Backdoor.Pigeon.AXR

arch-enemy
arch-enemy
in Malware talk

Hi all, this nasty little thing has been bugging me for the last couple of days now, iv tried deleting it, quarantine and moving it, but it just keeps coming back and changing its location after i delete it.


also, im pretty sure its making my defualt browser run twice in the task manager, when i end the process for it, it just pops back up again.... its using safari.exe, or if i change my defualt browser to firefox or iexplorer same thing happens.


anyway, heres the report from a recent scan i did


//-----------------------------------------------------------------


//


// ProductBitDefender Antivirus Plus v10


// Product10.0


//


// Created on: 27/06/2007 02:00:04


//


//-----------------------------------------------------------------


Virus Statistics


Scan path : C:\WINDOWS


C:\Program Files


Folders : 3679


Files : 14357


Memory processes scanned : 0


Archives : 5


Runtime packers : 808


Identified viruses : 1


Infected files : 1


Memory processes infected : 0


Suspect files : 0


Warnings : 0


Disinfected files : 0


Deleted files : 0


Moved files : 1


I/O errors : 17


Scan time : 00:12:02


Scan speed (files/sec) : 19


Virus definitions : 842704746


Scan plugins : 16


Archive plugins : 41


Unpack plugins : 6


Mail plugins : 6


System plugins : 5


Virus scan options


Detection


[X] Scan boot sectors


[ ] Memory Processes


[ ] Scan archives


[X] Scan runtime packers


[X] Scan email


File mask


[X] Programs


[ ] All files


[ ] User defined extensions:


[ ] Exclude extensions: ;


Action


Infected objects


[ ] Ignore


[X] Disinfect


[ ] Delete


[ ] Move to quarantine


[ ] Prompt user


Second action


[ ] Ignore


[ ] Delete


[X] Move to quarantine


[ ] Prompt user


Virus scan options


[X] Enable warnings


[ ] Enable heuristics


[ ] Show all files in log


[X] Report file: C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\quick_scan\1182873604.log


Spyware scan options


[X] Scan for riskware


[ ] Skip dial and applications from scan


[ ] Registry keys


[ ] Cookies


Summary:


C:\WINDOWS\system32\drivers\lfg.sys Infected: Backdoor.Pigeon.AXR


C:\WINDOWS\system32\drivers\lfg.sys Disinfection failed


C:\WINDOWS\system32\drivers\lfg.sys Moved


Not really sure what else i can do...


any sugestions would be great...

Comments

  • AndreiASM
    AndreiASM

    You problem is that the trojan appears to be a driver. It starts with windows and does it's job. You should make a scan in safe mode and you could also download superantispyware from here and also make a scan in safe mode.


    Andrei

All Time Leaders

Categories

Defenders of the month - March