Hi, I am new using this, but I have many problems, and I have searched in McAfee library about them, but they are not registered:
The first one deleted all the files from my USB, and created a group of folders or aplications like folders. This folders have the name of common Windows folders, like "Documents", "Photos", & "Music". The name of the malware is sbpad.exe. The others are dxwuat.exe, p.exe, gefr.exe and rvloz.exe.
Also there is a file, which I don't know if is a virus, that has a long name:
I tried using an antivirus called Prevx 3.0, and it says that the last one is caused by rvloz.exe.
My question: Help!!!
on 9/09/10 10:29:40 PM CDTEl mensaje fue editado por: Felipe on 9/09/10 10:34:22 PM CDT
If you infected with something and have trouble finding what is causing the infection, I'd suggest giving this handy tool a try.
"McAfee GetSusp is intended for users who suspect undetected malware on their system. By using a combination of clever heuristics and querying McAfee's online database of known clean files to gather suspicious files, GetSusp eliminates the user's need for deep technical knowledge of computer systems to isolate undetected malware. McAfee GetSusp is recommended as a tool of first choice when analyzing a suspect machine."
Get it from here:
Once GetSusp identifies and collects the suspect files, post the logs here and we community members can help.
Technical Product Manager, McAfee Labs
Thanks, Vinoo, but the program says at the end: "Suspicious samples have not been delivered to Mcafee Labs". It says that is because the size, so, I don´t know how to send it...
Thanks again. Just in case you can use it, there is a zip file created by GetSusp.exe with some suspicious elements.
McAfee GetSusp was successfully able to identify two malicious files on your system. One of them is >3MB in size and hence the upload failed. This information will suffice for our virus analysts monitoring the community to add detection for these files.
Thanks for posting the scan results.
|Status||MD5||Location||File Name||Attribute||Company||Description||Product Version||File Version||File Size||Creation Date||Modification Date||Type||Scan Error|
|UNKNOWN||f46074bfd576caaf8ce41f43361ef102||C:\Users\Felipe Vidal Otero\svcpad||svcpad.exe||HS||1.00||1.00||3,231,744||09/10/2010 07:20||09/10/2010 07:20||Process|
|UNKNOWN||4f7dfe8e99ffa5a16e2cffbe73b8c4be||C:\Users\Felipe Vidal Otero||weamua.exe||HRS||1.81||1.81||208,896||09/10/2010 07:19||09/10/2010 07:19||Process|
Thanks Vinoo, but anyway, I submit another file that I already sent to McAfee-Labs via E-mail, but they didn't answer to me, so I don't know if they received it. Here are the things that I think had destroyed my USB. The password is "infected". Thanks again, I hope you can solve it...
El mensaje fue editado por: Felipe on 10/09/10 05:56:56 PM CDTMessage was edited by: Ex_Brit on 11/09/10 7:47:33 EDT PM
I've pinged our virus analysts to take at look at the files you've posted.
The zip file that was posted to the forum was not password protected. Please take care to password protect zip files next time you post anything malicious. This would prevent users accidentally downloading and executing files posted on the forum.
Oh, God! I'm so sorry!, but it was suposed to have a password, I don't know what could happen. I checked it a lot of times, I don't understand. Anyway, I hope I have been helpful, and doesn't think twice at asking me to do anything else. Thanks for the help, & hope you can solve it.