Gee your signature certifies "Virus Free".
What a paradox. Your PC is infected but your post is certified "Virus Free" -- hmmmmm.
Alen Botica said:dropper.small.5.j is the name and it is found in file systtem volume
information/_restore/a0077410.exe
how do i get rid of it... my avg antivirus doesnt recognize it when i run
scan but the resident shield recognizes it and does nothing
David H. Lipman said:Yep your clean -- Unless you have a malware parasite. You don't seem to
have any viruses.
Dave
| this is the log of the ttrend cleaning program it seems none viruses
were
| found after i turned off the system resotr...
| #
| i guess when i turned it off it erased all the files is that correct or
not?
|
| /--------------------------------------------------------------\
| | Trend Micro Sysclean Package |
| | Copyright 2002, Trend Micro, Inc. |
| | http://www.trendmicro.com |
| \--------------------------------------------------------------/
|
|
| 2004-10-03, 11:17:28, Auto-clean mode specified.
| 2004-10-03, 11:17:28, Running scanner "C:\Documents and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy\TSC.BIN"...
| 2004-10-03, 11:20:26, Scanner "C:\Documents and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy\TSC.BIN" has finished
running.
| 2004-10-03, 11:20:26, TSC Log:
|
| Damage Cleanup Engine (DCE) 3.6(Build 1120)
| Windows XP(Build 2600: Service Pack 2, v.2096)
|
| Start time : Sun Oct 03 2004 11:17:29
|
| Load Damage Cleanup Template (DCT) "C:\Documents and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy\tsc.ptn" (version 426)
| [success]
|
| Complete time : Sun Oct 03 2004 11:20:26
| Execute pattern count(1255), Virus found count(0), Virus clean count(0),
| Clean failed count(0)
|
| 2004-10-03, 11:22:19, An error occurred while scanning file
"C:\Documents
| and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT": Access is denied.
| 2004-10-03, 11:22:19, An error occurred while scanning file
"C:\Documents
| and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG": Access is
denied.
| 2004-10-03, 11:22:19, An error occurred while scanning file
"C:\Documents
| and Settings\NetworkService.NT AUTHORITY\Local Settings\Application
| Data\Microsoft\Windows\UsrClass.dat": Access is denied.
| 2004-10-03, 11:22:19, An error occurred while scanning file
"C:\Documents
| and Settings\NetworkService.NT AUTHORITY\Local Settings\Application
| Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
| 2004-10-03, 11:22:22, An error occurred while scanning file
"C:\Documents
| and Settings\Owner.ALEN-2FVAPYFNWB\NTUSER.DAT": Access is denied.
| 2004-10-03, 11:22:22, An error occurred while scanning file
"C:\Documents
| and Settings\Owner.ALEN-2FVAPYFNWB\ntuser.dat.LOG": Access is denied.
| 2004-10-03, 11:23:58, An error occurred while scanning file
"C:\Documents
| and Settings\Owner.ALEN-2FVAPYFNWB\Local Settings\Application
| Data\Microsoft\Windows\UsrClass.dat": Access is denied.
| 2004-10-03, 11:23:58, An error occurred while scanning file
"C:\Documents
| and Settings\Owner.ALEN-2FVAPYFNWB\Local Settings\Application
| Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
| 2004-10-03, 12:36:39, An error was detected on "C:\System Volume
| Information\*.*": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\AD-AWARE.EXE-3262F7A9.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\AGENTSVR.EXE-25160E99.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\AOX_SPDEMO_INSTALL.EXE-044646BC.pf": Access is
| denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\AVGCC32.EXE-2F8E34C8.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\AVGINET.EXE-00383A2D.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\AVGW.EXE-132EA28D.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\AVGW.EXE-1C9CBC8B.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\DEFRAG.EXE-245E7C36.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\DFRGNTFS.EXE-06B2B128.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\DRWTSN32.EXE-01FD9888.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\EXIGO_SPDEMO.EXE-395F5F67.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\EXPLORER.EXE-1B701634.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\FIREWORKS.EXE-249DA664.pf": Access is denied.
| 2004-10-03, 12:44:43, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\HACKERCD.EXE-318369FC.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\IEXPLORE.EXE-27122324.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\IKERNEL.EXE-078AA887.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\IMAGEREADY.EXE-09057436.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\Layout.ini": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\LOGONUI.EXE-19F59F97.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\MSIEXEC.EXE-0AA2C3C0.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\MSIMN.EXE-38BA891D.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\MSMSGS.EXE-2B6052DE.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\NOTEPAD.EXE-0E7B88BB.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\NTOSBOOT-B00DFAAD.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\PHOTOSHOP.EXE-0FCBABE3.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\POWERDVD.EXE-13FC7432.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-222021B6.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-37E57A0D.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-412B2DD8.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-421213EB.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-487C1A81.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\SNDVOL32.EXE-30AF3484.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\SVCHOST.EXE-10492D84.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\SYNTPLPR.EXE-28BB9F3B.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\TASKMGR.EXE-09726B3C.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\WINWORD.EXE-10D55173.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\WINZIP32.EXE-335422C1.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\WMIPRVSE.EXE-235CEA97.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\WMPLAYER.EXE-18DDEF9C.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\WMPLAYER.EXE-18DDEFA4.pf": Access is denied.
