You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/
Thank you for your understanding.
Trojan.dnschanger.uy
So now I turn to the forums,
I have been dealing with the problem for a while now and am very sick of what is happening.
I am running Bitdefender Antivirus 2008 and it detects a larg number of virus's that get delect right away. The trouble is that it keep happening, I believe that there is some file that is creating the files that my antivirus picks up and deletes. So the big question is why can't Bitdefender pick up the virus at the source and get rid of my issues once and for all. I have gone as far as purchasing a decent spyware program along side Adaware and spybot, which have found a few but still not solved my issue. I have sent in the "child" virus files that get deleted to various places and still no solution.
Here is an example of the file name of one of the child virus "tmp1_390688283751.bk" so it would seem it just keep creating backups of its self.
The information that bitdefender gives me is
"Virus name: Trojan.DNSChanger.UY
path: c:\windows\sysWOW64\config\systemp\systemprofile\appdata\local\microsoft\windows\Temporary Internet Files\Content.IE5\ITJFPU4S\wmiprves[1].exe
The file has been deleted"
And about 10 others in the same window but with different paths
I am running Windows Vista 64bit
and would appreciate any help that I can get
kind Regards,
Asher
Here is what I know about the virus so far (information taken from http://www.spywaredetector.net/spyware_enc...DNSChanger.htm)
Category Trojan
Discovered 1/19/2007 10:03:00 AM
Modified 12/3/2007 4:09:00 PM
Threat Level Medium
Description A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.
Summary N/A
When the Trojan is executed, it creates the following files:
Name Version Publisher Signature (MD5) File Size (in KB)
..\yaemu.exe
..\kdebn.exe
..\bdood.exe 6deb39376449a91b4f8354bb9e706d2f 35862
..\kdtcg.exe 71181
..\qktnq.exe cfc605f9ac5f15e67f5580e83dcdbb53 34884
..\kdzly.exe
..\kdhfj.exe
..\scesr.dll ee5db68a4d6b6a7015ba2714543542eb 59392
..\kdeev.exe
..\kduho.exe
..\kdgvl.exe
..\kdnmv.exe
..\cuejd.exe 6e9b5a4d4281a99c555f7a301d77c542 34893
..\tuzur.exe cf17d063903595b1afad2090d8109b05 34882
..\trojan.win32.dnschanger.ah \f3444862.exe 3f459cae4766e75e9b0b4aef91164d73
..\trojan.win32.dnschanger.ai \f3bef4eb.exe f5383649888d3346ac4c83c384223a7e
..\trojan.win32.dnschanger.as \47d05a24.exe 33843e94c4563ada29abdda78db1a951
..\trojan.win32.dnschanger.cf \40f3076e.exe 00ea5396a9b8ac19b6e0509e7a7dc266
..\trojan.win32.dnschanger.x \ef5d9c7d.exe 513f691cdd23de2858722b0ad0ac1ece
..\desktop\zcodec1000.exe 7a660879eed78f52e2f33ffa4559dde9
..\desktop\dvdcodec1000.exe 7a660879eed78f52e2f33ffa4559dde9
..\temp\step1.exe 02a05add10d790936355b4acd0e77964
..\temp\mdqj.exe 67a4b2eeeb836ab3ad0247ff6f80a5d1
..\temp\pdyq.exe 3de2f785fd59c163b6ea134da023dd22 7826
--------------------------------------------------------------------------------
When the Trojan is executed, it creates the following Registry entries:
• ..\Software\Classes\searchporn
• ..\Software\Classes\videoporn
• ..\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchporn
• ..\Software\Microsoft\Windows\CurrentVersion\Uninstall\selectiveadmission
• ..\Software\searchporn
• ..\Software\selectiveadmission
• ..\Software\Microsoft\Windows\CurrentVersion\Run\\"dmdzo.exe"
• ..\Software\videoporn
