|
|
|
|||||||
| Notices |
 |
|
|
Thread Tools | Display Modes |
07-08-2009, 06:07 AM
|
#1 |
|
Newbie
Join Date: Aug 2009
Age: 21
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
 OS:
|
Major Virus - Can't access Antivirus Sites
Ok so ive tried everything I know to do and I am in desperate need of help!
My computer has come up as a disaster But I think I found the culprit and need to get rid of it, now before I get started I cannot reformat because I do not have a recovery CD for this cd, let me explain why, first off I bought it from a friend and he lost all the CD's over the time he had it. (I know, not real bright) anyhow he needed the money so like a fool I decided to buy it. Anyhow I now realize it has a major problem and I need to fix it. I ran all the things I learned to in school and im running out of options so here are the log files, hopefully someone has the time to assist me! Oh and BTW I have never used a Key generator which I got accused of intentionally downloading earlier because one of the files shows up as Keygen.exe but I honestly don't know how I got it. Code:
MSN_Live_Messenger___2009_02_22.tor... (17086 ) Found nothing 茶叶蛋一蛋.exe (873336 ) Found Backdoor.Win32.Hupigon!IK virus (45%) SeRVeR11.exe (57508 ) Found Trojan.Win32.Midgare!IK virus (83%) csrss.exe (6144 ) Found nothing 多功能查询.rar (3074833 ) Found TR/Dropper.Gen virus (18%) SB3.2.rar (206806 ) Found Heur.W32 virus (5%) QQ空间日志精灵-1.rar (1376715 ) Found TR/Dropper.Gen virus (24%) A0125231.exe (71680 ) Found Trojan-Dropper!IK virus (10%) Q.exe (113161 ) Found Riskware.Win32.VBInject!IK virus (45%) 3389.exe (17408 ) Found Riskware.Server-Telnet.Win32... virus (43%) a1a1a-server.exe (61885 ) Found Trojan.Win32.Refroso!IK virus (64%) infected.USERINIT.EX_ (11713 ) Found nothing Xpert-Zone-checker.exe (114688 ) Found nothing 3001_100.exe (104515 ) Found Worm.Win32.Pushbot!IK virus (40%) sti_ci.dll (133632 ) Found nothing Server-T0TAL10.exe (84992 ) Found Trojan.Win32.Refroso!IK virus (83%) 1.exe (84480 ) Found Trojan.Win32.Refroso!IK virus (83%) 2.exe (84480 ) Found Trojan.Win32.Refroso!IK virus (81%) reader_s.exe (55808 ) Found Trojan-Downloader.Win32.Cutw... virus (62%) GP5.exe (5915648 ) Found nothing Administrator.exe (41456 ) Found Win32/Virut.F virus (56%) Keygen.exe (88576 ) Found TR/Crypt.XPACK.Gen virus (21%) Y-Z Bot Checker V2 Mr.SunnY™.exe (1282048 ) Found nothing 唯美登录器Ver3.7.lnk (507 ) Found nothing msizap.exe (94720 ) Found nothing reader_s.exe (55808 ) Found Trojan-Downloader.Win32.Cutw... virus (59%) Patch.exe (57913 ) Found Trojan.Crypt!IK virus (54%) BB080101.rar (2082069 ) Found Trojan-Dropper.Win32.Microjo... virus (24%) ncph.ncph.12345.exe (614912 ) Found MalwareScope.Backdoor.Hupigo... virus (45%) explorer.exe (1054208 ) Found Trojan.Win32.Patched!IK virus (59%) aeheur.dll (1917303 ) Found nothing rtkhdaud.sys (4737024 ) Found nothing MSCOMM32.OCX (103744 ) Found nothing Keygen.exe (108412 ) Found Virus.Win32.Delf.ICC!IK virus (51%) aegen.dll (356723 ) Found nothing xxxxxxxxxx.rar (165808 ) Found nothing 12345.exe (427520 ) Found Trojan.Win32.Hider!IK virus (62%) FreePhone.exe (24576 ) Found nothing maxthon_duote.exe (4577025 ) Found nothing aescript.dll (455033 ) Found nothing gwt99.exe (104835 ) Found Worm.Win32.Pushbot!IK virus (51%) d_0000000014500.exe (14500 ) Found HackTool.Win32.Crypt!IK virus (5%) 061102H_Client.rar (9405773 ) Found Backdoor.Win32.Hupigon!IK virus (81%) NO_Ejecutar.rar (20786 ) Found Trojan.Crypt!IK virus (35%) KOKOKELO.exe (143872 ) Found Win-Trojan/Xema.variant virus (10%) d_0000000010000.exe (10000 ) Found nothing lcx.exe (32768 ) Found Riskware.NetTool.Win32.Trans... virus (81%) setupru.exe (734448 ) Found nothing 威客.lnk (1577 ) Found nothing 江民专杀.exe (199462 ) Found Backdoor.Win32.Hupigon!IK virus (35%) Last edited by Strider; 07-08-2009 at 10:12 AM.. Reason: Left out some Information |
|
|
|
07-08-2009, 06:17 AM
|
#2 |
|
Newbie
Join Date: Aug 2009
Location: Under your bed...
