Jump to content
Sign in to follow this  
Mobli1

Trojan.Agent/Gen-Virut

Recommended Posts

Hi,

I have 2 computers - a desktop running WinXPSP3 and a laptop running Windows7 64Bit. Both are protected by Norton Internet Security.

On 9th July I ran a SUPERAntiSpyware update and a full scan - something I generally do once a week. A few tracking cookies were picked up as usual but both machines reported the same problem in D:\WINDOWS\INSTALLER - see the trace below

I intially thought these must be false positives but since then the desktop machine has been behaving in odd ways. I tried to manually run a Windows Update but something is preventing it from working. The Windows update screen loads as usual but instead of examining my PC it tried to install a new Update.exe and when I cancelled it went to a new page that stated:

Internet Explorer has closed this webpage to help protect your computer

A malfuntioning or malicious add-on has caused Internet Explorer to close this webpage.

I don't remeber this ever happening before so I took some screenshots and closed the browser. I tried to attached the screenshots to this posting but it returned a server error - will try again later. To me everything looks OK but I'm very suspicous of any automated download at the moment. And this is different behaviour to all my previous Windows Updates. It feels like something is not right..

Do you think this is a genuine Microsoft download or something else?

Since then, Firefox has also started redirecting to youtube and there are often long delays when browsing and opening Windows Explorer. It feels like something is working away in the background.

Please help, any help much appreciated, I'm not sure what to do next as Norton reports nothing.

Thank you

Mike

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 07/10/2012 at 01:59 AM

Application Version : 5.0.1150

Core Rules Database Version : 8867

Trace Rules Database Version: 6679

Scan type : Complete Scan

Total Scan Time : 02:56:09

Operating System Information

Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

Memory items scanned : 240

Memory threats detected : 0

Registry items scanned : 34652

Registry threats detected : 0

File items scanned : 138591

File threats detected : 26

Adware.Tracking Cookie

www.counterterrorexpo.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.marinetraffic.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.dealtime.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

stat.dealtime.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

.stats.paypal.com [ D:\DOCUMENTS AND SETTINGS\HOME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LG9W4WF0.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Virut

D:\WINDOWS\INSTALLER\{90110409-6000-11D3-8CFE-0150048383C9}\MISC.EXE

D:\WINDOWS\INSTALLER\{90A40409-6000-11D3-8CFE-0150048383C9}\MISC.EXE

Share this post


Link to post
Share on other sites

I tried again this morning to upload a file to this forum but got a server error again. I tried both the simple and advanced uploader and got the same error. Is it a problem at your end?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...