| 2004-10-03, 12:44:44, Could not set file for reading on
| "C:\WINDOWS.0\Prefetch\WUAUCLT.EXE-2A481492.pf": Access is denied.
| 2004-10-03, 12:49:39, An error occurred while scanning file
| "C:\WINDOWS.0\system32\CatRoot2\edb.log": Access is denied.
| 2004-10-03, 12:49:39, An error occurred while scanning file
| "C:\WINDOWS.0\system32\CatRoot2\tmp.edb": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\default": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\default.LOG": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\SAM": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\SAM.LOG": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\SECURITY": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\SECURITY.LOG": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\software": Access is denied.
| 2004-10-03, 12:49:43, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\software.LOG": Access is denied.
| 2004-10-03, 12:49:44, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\system": Access is denied.
| 2004-10-03, 12:49:44, An error occurred while scanning file
| "C:\WINDOWS.0\system32\config\system.LOG": Access is denied.
| 2004-10-03, 12:53:04, Running scanner "C:\Documents and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy\VSCANTM.BIN"...
| 2004-10-03, 13:37:51, Files Detected:
| Copyright (c) 1990 - 2004 Trend Micro Inc.
| Report Date : 10/3/2004 12:53:06
| VSAPI Engine Version : 7.000-1004
| VSCANTM Version : 1.1-1001
| Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
| Command Line: C:\Documents and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy\VSCANTM.BIN /NBPM /S
/CLEANALL
| /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents
and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy
|
| 46167 files have been read.
| 46167 files have been checked.
| 37438 files have been scanned.
| 49489 files have been scanned. (including files in archived)
| 0 files containing viruses.
| Found 0 viruses totally.
| Maybe 0 viruses totally.
| Stop At : 10/3/2004 13:37:50
| ---------*---------*---------*---------*---------*---------*---------*---------*
| 2004-10-03, 13:37:51, Files Clean:
| Copyright (c) 1990 - 2004 Trend Micro Inc.
| Report Date : 10/3/2004 12:53:06
| VSAPI Engine Version : 7.000-1004
| VSCANTM Version : 1.1-1001
| Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
| Command Line: C:\Documents and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy\VSCANTM.BIN /NBPM /S
/CLEANALL
| /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents
and
| Settings\Owner.ALEN-2FVAPYFNWB\Desktop\trendy
|
| 46167 files have been read.
| 46167 files have been checked.
| 37438 files have been scanned.
| 49489 files have been scanned. (including files in archived)
| 0 files containing viruses.
| Found 0 viruses totally.
| | > Gee your signature certifies "Virus Free".
| > What a paradox. Your PC is infected but your post is certified "Virus
| > Free" -- hmmmmm.
| >
| > 1) Download the following two items...
| >
| > Trend Sysclean Package
| > http://www.trendmicro.com/download/dcs.asp
| >
| > Latest Trend signature files.
| > http://www.trendmicro.com/download/pattern.asp
| >
| > Create a directory.
| > On drive "C:\"
| > (e.g., "c:\New Folder")
| > or the desktop
| > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
| >
| > Download sysclean.com and place it in that directory.
| > Dowload the signature files (pattern files) by obtaining the ZIP file.
| > For example; lpt186.zip
| >
| > Extract the contents of the ZIP file and place the contents in the
same
| > directory as
| > sysclean.com.
| >
| > 2) If you are using WinME or WinXP, disable System Restore
| > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
| > 3) Reboot your PC into Safe Mode
| > 4) Using the Trend Sysclean utility, perform a Full Scan of your
| > platform and
| > clean/delete any infectors found
| > 5) Restart your PC and perform a "final" Full Scan of your
platform
| > 6) If you are using WinME or WinXP,Re-enable System Restore and
| > re-apply any
| > System Restore preferences, (e.g. HD space to use suggested
400
| > ~ 600MB),
| > 7) Reboot your PC.
| > 8) If you are using WinME or WinXP, create a new Restore point
| > 9) Please report back your results
| >
| > Dave
| >
| >
| >
| >
| > | > | dropper.small.5.j is the name and it is found in file systtem volume
| > | information/_restore/a0077410.exe
| > |
| > | how do i get rid of it... my avg antivirus doesnt recognize it when
i
| > run
| > | scan but the resident shield recognizes it and does nothing
| > |
| > |
| > | ---
| > | Outgoing mail is certified Virus Free.
| > | Checked by AVG anti-virus system (http://www.grisoft.com).
| > | Version: 6.0.772 / Virus Database: 519 - Release Date: 01/10/2004
| > |
| > |
| >
| >
|
|
| ---
| Outgoing mail is certified Virus Free.
| Checked by AVG anti-virus system (http://www.grisoft.com).
| Version: 6.0.772 / Virus Database: 519 - Release Date: 01/10/2004
|
|
is there a good email antivirus program you recommend...
Since the problem was in the Restore section, I just wanted to giveDavid H. Lipman said:If you had read my reply you would have seen that it includes this instruction plus the
following URL which instructs how to disable System Restore on WinXP and WinME.
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
Dave
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.