Packed.Morphine.D
15 December 2007
Packed.Morphine.D is still considered as unclassified threat. No additional information and removal can be released until the threat itself is evaluated.
Aliases:
-
Risk Level:
-
File Size:
-
Affected System: Windows
Common Symptoms:
-
Related posts:
- Tibs-Packed Tibs-Packed is a generic detection that covers a...
- Free Ewido Anti-Spyware Now Available for Download GRISOFT, the leading provider of antivirus, firewall...
- Rootkit-Virus vt100.exe Virus VT100.exe is a rootkit type of...
- Trojan.Downloader.MoneyMind Trojan.Downloader.MoneyMind is a trojan that modify homepage...
I’m just a novice but I’ve managed to get rid of the alerts by uninstalling AVG antivirus and spyware, installing Avast antivirus, performing a non destructive recovery as computer would no longer shut down and then running the avast which isolates the infected file in the virus chest, and, finally installing Lavasoft spyware. But how do you get rid of it !!!
I followed the stadard procedure of PreciseSecurity, but with no luck. My AVG (Grisoft) is of no use for this threat. Can’t access the internet from my the infected computer anymore. I’ve been infected since December 15th. due to a link from a popular and widely respected Danish newspaper, http://www.jp.dk. As of today, no results on finding any fix for this problem on google (or any where else). I’m anxious to get a solution for the problem asap. Ys, Jake.
Just FYI. Spyware Doctor came up with this result:
- Hidden Files
- Trojan-Downloader.small.cml
- Application.Second_Sight
- Spyware.Known_Bad_Sites
- Trojan.cws
Number of infections >90.
Further, I think there’s a relation to BHO.cvx
I also got the virus. I haven’t seen anything that is does yet but AVG pops it up every time I try to enter and website. Also ran spyware doctor and AVG and nobody can get rid of it. Anybody found a remedy yet??
Searched everywhere for a fix for this. Tried everything and finally the only thing that seemed to work for it was running ComboFix.exe but apparently it is only supposed to be used under the supervision of expert guidance.
Gave up, too bored of trying as packed morphine d invited some of its friends, and everytime I kicked one of them out – another appeared. So, I closed the party, made a format c, and re-installed. Boot sector not infected. Sorry, can’t provide any useful tips. Searched everywhere and tried several different antivira programs and anti-spam apps. Best of luck and a merry christmas to all. Ys, Jake
I have same problem as described above. AVG detects infected file and puts it in quarantine. But every time I open IE or many other windows functions like toolbox, search, etc. the file gets detected again. Internet connection has been destroyed, my firewall has been disabled, and the e-mail AVG scan part has been disabled. I guess it is a good thing the internet connection is NOT working now! I’ve searched, but found no good solutions. Anyone got any suggestions?
Perhaps some people did not read my previous post. Not sure if the same thing will work for others but certainly using ComboFix.exe allowed me to remove the offending dll files and the corresponding autoruns disappeared from the list of browser help objects (which may explain the relation to BHO.CVX virus). Using various other programs/solutions only allowed me to disable the files temporarily only and not permanently delete. The dll files that were affected on my computer were unnecessary and appeared to have similar names to functional dlls with an extra letter attached.
You can download Combofix.exe from http://download.bleepingcomputer.com/sUBs/ComboFix.exe
This should be run in safe mode, using F8 at windows start up (to disallow other programs including AVG to start).
You should also remove all temporary files using a program like ATF-cleaner first, then disc cleanup to remove old system restore files.
I list this solution as hopefully a help for others but cannot take responsibility for any outcome resulting from following my suggestions.
Although the instructions in the link listed below have not been written with this virus in mind, it may be helpful to at least read around the topic of using combofix in particular:
http://forums.maddoktor2.com/index.php?showtopic=8250
Have used combofix on this packed morphine infection and it did remove the virus but also disabled my internet connection and firewall. Still have a strong wireless connection signal but it is not connected?? So i now have a clean unusable machine until i find a way of switching the internet connection and firewall back on.
Ok found out how to restore internet connection after running combofix. type sfc /scannow into the run command and press enter.
this will scan the system files and repair any that have been removed or corrupted.
My internet connection and firewall is already disabled, that is before running combofix. I’m about to try that now, and will come back with the restults later.
Eureka! combofix really works! so far no more annoying popups of viruses detected. I’m running the sfc /scannow to see if I can get my internet connection fixed.
I used combofix and it seems to have fixed the problem. Still have internet, but I only did this this a.m. so I’ll still have to see if anything else bad happens. AVG finally not doing annoying “pop ups.” Packed.morphine seems to pick various files in people’s system32 directory, perhaps by random. Maybe that’s why some people lose connectivity when they fix and some do not?
I also got warnings from AVG – moving to the vault did not solve it – the infected
file (batta.dll) kept reappearing. Eventually reverted to ignore, shortly afterwards
lost internet connection. I noted (from control panel -> admin tools -> Event Viewer -> System) errors indicating TCPIP service was not running. Warning – do not ignore AVG popups; do not switch to another virus tool that does not recognise the threat. The fix was:
> netsh int ip reset c:\mylog.txt
> netsh winsock reset
(These restore the default network configuration). Still no success but noted the file tcpip.sys (in system32) was recent. My intention was to try the tcpipv6 variant in its place, but after renaming tcpip.sys that the ‘original’ file appeared (2004) – (I think because TCPIP is part of the operating system rather than an added service.)
Then, after reboot I had network access back.
Also, in Internet Explorer noticed loads of browser helper objects add-ons related to the infected file – I disabled these.
But still unable to remove the virus – just live with it at the moment. I just ignore the popups. Try using firefox browser instead – do not get the popups then.
Tried combofix – it picked the same files as AVG and managed to remove them such that they did not reappear (in system32 – batta.dll, dpvvoxj.dll, ~.exe, dbxDgrevCheck.dll) – two of the created files seem to be genuine filenames with an addtional character appended.
AVG popups no longer appear.
AVG Scan now picks up c:\system volume information\_restore(…..}\A0001604.dll as containing packed.morphine.d and moved to the vault – not sure if this is sinister still – what is that directory for? (it’s hidden)
Tried Dr Web CureIt (free download)which caused Spybot S&D to ask me to OK a registry change which I did. Screen froze so restarted PC which booted up quicker. Ran AVG which identified packed morphine but this time it easily removed it! (I originally had Packed morphine, BHO.cvx and Obfustat and AVG couldn’t touch it!). Both AVG and CureIt give me a clean bill of health now.
Also used Dr Web Cureit which together with
AVG fixed the problem (so far after 24 hours).
Also used Dr.Web with Avg, am now pop-up free and avg picked up BHO.cvx and Obfustat which it healed. This is definately the solution.
hey :-)
its very interesting point of view.
Nice post.
realy gj
thank you ;)
vorrei antivirus completamente gratuito
Leave your response!
More in Trojan
Subcategory
Recent Posts
Recent Comments
Home | Links | Contact Us
Copyright © 2006-2010 | Tech Blogs - precisesecurity.com | Privacy Policy