I just found out about avast and I ran home edition 4.1 with a thorough scan and it says it found no infected files.
http://www3.ca.com/virusinfo/virusscan.aspx
+
http://housecall.trendmicro.com/housecall/start_corp.asp
found no viruses & lavasoft6.0 adware says I’m clean.
AVG anti-virus tells me I have 6 infected files!:
AVG Anti-Virus
Program version 7.0.211
Virus base 261.9.5
Release date: 17/02/2004
File h4ck3d.exe
Result/Infection Trojan horse Downloader.Zdown
Path C:\WINDOWS\system32\7oob.exe:\h4ck3d.exe
File root.sys
Result/Infection Trojan horse IRC/BackDoor.Flood
Path C:\WINDOWS\systems32\7oob.exe:\root.sys
File secure.BAT
Result/Infection Could be infected BAT/Generic
Path C:\WINDOWS\systems32\7oob.exe:\secure.BAT
File secure.exe
Result/Infection Trojan horse HideWindow
Path C:\WINDOWS\systems32\7oob.exe:\secure.exe
File spread.bat
Result/Infection Could be infected BAT/Generic
Path C:\WINDOWS\systems32\7oob.exe:\spread.bat
File system.sys
Result/Infection Virus found IRC/BackDoor.Flood
Path C:\WINDOWS\systems32\7oob.exe:\system.sys
Another online scanner http://www.ravantivirus.com/scan/indexie.php gives me the following results:
\Addons\clones3.ini - Flooder:IRC/Clonman* → Infected
C:\mf-polaris2001\polaris2001\System\remotes\connect.ini - IRC/Generic* → Suspicious
C:\WINDOWS\fps.exe->(ASPack 2.12) - Win32/Dumaru.H@mm → Infected
C:\WINDOWS\system32\7oob.exe->(CABSfx)->h4ck3d.exe - TrojanDownloader:Win32/Zdown.1_01 → Infected
C:\WINDOWS\system32\7oob.exe->(CABSfx)->secure.exe - Tool:HideWindows → Infected
C:\WINDOWS\system32\dtxservice.exe - TrojanSpy/Win32.ProAgent.1_2 → Infected
C:\WINDOWS\system32\jcxpif.exe->(UPXW) - Win32/HLLW.SpyBot → Suspicious
C:\WINDOWS\system32\mirc.ini - Trojan:IRC/Flood.gen* → Infected
C:\WINDOWS\system32\sysmgr.exe->(UPXW) - Win32/HLLW.SpyBot → Suspicious
C:\WINDOWS\system32\Temp.scr - IRC/Flood → Infected
Avast does give me pop-up warnings about the following:
Win32:Trojan-gen. {UPX!}
c:\windows\iss32.exe
win32:Trojen-gen. {other}
c:\windows\mps.exe
win32:Trojan-gen. {other}
c:\windows\kdd32.atm
It won’t let me do anything with these files. Can’t repair/delete/move.
AVG tells me I have Trojan Horse PWS.Proagent.B… I ask to delete it, it says it does but whenever I reboot it’s there again?!
Any help appreciated!!
;D