Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected


  • Please log in to reply
5 replies to this topic

#1 mina33

mina33

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 08 March 2008 - 11:46 AM

hey guys,
i need some help please...kaspersky can't delete some viruses...here's the report:


deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rio File: C:\DOCUME~1\Student\LOCALS~1\Temp\z5.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rin File: C:\WINDOWS\system32\amvo0.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rie File: c:\windows\system32\amvo.exe
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP111\A0038719.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP111\A0038720.inf
deleted: Trojan program Trojan-PSW.Win32.Magania.bqo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP111\A0038782.dll
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP112\A0038787.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP112\A0038788.inf
deleted: Trojan program Trojan-PSW.Win32.Magania.bqo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP112\A0038951.dll
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP112\A0038954.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP112\A0038955.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP113\A0038966.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP113\A0038967.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP114\A0038979.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP114\A0038980.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP115\A0039001.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP115\A0039002.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0039022.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0039023.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0039032.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0039033.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0039046.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0039047.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP119\A0039058.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP119\A0039059.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP119\A0039083.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP119\A0039084.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP120\A0039092.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP120\A0039093.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP121\A0039100.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP121\A0039101.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039108.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039109.inf
deleted: Trojan program Trojan-PSW.Win32.Magania.bqo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039124.dll
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039127.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039128.inf
deleted: Trojan program Trojan-PSW.Win32.Magania.bqo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039140.dll
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039143.com
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvl File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039144.inf
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039159.exe
deleted: Trojan program Trojan-PSW.Win32.Magania.bqo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP122\A0039160.dll
deleted: virus Worm.Win32.AutoRun.clq File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0039208.cmd
deleted: virus Worm.Win32.AutoRun.coi File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0039209.inf
deleted: Trojan program Trojan-PSW.Win32.Magania.bqo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0040139.dll
deleted: virus Worm.Win32.AutoRun.clq File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0040144.cmd
deleted: virus Worm.Win32.AutoRun.coi File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0040145.inf
deleted: virus Worm.Win32.AutoRun.clp File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0040190.dll
deleted: virus Worm.Win32.AutoRun.clq File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0040193.cmd
deleted: virus Worm.Win32.AutoRun.coi File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0040194.inf
deleted: virus Worm.Win32.AutoRun.clp File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0041183.dll
deleted: virus Worm.Win32.AutoRun.clq File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0041186.cmd
deleted: virus Worm.Win32.AutoRun.coi File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP123\A0041187.inf
deleted: virus Worm.Win32.AutoRun.clq File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP124\A0041194.cmd
deleted: virus Worm.Win32.AutoRun.coi File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP124\A0041195.inf
deleted: virus Worm.Win32.AutoRun.clp File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP124\A0041231.dll
deleted: virus Worm.Win32.AutoRun.clq File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP124\A0041233.exe
deleted: virus Worm.Win32.AutoRun.clp File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP124\A0041234.dll
deleted: virus Worm.Win32.AutoRun.coi File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP124\A0041235.inf
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041249.bat
deleted: virus Worm.Win32.AutoRun.clp File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041305.dll
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041307.bat
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qyo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041373.dll
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041376.bat
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP126\A0041389.bat
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041392.bat
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qyo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041417.dll
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041422.bat
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qyo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041439.dll
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041441.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qyo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041442.dll
deleted: virus Worm.Win32.AutoRun.cmc File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041443.bat
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qyo File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041463.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rie File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041466.bat
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rie File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP128\A0041473.bat
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rin File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP128\A0041606.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rie File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP128\A0041609.bat
not found: Trojan program Trojan-PSW.Win32.OnLineGames.rie File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP129\A0041614.bat
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rin File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP129\A0041637.dll
not found: Trojan program Trojan-PSW.Win32.OnLineGames.rie File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP129\A0041639.bat
not found: Trojan program Trojan-PSW.Win32.OnLineGames.rie File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP129\A0041651.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rin File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP129\A0041652.dll
deleted: virus Worm.Win32.AutoRun.clq File: C:\d6fagcs8.cmd
not found: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\nideiect.com
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rin File: C:\WINDOWS\system32\amvo1.dll
deleted: Trojan program Trojan-PSW.Win32.Nilage.bvj File: C:\WINDOWS\system32\help.exe.tmp
deleted: virus Worm.Win32.AutoRun.coi File: F:\Autorun.inf
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rin File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP130\A0041678.dll
detected: riskware Hidden data sending Running process: C:\Program Files\MSN Messenger\MsnMsgr.Exe
detected: riskware Hidden data sending Running process: C:\Program Files\Internet Explorer\IEXPLORE.EXE
detected: riskware Hidden data sending Running process: C:\Program Files\MSN Messenger\msnmsgr.exe
deleted: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\Student\My Documents\Setup bleep\PinkRibbon1.2.exe//data0001.bin//data0009
deleted: Trojan program Trojan.Win32.VB.byq File: C:\Program Files\Pink Ribbon Toolbar\MimeSniffer.dll
deleted: Trojan program Trojan.Win32.VB.byq File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP135\A0045782.dll
detected: Trojan program Trojan.Win32.VB.byq URL: http://s31.freecause.com/107.cab?rnd=24961/MimeSniffer.dll
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$0AEE1CE2.t$m
detected: Trojan program Trojan.Win32.VB.byq URL: http://s31.freecause.com/107.cab?rnd=26705/MimeSniffer.dll
detected: Trojan program Trojan.Win32.VB.byq URL: http://s31.freecause.com/107.cab?rnd=21473/MimeSniffer.dll
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\MHS070~1\LOCALS~1\Temp\$46643FE5.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\MHS070~1\LOCALS~1\Temp\$31DD2F47.t$m
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041250.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041308.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP125\A0041377.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP126\A0041390.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041393.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041423.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041444.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP127\A0041467.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP128\A0041474.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP128\A0041610.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP129\A0041615.inf
not found: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP129\A0041640.inf
deleted: virus Worm.Win32.AutoRun.cub File: C:\autorun.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp125\a0041250.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp125\a0041308.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp125\a0041377.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp126\a0041390.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp127\a0041393.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp127\a0041423.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp127\a0041444.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp127\a0041467.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp128\a0041474.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp128\a0041610.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp129\a0041615.inf
deleted: virus Worm.Win32.AutoRun.cub File: c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp129\a0041640.inf
detected: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\mhs070229\Local Settings\Temp\Low\FCTB00107\cache\de8808da23d390de736a9fa042f0050b//MimeSniffer.dll
detected: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\mhs070229\Local Settings\Temporary Internet Files\Content.IE5\PDYDUNZO\107[1].cab
detected: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\mhs070229\Local Settings\Temporary Internet Files\Content.IE5\PDYDUNZO\107[1].cab//MimeSniffer.dll
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$70223A38.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$014A4369.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$459B5424.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$794F1B00.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$4562382D.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$28CB7918.t$m
detected: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\Student\Local Settings\Temp\Low\FCTB00107\cache\de8808da23d390de736a9fa042f0050b//MimeSniffer.dll
detected: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\Student\Local Settings\Temporary Internet Files\Content.IE5\818UZ8L2\107[1].cab
detected: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\Student\Local Settings\Temporary Internet Files\Content.IE5\818UZ8L2\107[1].cab//MimeSniffer.dll
detected: Trojan program Trojan.Win32.VB.byq File: C:\Documents and Settings\Student\Local Settings\Temporary Internet Files\Content.IE5\JFL2D02E\107[1].cab//MimeSniffer.dll
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$00C018D4.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$75404692.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$1ED4318E.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$34F3008F.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$07FA4175.t$m
deleted: virus Worm.Win32.AutoRun.cub File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP142\A0050183.inf
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$0ED866F5.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$065453F9.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$2A980A27.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$146E4305.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$3A065ED0.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$2FE20A21.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$3885783F.t$m
not found: Trojan program Trojan.Win32.VB.byq File: C:\DOCUME~1\Student\LOCALS~1\Temp\$17E86B01.t$m

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:53 PM

Posted 08 March 2008 - 06:02 PM

Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet.
Please download Dr.Web CureIt & save it to your desktop. DO NOT perform a scan yet.

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Scan with Dr.Web CureIt as follows:
  • Double-click on cureit.exe to start the program. (ignore any prompts to update or check for a new version)
  • When the Dr.Web opens, an "Express Scan of your PC" notice will appear.
  • Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
  • Once the short scan has finished, Click Options > Change settings
  • Choose the "Scan tab" and UNcheck "Heuristic analysis"
  • Back at the main window, click "Custom Scan", then Select drives (a red dot will show which drives have been chosen).
  • Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
  • When done, a message will be displayed at the bottom advising if any viruses were found.
  • Click "Yes to all" if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
    (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
  • Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop. (You can use Notepad to open the DrWeb.cvs report)
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 mina33

mina33
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 09 March 2008 - 06:17 AM

hey, so i did wht u asked and got no viruses, but kaspersky was now able to repair those remaining viruses. im scanning my computer again and will let you know if the viruses r still there...thnx

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:53 PM

Posted 09 March 2008 - 08:34 AM

If you find anything, please post the complete log.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 mina33

mina33
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 09 March 2008 - 08:41 AM

no more viruses! thnx for ur help =)

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:53 PM

Posted 09 March 2008 - 08:48 AM

Your welcome.

Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users