Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor.tidserv!inf HELP ME KILL IT DEAD


  • Please log in to reply
17 replies to this topic

#16 Vertigo1

Vertigo1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 03 December 2008 - 03:52 PM

Scan
----
Scanned: 263193
Detected: 1
Untreated: 0
Start time: 12/3/2008 12:42:49
Duration: 01:59:51
Finish time: 12/3/2008 14:42:40


Detected
--------
Status Object
------ ------
deleted: virus Worm.Win32.AutoRun.qin File: F:\autorun.inf


Events
------
Time Name Status Reason
---- ---- ------ ------
((( this section withheld, because it's approximately 300 pages long)))

Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
All objects 8518 1 0 1 0 46 37 0 0
System memory 4910 0 0 0 0 4 2 0 0
Startup objects 774 0 0 0 0 0 13 0 0
Disk boot sectors 6 0 0 0 0 0 0 0 0
Local Disk (F:) 2828 1 0 1 0 42 22 0 0


Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes


Quarantine
----------
Status Object Size Added
------ ------ ---- -----


Backup
------
Status Object Size
------ ------ ----
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp754\a0264485.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp754\a0262385.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp757\a0264685.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp755\a0264575.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp757\a0264643.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\autorun.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp754\a0263477.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp756\a0264613.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp754\a0264556.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.qin f:\autorun.inf 103 bytes
Infected: virus Worm.Win32.AutoRun.onp d:\system volume information\_restore{d23eff2a-bfef-46a5-8364-d064e372df2b}\rp754\a0263316.inf 103 bytes

=====
=====
=====

Logged disk F: , continuing to disk C: .

BC AdBot (Login to Remove)

 


#17 Vertigo1

Vertigo1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 03 December 2008 - 11:04 PM

Disk C checks out as clean.

Norton also registers no threats active on either drive.

MBAM and Spybot are both cooperative, as well.

#18 Guest_superbird_*

Guest_superbird_*

  • Guests
  • OFFLINE
  •  

Posted 04 December 2008 - 01:35 AM

Hi,

You seem to be clean again (except the infections in System restore, we will handle with them when you answered this post).
Do not use system restore, because you can be reinfected then.

Do you still have problems? :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users