Posts: 18
Thanks: 2
Thanked 2 Times in 2 Posts
Rep Power: 0
 OS:
   |
Re: Major Virus
Wow. Okay, first off, get a program that can securely delete all of the files that are infected. If you don't want to delete some of them, you don't have to, but it may make things easier if you do.
After you do that, you can run an anti-virus software, such as McAfee, Norton Anti-Virus, Kaspersky, AVG, etc. All of those have trial versions, and should be able to work for you. We don't know exactly what you've done so far to take care of the problem, so we don't know what not to tell you to do. |
|
|
|
|
07-08-2009, 06:18 AM
|
#3 |
|
Newbie
Join Date: Aug 2009
Age: 21
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Major Virus
This might help aswell its a Hijackthis.log I sure hope one of you is feeling savvy and I promise I won't be mad if you can't guarantee anything, i'll be happy if someone just wants to try and help me cure my problem.
Code:
Logfile of HijackThis v1.99.1 Scan saved at 6:45:19 PM, on 8/6/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVG\AVG8\avgui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Jordan Antrim\Desktop\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing) Last edited by Strider; 07-08-2009 at 10:13 AM.. |
|
|
|
|
07-08-2009, 06:21 AM
|
#4 | |
|
Newbie
Join Date: Aug 2009
Age: 21
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Major Virus
Quote:
Sorry about that, I have rune Webdoctor Cureit!, AVG anti-virus FREE edition, Malware Bytes, Advanced System care, and im Virscan online which actually gave me alot more than any of the others, I have HijackThis d-loaded finally although it won't allow me to open any of the Anti-Virus websites so I downloaded it from Major Geeks. Now all I need to know is what to kill I think.. Oh and Virscan would only go to 85% but here's what I got off of it. (It decided to get to 86% this time) Code:
a-squared 4.5.0.3 20090806200116 2009-08-06 Worm.Win32.Pushbot!IK 0.335 AhnLab V3 2009.08.07.00 2009.08.07 2009-08-07 Win-Trojan/Buzus.30720.AF 1.907 AntiVir 8.2.0.240 7.1.5.81 2009-08-06 TR/Drop.Stabs.dui 0.238 Antiy 2.0.18 20090804.2672262 2009-08-04 - 0.124 Arcavir 2009 200908061436 2009-08-06 - 0.065 Authentium 5.1.1 200908061844 2009-08-06 - 1.220 AVAST! 4.7.4 090806-1 2009-08-06 Win32:Crypt-EQS [Trj] 0.006 AVG 8.5.288 270.13.45/2286 2009-08-07 BackDoor.Generic11.ADYU 0.303 BitDefender 7.81008.3834606 7.27032 2009-08-07 - 3.333 CA (VET) 9.0.0.143 31.6.6661 2009-08-06 - 9.673 ClamAV 0.95.2 9660 2009-08-06 - 0.025 Comodo 3.10 1890 2009-08-06 Backdoor.Win32.Agent.~LAN 0.704 CP Secure 1.1.0.715 2009.08.06 2009-08-06 - 11.577 Dr.Web 4.44.0.9170 2009.08.06 2009-08-06 Trojan.DownLoad.38932 5.082 F-Prot 4.4.4.56 20090806 2009-08-06 - 1.220 F-Secure 7.02.73807 2009.07.29.10 2009-07-29 - 7.655 Fortinet 2.81-3.120 10.687 2009-08-06 - 0.247 GData 19.6912/19.430 20090806 2009-08-06 Trojan-Dropper.Win32.Stabs.dzr [Engine:A] 4.803 Ikarus T3.1.01.64 2009.08.06.73179 2009-08-06 Worm.Win32.Pushbot 3.219 JiangMin 11.0.800 2009.08.06 2009-08-06 TrojanDropper.Stabs.fn 3.419 Kaspersky 5.5.10 2009.08.06 2009-08-06 - 0.088 KingSoft 2009.2.5.15 2009.8.6.18 2009-08-06 Win32.Troj.Buzus.46592 0.459 McAfee 5.3.00 5700 2009-08-06 BackDoor-DZF 2.991 Microsoft 1.4903 2009.08.06 2009-08-06 VirTool:Win32/CeeInject.gen!N 5.485 Norman 6.01.09 6.01.00 2009-08-06 - 4.006 nProtect 20090806.02 4971768 2009-08-06 - 6.131 Panda 9.05.01 2009.08.06 2009-08-06 - 2.254 Quick Heal 10.00 2009.08.06 2009-08-06 TrojanDropper.Stabs.dui 1.104 Rising 20.0 21.41.34.00 2009-08-06 Backdoor.Win32.Undef.dyu 1.068 Sophos 2.89.1 4.44 2009-08-07 - 2.802 Sunbelt 5316 5316 2009-08-05 - 1.333 Symantec 1.3.0.24 20090806.006 2009-08-06 Trojan Horse 0.048 The Hacker 6.3.4.3 v00377 2009-08-04 - 0.674 Trend Micro 8.700-1004 6.346.11 2009-08-06 - 0.031 VBA32 3.12.10.9 20090805.1454 2009-08-05 OScope.Buzus.ah 1.810 ViRobot 20090730 2009.07.30 2009-07-30 Trojan.Win32.Buzus.92672.B 0.404 VirusBuster 4.5.11.10 10.111.5/1836163 2009-08-06 Trojan.Ceeinject.Gen Last edited by Strider; 07-08-2009 at 10:14 AM.. Reason: Not enough info. |
|
|
|
|
|
07-08-2009, 06:36 AM
|
#5 |
|
Newbie
Join Date: Aug 2009
Location: Under your bed...
