Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Thursday 21.11.2024 / 08:31
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > obfuscator and foidan.b trojan viruses
Show topics
 
Forums
Forums
Obfuscator and Foidan.B Trojan viruses
  Jump to:
 
Posted Message
Garry1963
Newbie
_ 		13. October 2013 @ 17:34 _ Link to this message    Send private message to this user   
Hi everyone,

Just recently discovered these little nasties lurking on my hard drive in the WIN32 folders:

WIN32/Obfuscator.VP
WIN32/zbot
WIN32/Foidan.B

would it be safe to manually remove these from this folder?

I noticed that my Microsoft Security Essentials programme had been uninstalled. I re-installed it and that is when it picked these critters up.

I received Windows updates the night before and everything seemed to be not right after that. My Internet struggles to cope with loading some webpages.

I also can't load my DVDFab application up now after clicking the desktop Icon. But I can load the other applications up. Tried everything even though the target path is pointing to the right programme for the DVDFab shortcut icon.

Also System Restore is now inoperable, showing the message "Cannot create restore point, please restart computer" which is no use. Its amazing what damage these viruses can do.

Can anyone please tell me how to fix the shortcut icon problem?

Many thanks.
[ + quote]
Advertisement
_ 		__
attar
AfterDawn Addict
_ 		13. October 2013 @ 19:37 _ Link to this message    Send private message to this user   
I know in Windows 7 you can type rstrui.exe from the start box to get the restore program running.

Or reboot into Safe Moded;Select 'Safe mode with command prompt'.
At the command prompt, type rstrui.exe and press Enter.
[ + quote]

This message has been edited since posting. Last time this message was edited on 13. October 2013 @ 19:37
2oldGeek
AfterDawn Addict
_ 		13. October 2013 @ 19:47 _ Link to this message    Send private message to this user   
Garry1963,

You have more than just a simple virus.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

Attempt to run and post DDS and I will attempt to help you clean up.

DDS logs

DDS is a diagnostic tool, which scans your computer and produces logs which can be analysed by your helper.

To run a scan with DDS .....

Download -> DDS and save it to your Desktop.

Alternate Download -> HERE

Double click dds.scr to run the tool.
If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.

DDS will now scan your computer.
When the scan is complete, DDS will open two (2) logs:
? DDS.txt
? Attach.txt

If not saved these logs will be automatically deleted when closed, so save both to your Desktop.

Please note it is important that you post BOTH logs in your topic.

Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS.


2oG
[ + quote]


There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
Mez
AfterDawn Addict
_ 		14. October 2013 @ 16:51 _ Link to this message    Send private message to this user   
Agreed! Something uninstalled Microsoft Security Essentials and that action was not mentioned in any Obfuscator info. Something else may have installed these other tools as a smoke screen for the real threat.

How to manually remove VirTool:Win32/Obfuscator
[ + quote]
Advertisement
_ 		__
 
_
2oldGeek
AfterDawn Addict
_ 		14. October 2013 @ 17:40 _ Link to this message    Send private message to this user   
Originally posted by Mez:
 Agreed! Something uninstalled Microsoft Security Essentials and that action was not mentioned in any Obfuscator info. Something else may have installed these other tools as a smoke screen for the real threat.
You got the picture, Mez.. WIN32/zbot is a Trojan that has probably brought in a ton of stuff including a Rootkit... Obfuscator keeps you from seeing any of it.

P.S. MSE has the ability to remove Obfuscator, that's why the Ttojan turned it off.
[ + quote]

This message has been edited since posting. Last time this message was edited on 14. October 2013 @ 17:46
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > obfuscator and foidan.b trojan viruses
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork