Another "backdoor.coreflood" problem, but with DETAILS! ...help, please?

Discussion in 'malware problems & news' started by intothefire1289, Jul 7, 2004.

Thread Status:
Not open for further replies.
  1. intothefire1289

    intothefire1289 Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    1
    :eek: Okay, here's my problem. Earlier today, after installing the most recent Norton Antivirus definition updates, as well as Ad-Aware's updates, I was notified later that evening that I was infected with the "Backdoor.Coreflood" trojan. At the time of Norton's noticing, I was told a file repair failed, quarantining failed, and that the file itself could not be deleted. (The file, and its location: "C:\Windows\System32\tapiperg.dll." All efforts to delete/etc' the file have since failed.) I tried the removal method offered by Symantec (found at http://securityresponse.symantec.com/avcenter/venc/data/backdoor.coreflood.html) and I tried turning to McAfee and downloaded their "Stinger" trojan solution, which, too, failed. I tried an Ad-Aware full-scan, which helped nothing; I also tried a Norton full-scan, too, which only reminded me that I've yet to make progress. :mad: I can't seem the find that ".exe" file that Symantec mentions, which, according to them, seems to work in tandem with the DLL file the .EXE spawns, or so I believe recalling. I've installed ZoneAlarm, which, I hope, should at least restrict what leaves from and makes it into my computer.

    I don't have the money to call Symantec, and I don't know anyone personally who could help, so I'm reaching out after searching through Google for the past 3 hours. (This problem of mine arose 7 hours ago.) If anyone could help me, I would be so appreciative... I'm somewhat desperate here, and I do need and am still seeking assistance to this problem. So, please, a little help? I thank any and all in advance who come to my aid.

    w.j. Rodrique


    p.s... My system's 2.4 Ghz w/258 MB of RAM, running on Windows XP, "armed" with a cable modem which ISN'T WORKING AS WELL AS IT SHOULD. If you should need any further information, please, just ask me. :doubt:

    Thank you for your time.
     
  2. dread

    dread Registered Member

    Joined:
    May 18, 2004
    Posts:
    195
    Well mcafee stinger does not remove or even detect it. Its ment for specific ones and Coreflood isnt one of them not from the list I seen anyway here is the list http://vil.nai.com/vil/stinger/ and here to http://vil.nai.com/vil/averttools.asp#stinger. Read this post https://www.wilderssecurity.com/showthread.php?t=40013 I believe bigc73542 gave a link for a removal tool. You could aslo get a free trojan scanner like Ewido or a² free, dont hurt to have a extra scanner installed in case you av misses or fails.
     
  3. coppertrail

    coppertrail Registered Member

    Joined:
    Jul 18, 2004
    Posts:
    30
    I got rid of this one the other day (Windows XP). What I did was:

    Deleted all my System Restore Points
    Created a new system Restore Point
    Disabled System Restore
    Rebooted into Safe Mode

    Ran my Antivirus utility. This thing loves to infect the HLLM Run key with its entries, so it becomes difficult to eradicate it.

    I also recommend rebooting back into safe mode, then run the AV scanner again, just to make sure you got everything. Then, boot normally and run one more scan . . .
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    here at sophos is the cleaner for coor-flood here and here The first link is coor-flood c and the second link is coor-flood d
     
Loading...
Thread Status:
Not open for further replies.