|
Posted by - 781 on August 16, 2006, 5:59 pm
If you were Registered and logged in, you could reply and use other advanced thread options
08/16/2006 13:53:18
Options:
"C:\" /UNZIP /WINMEM /SUB /ANALYZE /PANALYZE /STREAMS /CLEAN /ALL /DEL /MIME
/PROGRAM /EXCLUDE C:\AV-CLS\EXCLIST.TXT /HTML
"C:\AV-CLS\MCAFEE\SCANREPORT.HTML"
Scanning C: [MAIN]
Scanning C:\*.*
C:\Documents and Settings\Chaxkal\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-5f22f99-372d5264.zip\NEWSECURITYCLASSLOADER.CLASS
... Found the Generic Downloader.v trojan !!!
C:\Documents and Settings\Chaxkal\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-5f22f99-372d5264.zip\NEWURLCLASSLOADER.CLASS
... Found the Exploit-ByteVerify trojan !!!
C:\Documents and Settings\Chaxkal\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv470.jar-1ab62644-2c7b60a3.zip\DUMMY.CLASS
... Found the Exploit-ByteVerify trojan !!!
Summary report on C:\*.*
File(s)
Total files: ........... 140090
Clean: ................. 139890
Possibly Infected: ..... 3
Cleaned: ............... 0
Non-critical Error(s): 2
Time: 00:38.25
>
> | 2.exe and IExplorer.dll were the viruse files of PWS-Bluedit together
> with
> | some registry edits which are here:
> | http://vil.nai.com//vil/content/v_132935.htm
> | IExplorer.dll was a dbt filetype and when I looked at File Types in
> Folder
> | Options, I noticed it was referring to a file called NOTEDAD.exe
> | I have deleted a NOTEDAD.exe file that .dbt file was directed to.
> | I haven't noticed that it was in fact not notePAD, but it was
> noteDAD.exe.
> | Inside my registry, I had deleted .ini, .bat, .txt registry locations
> that
> | had NOTEDAD.exe
>
> | bat registry location that I deleted was in registry located at:
> | HKCR\batfile\shell\edit\comman (Default) REG_SZ
> "C:\Windows\NOTEDAD.EXE"
> | Later I edited the Default value to "%1"%*
> | I thought that it needed some sort of value in it and copied it from
> | OPEN\COMMAND's Default value.
>
> | I did the same for ini, txt, reg locations that NOTEDAD.exe was found.
>
> | Now I think this is the reason that I am unable to edit batfiles, txt
> files,
> | ini files since upon right clicking and choosing EDIT, it opens the
> file.
>
> | How can I get my registry back and fix it in regards to editing txt,
> ini,
> | bat, reg files.
> | Thank you.
> | Hope this was as clear to fix my problem.
> | Gino.
>
>
>>>I somehow infected my pc with the PWS-Bluedit virus.
>>> Norton Antivirus 2006 with updated virus definitions was unable to
>>> remove
>>> the virus as it keeps coming back.
>>> Here is the website from McAfee
>>> http://vil.nai.com//vil/content/v_132935.htm
>
>>> Can someone tell me whether I can get a removal tool or do I have to buy
>>> McAfee?
>>> Thanks.
>>> Running WinXP Pro SP2.
>
>
> There was NO reason to Cross-Post this to;
> microsoft.public.windows.inetexplorer.ie6.browser &
> microsoft.public.windowsxp.help_and_support once you posted to;
> microsoft.public.security.virus
>
> Follow-ups set to; microsoft.public.security.virus
>
>
> The Multi AV Scanning Tool corrects the Registry enties you posted. You
> were asked to run
> the Multi AV Scanning Tool and post your results.
>
> I don't see the requested HTML Log files.
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
| 
XML site map