Confirmation Of A's And I's Please
Crosswords2 mins ago
virus
5 Answers
hi
i have a virus that my nod32 picks up but cannot remove.
its says the virus name is:
http://83.149.105.225/dl/ndi.exe?rov=101&c=286 08fd5+f2c30f20f15d4fffba18af94a997f54b+ac1e34c c-e956-4e24-b8db-afa7ffdf2683&aff=67841
i have used windows defender, spyware detector, spyware doctor and supersntispyware to find and remove the virus s nod32 suspects it may be adware or spyware but so far none have removed it, nod32 also says that it is a variant of win32/adware.agent but i cannot find anything to do with that on my computer. could somebody please help.
thanks
wes
i have a virus that my nod32 picks up but cannot remove.
its says the virus name is:
http://83.149.105.225/dl/ndi.exe?rov=101&c=286 08fd5+f2c30f20f15d4fffba18af94a997f54b+ac1e34c c-e956-4e24-b8db-afa7ffdf2683&aff=67841
i have used windows defender, spyware detector, spyware doctor and supersntispyware to find and remove the virus s nod32 suspects it may be adware or spyware but so far none have removed it, nod32 also says that it is a variant of win32/adware.agent but i cannot find anything to do with that on my computer. could somebody please help.
thanks
wes
Answers
1 to 5 of 5
Best Answer
No best answer has yet been selected by baller26. Once a best answer has been selected, it will be shown here.
For more on marking an answer as the "Best Answer", please visit our FAQ.
The fact that the name starts with an IP address (http:... etc.) would seem to indicate that you don't have the actual virus on your machine, but that somewhere you have a link to it (you'll notice that the name you typed into your question appears as a URL).
After you turn on your machine, at what point does NOD32 identify the problem?
After you turn on your machine, at what point does NOD32 identify the problem?
Not something I recommend, but I've just clicked the link in your question! I felt fairly safe as I have a decent firewall, and I run NOD32 myself. (I think AB should delete this link!)
NOD32 immediately popped up and suggested I terminate the download, which I did.
It seems to me that maybe you have an e-mail or a favourites entry that contains the link, or that you have a pending download which your IE or download manager is trying to restart after it gets terminated by NOD32.
All the time you are running NOD32, you are quite safe, but I suggest that you check for any e-mails and favourites that may contain the link (also check your startup folder, and the registry - just search for the executable name, "indo.exe" and if you find the link, delete it.
NOD32 immediately popped up and suggested I terminate the download, which I did.
It seems to me that maybe you have an e-mail or a favourites entry that contains the link, or that you have a pending download which your IE or download manager is trying to restart after it gets terminated by NOD32.
All the time you are running NOD32, you are quite safe, but I suggest that you check for any e-mails and favourites that may contain the link (also check your startup folder, and the registry - just search for the executable name, "indo.exe" and if you find the link, delete it.
I saved the file then uploaded it to Virustotal. Here's the results.
