Spyware, Viruses, & Security forum

General discussion

HELP HELP NEED HELP REGARDIN DETAILS ON A WORM ACTIVITY

by thunder1412 / March 14, 2008 4:35 AM PDT

Guys pls help me out
i'm constantly gettin a potentially worm activity detected thru my mcafee virus scan
It says an email of similar format or details has been tried to be sent several times
Email sub: Mens health ID 520820 etc etc
As soons as i disconnect my net the msg stops
It tries to send a mail to ablebar@......com etc etc
pls guys help me out need ur help

Discussion is locked
You are posting a reply to: HELP HELP NEED HELP REGARDIN DETAILS ON A WORM ACTIVITY
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: HELP HELP NEED HELP REGARDIN DETAILS ON A WORM ACTIVITY
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Minor suggestion
by eddie11013 / March 14, 2008 5:12 AM PDT

If your saying that the McAfee is detecting a ?potential? virus/worm in an incoming Email, then it appears that its doing its job and protecting you from opening ?this? email. If you saying that McAfee is finding the ?worm?, already on your computer but can?t delete it, then its plan ?B? time. If this is the case, then usually its because the ?worm? is behind the wall of ?system restore?. It will be located in something like C:\windows\system volume or some such. If this is the case, then turn off system restore, run a scan with McAfee, you should then be able to get rid of it, and then turn system restore back on. I?m hoping that you have some kind of firewall, at the least, the windows firewall, for extra security. In any rate, if your still having problems getting rid of the ?worm?, try one or all of the following free online scanners, and get rid of whatever they find:
A-Squared On Line Trojan Scan -- http://www.windowsecurity.com/trojanscan/
BitDefender On Line Scan -- http://www.bitdefender.com/scan8/ie.html
Ewido On Line Scan -- http://www.ewido.net/en/onlinescan/
F-Secure On Line Scan -- http://support.f-secure.com/enu/home/ols.shtml
House Call Anti-Virus http://housecall.trendmicro.com/housecall/start_corp.asp
Kaspersky http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html

Good luck,
Eddie

Collapse -
Nothing Worked still the problem exists
by thunder1412 / March 15, 2008 12:12 AM PDT
In reply to: Minor suggestion

Eddie i'd like to thank your idea but it does not seems to work
I'd like to give you some additional details what is goin on in my PC
1.Sometimes the pc restarts automatically
2.Due to buffer overflow the windows explorer terminates and restarts
3.And non-stop email sending to unknown addresses and the subject is mens health etc.
After installing quick heal it found out that my PC is infected with Worm.VB.ck and after removing the worm the firewall has detected that the program svchost is trying to send emails without my permission.
Even after a scan nothing was found
Kindly help me out and give me the info and idea what is the problem and how to solve it respectively

Collapse -
Worm.VB.CK is a worm that tries to spread via
by Marianna Schmudlach / March 15, 2008 1:21 AM PDT
Collapse -
No use
by thunder1412 / March 15, 2008 3:43 AM PDT

As per the suggestion i've scanned my PC with recommended scan manager and followed other instructions but the problem still persists
After checking my network activities the svchost activity is high for outgoing connections even the file svchost has been quarantined by the antivirus for some threat it has quarantined svchost.exe.ent.exe
Now presently i have blocked the activities of the above program as it still tries to send emails to unknown addresses.Kindly help me out with this please

Collapse -
Then I would suggest.....
by Marianna Schmudlach / March 15, 2008 3:51 AM PDT
In reply to: No use
Collapse -
Need info
by thunder1412 / March 16, 2008 3:14 AM PDT

Can you just tell me what the given below trojans do
Trojan.Obfuscated.qs. (infected svchost.exe.ext.exe. file has been deleted by the antivirus)
TrojanDropper.Small.bgl in another file
all these trojans have been removed

Collapse -
Trojan.Obfuscated.QS
by Marianna Schmudlach / March 16, 2008 3:32 AM PDT
In reply to: Need info

Aliases:
Generic5.SDJ GRISoft AVG 7.5.516/1227 15-Jan-2008
Trojan:Win32/Busky.BG Microsoft MP CL 1.3109 15-Jan-2008
W32/Trojan2.AJS Frisk Software FPCMD 4.4.3 15-Jan-2008

Type Malware
Type Description Malware ("malicious software") consists of software with clearly malicious, hostile, or harmful functionality or behavior and that is used to compromise and endanger individual PCs as well as entire networks.
Category Trojan Downloader
Category Description A Trojan Downloader is a program typically installed through an exploit or some other deceptive means and that facilitates the download and installation of other malware and unwanted software onto a victim's PC. A Trojan Downloader may download adware, spyware or other malware from multiple servers or sources on the internet.

More: http://research.sunbelt-software.com/threatdisplay.aspx?name=Trojan-Downloader.Win32.Busky.gen&threatid=98182

TrojanDropper.Small.bgl in another file

I can NOT find anything regarding that one......

but: TrojanDropper.Small.B

Type Malware
Type Description Malware ("malicious software") consists of software with clearly malicious, hostile, or harmful functionality or behavior and that is used to compromise and endanger individual PCs as well as entire networks.
Category Trojan Downloader

More: http://research.sunbelt-software.com/threatdisplay.aspx?name=TrojanDropper.Small.B&threatid=160489

Hope this helps.

Collapse -
More help
by thunder1412 / March 16, 2008 5:14 AM PDT
In reply to: Trojan.Obfuscated.QS

thank you for the info but
does this trojan send emails to any unknown persons
i had blocked its activity and as soon as i downloaded the update of my anti virus it was cleaned

Collapse -
as soon as i downloaded the update of my anti virus it was c
by Marianna Schmudlach / March 16, 2008 5:31 AM PDT
In reply to: More help
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.