Posts: 18
Thanks: 2
Thanked 2 Times in 2 Posts
Rep Power: 0
OS:
|
Re: Major Virus
It seems like you know what you're doing, so I'd assume you've already done this, but I'll ask anyway.
Have you tried booting into Safe Mode and running one of the virus removal softwares? If he 'misplaced' his CDs, they've definitely got to be somewhere around his house. Try telling him to just look really hard for them, because that's your best bet when something's gotten this far out of hand. You could also try a system rollback in Safe Mode, but usually Windows doesn't keep logs from that far back. Edit: Also, while in Safe Mode, un-install any software that you won't be using while you have the computer, because sometimes viruses hide in plain sight. As for the trojans, the anti virus software should take care of those, along with most of the viruses. Last edited by iiBenxD; 07-08-2009 at 06:38 AM.. |
|
|
|
|
07-08-2009, 06:41 AM
|
#6 |
|
Newbie
Join Date: Aug 2009
Age: 21
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Major Virus
Yea I tried that.. Ive been working from safe mode for 3 days.. and I guess I keep missing the main worm.. my anti-viruses are useless right now so ive been trying to look over ALL the exe's that execute without my knowledge hoping to destroy it but so far ive found all the files names but im not sure how to permanently squash them. or better yet LOCATE them on my CPU to squash them.
|
|
|
|
|
07-08-2009, 06:47 AM
|
#7 |
|
Newbie
Join Date: Aug 2009
Location: Under your bed...
Posts: 18
Thanks: 2
Thanked 2 Times in 2 Posts
Rep Power: 0
OS:
|
Re: Major Virus
Could you post a list of all the file names of the worms? That'd be helpful
 |
|
|
|
|
07-08-2009, 06:53 AM
|
#8 |
|
Newbie
Join Date: Aug 2009
Age: 21
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Major Virus
Ok Here they are!
Code:
Norton2010.exe (53248 ) Found W32/Pws.BLHC (Exact) virus (5%) 1231.exe (6144 ) Found W32/Heuristic-431!Eldorado (... virus (8%) 闪屏添加器.exe (63488 ) Found Trojan.Crypt!IK virus (67%) Engin.rar (1907008 ) Found Win32/NSAnti virus (2%) haoxiaoyao.com1.11.rar (727092 ) Found HEUR/Crypted.E virus (10%) 连发工具.rar (429035 ) Found Trojan-Spy.Win32.Agent.bqt!I... virus (37%) BIS-B16-68-X3.dwg (1030438 ) Found nothing Manual N1000.doc (146432 ) Found nothing 新建 文本文档.txt (95 ) Found nothing Server.exe (197414 ) Found Trojan.Win32.CDur!IK virus (29%) server1.exe (78336 ) Found Trojan.Win32.Refroso!IK virus (83%) SpyDog.rar (308417 ) Found PWS.Win32!IK virus (21%) 1.html (4037 ) Found Trojan.Generic!IK virus (64%) Engin.dll (1953792 ) Found Win32/NSAnti virus (2%) ee.exe (69941 ) Found Backdoor.Win32.Poison.amer [... virus (13%) 木马代码.txt (199 ) Found nothing INIcrypto20.dll (708096 ) Found nothing DNFQQ0807.rar (1202494 ) Found nothing WG8_DNF_CN_20090806A.rar (2468200 ) Found Trojan.Crypt!IK virus (8%) AnalysisLog.sr0 (358932 ) Found nothing ~DFE893.tmp (98304 ) Found nothing AION工作室刷钱外挂bate.exe (1303040 ) Found Virus.Win32.Binder!IK virus (78%) 4.exe (647680 ) Found Backdoor.Win32.Hupigon!IK virus (59%) drive.exe (1489655 ) Found Virus.Win32.Hupigon.DKZ!IK virus (59%) 5.exe (63261 ) Found Backdoor.Win32.PcClient!IK virus (45%) 死亡阴影.exe (65536 ) Found BadJoke/Win32.Deadshadow.a[:... virus (8%) GT劲舞团2.lnk (595 ) Found nothing sethc.exe (184590 ) Found Virus.Win32.Cdur!IK virus (94%) INISafeWeb50.dll (757760 ) Found nothing ddos.rar (314369 ) Found Gen.Trojan!IK virus (10%) RC Data_PEICON.exe (2560 ) Found Trojan-Downloader.Win32.Delf... virus (64%) cz_1_01.path (416 ) Found nothing 3_103_967f6e20e0d0342.rar (956265 ) Found Virus.Win32.Agent.COH!IK virus (51%) Engin.dll (1581056 ) Found Packed/Win32.PolyCrypt.c[:cr... virus (8%) SREngLOG.log (35067 ) Found nothing Perfect_Posture_In_30_Days_Rebrande... (1246818 ) Found nothing 指南针SSS.rar (349278 ) Found TR/Crypt.FKM.Gen virus (32%) COMMAND.COM (54645 ) Found Xtreme.1052 virus (2%) PUBWINKILLER.rar (569087 ) Found Trojan-Downloader.Win32.Aphe... virus (48%) drive.exe (499712 ) Found Virus.Win32.Agent!IK virus (16%) 1.html (4037 ) Found Virus.Win32.Delf.ICC!IK virus (59%) STUB.exe (98304 ) Found Backdoor.Win32.Poison!IK virus (40%) 我爱刘德华.EXE (148200 ) Found Trojan.Win32.CDur!IK virus (27%) 111dnf-3.4.rar (267073 ) Found Backdoor.Win32.VB!IK virus (37%) And I still have yet to find a Virut infection so im almost sure its not Virut, its probably some pesky little worm I can't get rid of or am not sure how to. I just added a DNS server filter that I acquired from a buddy who does network security, so the viruses SHOULDN'T do anymore damage, there all rather contained, nothing going in or out without my knowledge and I was praying it would try to open an injector so I could see where it was coming from as far as getting the new viruses on the CPU but so far the Network security must be doing a really, really good job. Last edited by Strider; 07-08-2009 at 10:15 AM.. |
|
|
|
|
07-08-2009, 09:35 AM
|
#9 |
|
Newbie
Join Date: Aug 2009
Location: Under your bed...
Posts: 18
Thanks: 2
Thanked 2 Times in 2 Posts
Rep Power: 0
OS:
|
Re: Major Virus
Well, from seeing that COMMAND.COM is also infected, I don't think you can manually fix that without just replacing the file, which is very risky.
Okay, I'm going to compile a list of links to articles on the viruses, either telling you how to remove them, or giving you an idea to how to remove them. I might not have an article for every single one though... Norton2010 (also known as Antivirus 2010) Antivirus 2010 removal guide, remove Antivirus 2010 (Antivirus2010) 1231.exe (can send information on your computer via e-mail) 1231.EXE, Prevx Engin.rar How to remove Win32/NSAnti virus - Free Antivirus Forum haoxiaoyao.com1.11.rar HEUR/Crypted - Full description ee.exe ee.exe - ee, Evidence eliminator, Delete and Removal Information! sethc.exe sethc.exe - What is sethc.exe? COMMAND.COM http://threatinfo.trendmicro.com/vin...me=XTREME.1052 drive.exe Microsoft Update - drive.exe - Program Information stub.exe stub.exe :: stub.exe Removal Instructions Okay, I couldn't find anything for the files with the foreign titles. The most luck I had was with the EXE files. It's hard to find a solution to a RAR file, as it could've been infected by someone but the name was changed. Please tell me if any of those solutions or links helped with any of your problems. After you get rid of some of the viruses/trojans/backdoor programs, then try running an antivirus program again and see if it'll do any of its own work. |
|
|
|
|
07-08-2009, 10:17 AM
|
#10 |
|
Founder
 
Join Date: Nov 2005
Location: The Last City Zion!
Posts: 3,539
Thanks: 287
Thanked 345 Times in 298 Posts
Rep Power: 62
 OS:
|
Re: Major Virus
First of all Turn off System Restore.
Now download Combofix and run it as per the instructions here. Post the log file once you're done. |
|
|
|
|
| Thread Tools | |
| Display Modes | |
|
|
< Windows Help - MS Office Help - Hardware Support >
| New To Site? | Need Help? |
Linear Mode
