Unsolved
This post is more than 5 years old
4 Posts
0
1252
UNABLE TO LOCATE FILES I.D. BY TREND MICRO PC-CILLIN
Trend Micro PC-Cillin I.D. the following filesand the last 3 as containing a possible Vundo-9 trojan. However when I started our system in Safe Mode, I was unable to find the files in order to delete them.
C: \ Documents and Settings \ Jon Christopher Hall \ Local Settings \ Temporary Intenet Files \ content.IE5 \ CONB412C \ load[1].exe
C: \ Documents and Settings \ Jon Christopher Hall \ Local Settings \ Temporary Intenet Files \ content.IE5 \ LQYCO5YR \ jKxnOcZ[1].exe
C: \ WINDOWS \system32 \ tadepabe.dll
C: \ WINDOWS \system32 \ icgwqy.dll
C: \ WINDOWS \system32 \ vupuroke.dll
I would appreciate any suggestions.
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
March 21st, 2009 17:00
Welcome :emotion-1:
If it's Vundo, there are usually more files and associated Registry entries.
Try running Malwarebytes' Anti-Malware.
Please download to your desktop Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
and just double-click on mbam-rules.exe to install.
Alternatively, you can update through MBAM's interface from a clean computer,
copy the definitions (rules.ref) located in
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes'
Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
Click Remove Selected.
1. Just click the Start A New Thread button (upper right) in the Malware Removal forum HERE
to start your own thread requesting assistance for a follow-up check to be sure the malware is gone.
2. In the discussion window that opens, simply Right-Click and select Paste.
Extra Notes:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer, please do so immediately.
-- MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes (like Spybot's Teatimer), they may interfere with the fix or alert you after scanning with MBAM. Please disable such programs until disinfection is complete or permit them to allow the changes.
**If you need to re-install MBAM but encounter issue in re-installing, try using the MBAM Cleanup Utility by downloading it from http://www.malwarebytes.org/mbam-clean.exe
Jon Hall
4 Posts
0
March 22nd, 2009 15:00
I had previously installed MBAM and have used it frequently for several months. I updated it today and ran the quick scan but it failed to find anything. Trend Micro PC -Cillin can find the files but is unable to remove or quarantine them. In the past I have restarted in Safe Mode found the files with the trojan and deleted them but I'm unable to find these particular files.