Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
BackDoor-CVT Trojan
Results 1 to 2 of 2

Thread: BackDoor-CVT Trojan

Hybrid View

  1. #1

    BackDoor-CVT Trojan

    Hi folks.

    I have a Trojan on my machine - BackDoor-CVT

    This is what McAfee says about it;

    When this dropper file is run, it creates the following file:

    %SysDir%\winicd32.dll (18,944 bytes)This file is injected into Internet Explorer's memory space, to avoid triggering firewall software.

    The following registry keys are created:

    hkey_local_machine\software\microsoft\windows,
    nt\currentversion\winlogon\notify\winxtx32,
    hkey_local_machine\software\microsoft\mssmgr\

    The dropped file will also try to connect to a remote website, like here4search.biz, where it can get an additional configuration file, named text.dat.

    I have the latest update but the scan results say that the infected file
    (C:\WINDOWS\SYSTEM32\WINBFI32.DLL) can not be removed.

    If I delete these registry entries will the Trojan be removed or should I remove the WINBFI32.DLL file manually - or would I be screwing up my machine?

  2. #2
    Um..This is a Windows security problem.

    It's probably been there for quite some time now, and McAfee just now found it. Run HijackThis, and remove the offending startup/winlogon entry (if you have issues with this, or questions. Post the output from the scan), and try running AVG, and AVG Anti-Rootkit in safe mode to get the rest removed.
    arrogance breeds ignorance


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Similar Threads

  1. Viruses, Worms, Trojan Horses
    By CoolJsa14 in forum Windows - General Topics
    Replies: 9
    Last Post: 11-01-2009, 08:08 AM
  2. Trojan piggybacks on Microsoft patching
    By genesis in forum Windows - General Topics
    Replies: 0
    Last Post: 01-26-2005, 11:13 PM
  3. Thwarted Linux backdoor
    By coltrane in forum Linux - Software, Applications & Programming
    Replies: 3
    Last Post: 12-24-2003, 07:55 PM
  4. Trojan.Linux.JBellz
    By trickster in forum General Chat
    Replies: 2
    Last Post: 01-19-2003, 01:39 AM
  5. OpenSSH source trojan
    By Compunuts in forum Linux - Software, Applications & Programming
    Replies: 15
    Last Post: 08-05-2002, 01:29 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •