Cant get rid of VB.DY, HELP !!!

[Mike_in_SD]

Hey guys ..

Nod32 keeps saying that it has found VB.DY .. and that it is unable
to get rid of it.

I have tried every program that claimed to be able to get rid of vb.dy

including ...

adaware
pestpatrol
spybot s&d
spyware detective
spyware doctor
ewido
super antispyware
spycatcher

the problem is NONE of them see it .. just nod32

whats up with that

tia
Mike

 

[pcbutts1]

Ewido does detect it and removes it. It is probably a false positive, submit
the file to http://www.virustotal.com/en/indexf.html for analysis.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com

 

[Peter Seiler]

pcbutts1 - 16.05.2006 05:01 :

Ewido does detect it and removes it. It is probably a false positive, submit
the file to http://www.virustotal.com/en/indexf.html for analysis.

are you "betina" also? If, it's very confusing. Do you want that?

And: Please avoid always fullquoting and even placed after yout
sig-line. THX in advance for your kind understanding.

 

[David H. Lipman]

From: "Mike_in_SD" <[email protected]>

| Hey guys ..
|
| Nod32 keeps saying that it has found VB.DY .. and that it is unable
| to get rid of it.
|
| I have tried every program that claimed to be able to get rid of vb.dy
|
| including ...
|
| adaware
| pestpatrol
| spybot s&d
| spyware detective
| spyware doctor
| ewido
| super antispyware
| spycatcher
|
| the problem is NONE of them see it .. just nod32
|
| whats up with that
|
| tia
| Mike

Mike:

You haven't supplied enough information. Is "vb.dy" the name of the infector or the file
deemed to be infected ?

Please post the fully qualified name and path to the file deemed to be infected by NOD32.

 

[Mike_in_SD]

|

| Nod32 keeps saying that it has found VB.DY .. and that it is unable
| to get rid of it.
|
| I have tried every program that claimed to be able to get rid of vb.dy
|

You haven't supplied enough information. Is "vb.dy" the name of the
infector or the file deemed to be infected ?

Thanks for all the replys guys ..

It said the file was in d:\system information\restore\blah blah

So I just made an exception in NOD32 exception area .. and its ok now.

thanks again
mike

 

[kurt wismer]

|

Thanks for all the replys guys ..

It said the file was in d:\system information\restore\blah blah

So I just made an exception in NOD32 exception area .. and its ok now.

ah, well that explains a few things... it was trapped in your system
restore and you're using xp... the system restore folder(s) are
protected from modification by the user or programs run by the user by
default (you can change the file system permissions if you want)...

flushing your restore points will get rid of it for good (so you won't
need an exception in your av)...

 

[Ron Lopshire]

ah, well that explains a few things... it was trapped in your system
restore and you're using xp... the system restore folder(s) are
protected from modification by the user or programs run by the user by
default (you can change the file system permissions if you want)...

flushing your restore points will get rid of it for good (so you won't
need an exception in your av)...

Ah, yes. Windows XP System Restore ...

Insanity <==> Windows XP System Restore

Once a piece of malware, and there are hundreds, has the ability to
insinuate itself into any and all WinXP Restore points, it is no
longer of any use. In such a case, the phrase "Last Known Good
Configuration" is a true oxymoron, i.e., there is absolutely no way of
knowing whether it is any _good_ or not.

Disable Windows XP System Restore, flush all restore points as Kurt
noted, and go with Lars Hederer's ERUNT utility.

(http://www.larshederer.homepage.t-online.de/erunt/)

Even MS aficionados swear by this utility. And for those not using
WinXP (NTFS), Lars explains how to back up a FAT32 OS.

Ron

 

[David H. Lipman]

From: "Ron Lopshire" <[email protected]>

|>>>> Nod32 keeps saying that it has found VB.DY .. and that it is unable
|>>>> to get rid of it.
|>>>>
|>>>> I have tried every program that claimed to be able to get rid of vb.dy|
| Ah, yes. Windows XP System Restore ...
|
| Insanity <==> Windows XP System Restore
|
| Once a piece of malware, and there are hundreds, has the ability to
| insinuate itself into any and all WinXP Restore points, it is no
| longer of any use. In such a case, the phrase "Last Known Good
| Configuration" is a true oxymoron, i.e., there is absolutely no way of
| knowing whether it is any _good_ or not.
|
| Disable Windows XP System Restore, flush all restore points as Kurt
| noted, and go with Lars Hederer's ERUNT utility.
|
| (http://www.larshederer.homepage.t-online.de/erunt/)
|
| Even MS aficionados swear by this utility. And for those not using
| WinXP (NTFS), Lars explains how to back up a FAT32 OS.
|
| Ron

Insanity is the only sane response to an insane world !