AhnLab-V3 2007.7.26.0 2007.07.25 no virus found
AntiVir 7.4.0.50 2007.07.25 TR/Distamit
Authentium 4.93.8 2007.07.25 no virus found
Avast 4.7.997.0 2007.07.25 no virus found
AVG 7.5.0.476 2007.07.25 Proxy.PMN
BitDefender 7.2 2007.07.25 Trojan.Vundo.CQ
CAT-QuickHeal 9.00 2007.07.25 AdWare.Virtumonde.af (Not a Virus)
ClamAV 0.91 2007.07.25 Trojan.Vundo-382
DrWeb 4.33 2007.07.25 Trojan.Virtumod
eSafe 7.0.15.0 2007.07.24 suspicious Trojan/Worm
eTrust-Vet 31.1.5004 2007.07.25 no virus found
Ewido 4.0 2007.07.25 Adware.Virtumonde
FileAdvisor 1 2007.07.25 no virus found
Fortinet 2.91.0.0 2007.07.25 Adware/VirtuMonde
F-Prot 4.3.2.48 2007.07.25 no virus found
F-Secure 6.70.13030.0 2007.07.25 no virus found
Ikarus T3.1.1.8 2007.07.25 not-a-virus:AdWare.Win32.Virtumonde.af
Kaspersky 4.0.2.24 2007.07.25 not-a-virus:AdWare.Win32.Virtumonde.af
McAfee 5082 2007.07.25 Vundo
Microsoft 1.2704 2007.07.25 no virus found
NOD32v2 2420 2007.07.25 probably a variant of Win32/Adware.Agent
Norman 5.80.02 2007.07.25 W32/Virtumonde.HAZ
Panda 9.0.0.4 2007.07.24 Spyware/Virtumonde
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.25 VIPRE.Suspicious
Symantec 10 2007.07.25 Trojan.Vundo
TheHacker 6.1.7.153 2007.07.25 Adware/Virtumonde.af
VBA32 3.12.2.1 2007.07.24 AdvWare.Win32.Virtumonde.af
VirusBuster 4.3.26:9 2007.07.25 no virus found
Webwasher-Gateway 6.0.1 2007.07.25 Trojan.Distamit
I would advise that link be disabled.
AhnLab-V3 2007.7.26.0 2007.07.25 no virus found
AntiVir 7.4.0.50 2007.07.25 TR/Distamit
Authentium 4.93.8 2007.07.25 no virus found
Avast 4.7.997.0 2007.07.25 no virus found
AVG 7.5.0.476 2007.07.25 Proxy.PMN
BitDefender 7.2 2007.07.25 Trojan.Vundo.CQ
CAT-QuickHeal 9.00 2007.07.25 AdWare.Virtumonde.af (Not a Virus)
ClamAV 0.91 2007.07.25 Trojan.Vundo-382
DrWeb 4.33 2007.07.25 Trojan.Virtumod
eSafe 7.0.15.0 2007.07.24 suspicious Trojan/Worm
eTrust-Vet 31.1.5004 2007.07.25 no virus found
Ewido 4.0 2007.07.25 Adware.Virtumonde
FileAdvisor 1 2007.07.25 no virus found
Fortinet 2.91.0.0 2007.07.25 Adware/VirtuMonde
F-Prot 4.3.2.48 2007.07.25 no virus found
F-Secure 6.70.13030.0 2007.07.25 no virus found
Ikarus T3.1.1.8 2007.07.25 not-a-virus:AdWare.Win32.Virtumonde.af
Kaspersky 4.0.2.24 2007.07.25 not-a-virus:AdWare.Win32.Virtumonde.af
McAfee 5082 2007.07.25 Vundo
Microsoft 1.2704 2007.07.25 no virus found
NOD32v2 2420 2007.07.25 probably a variant of Win32/Adware.Agent
Norman 5.80.02 2007.07.25 W32/Virtumonde.HAZ
Panda 9.0.0.4 2007.07.24 Spyware/Virtumonde
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.25 VIPRE.Suspicious
Symantec 10 2007.07.25 Trojan.Vundo
TheHacker 6.1.7.153 2007.07.25 Adware/Virtumonde.af
VBA32 3.12.2.1 2007.07.24 AdvWare.Win32.Virtumonde.af
VirusBuster 4.3.26:9 2007.07.25 no virus found
Webwasher-Gateway 6.0.1 2007.07.25 Trojan.Distamit
I would advise that link be disabled.
Vundo rarely travels alone. You may wish to register here
http://forum.malwareremoval.com/index.php
for a proper clean up.
http://forum.malwareremoval.com/index.php
for a proper clean up.
1 to 5 of 5
Latest Posts
Trump/Ukraine, What Will He Do?
News4 mins ago
Quizzes & Puzzles7 mins ago
Quizzes & Puzzles11 mins ago
Listener 4842 For Me And You By...
Crosswords19 mins ago
