 02:31 AM
  4. Solution to Sobig.F Virus Infected Emails
    By Falcon21 in forum AntiVirus Discussions
    Replies: 0
    Last Post: August 25th, 2003, 10:44 AM
  5. A new Trojan for *Nix...
    By [WebCarnage] in forum Security Archives
    Replies: 0
    Last Post: January 10th, 2002, 09:10 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •