Help me with a virus problem please.
Moderators: NeilBlanchard, Ralf Hutter, sthayashi, Lawrence Lee
Help me with a virus problem please.
ok i have Antivir installed, as well as Ad-Aware, Spybot and SpywareBlaster.
lately i get detection of a "crack.exe", in "C:\Documents and Settings\Francis\Local Settings\Temp\AAWTMP\C858593\31441C\crack.exe"
and again in the folder "C:\Documents and Settings\Francis\Local Settings\Temp\AAWTMP\C931843\25805C\crack.exe"
i quarantined both of them (Antivir idle self-scan found them) but it seem like them keep on coming. How can i stop them from coming again?
plus, i noticed the folder "AAWTMP" doesn't exist in my "Local Settings\Temp" folder
lately i get detection of a "crack.exe", in "C:\Documents and Settings\Francis\Local Settings\Temp\AAWTMP\C858593\31441C\crack.exe"
and again in the folder "C:\Documents and Settings\Francis\Local Settings\Temp\AAWTMP\C931843\25805C\crack.exe"
i quarantined both of them (Antivir idle self-scan found them) but it seem like them keep on coming. How can i stop them from coming again?
plus, i noticed the folder "AAWTMP" doesn't exist in my "Local Settings\Temp" folder
-
- Posts: 176
- Joined: Mon Oct 16, 2006 11:51 am
- Location: Southeast, USA
Re: Help me with a virus problem please.
It could be that "Show Hidden files and folders" is not enabled in Explorer:Tools:Folder Options:ViewRaptorZX3 wrote:plus, i noticed the folder "AAWTMP" doesn't exist in my "Local Settings\Temp" folder
For a quick check, from the Cmd Prompt, use "dir /a /s \crack*".
You should probably quarantine this machine while eradicating this virus.
Damn forking viruses.
-
- Posts: 176
- Joined: Mon Oct 16, 2006 11:51 am
- Location: Southeast, USA
A pun. fork() is how a unix process replicates itself. Also, a couple of letters could be changed to describe what we really think of viruses and virus writers. I've always wondered why big companies don't go after them with the same zeal that they do others: bootleggers, music downloaders, etc.RaptorZX3 wrote:forking virus?
Anyway, how are you going to get rid of it? I haven't had one for years. I was able to get rid of one light weight one programmatically. A couple of others required a reformat and reload. I'm sure we're all backed-up...
well HouseCall seem like it can find them.
didn't had problem like crashes, freezes or self-rebooting, it's just a bit annoying to have Antivir to make a sound (PC-Speaker hi-pitched 4-notes sound) when it find a virus, then i just choose "quarantine"
it's annoying when you play a MMORPG or when you watch TV in the living room, and then you hear that sound...
didn't had problem like crashes, freezes or self-rebooting, it's just a bit annoying to have Antivir to make a sound (PC-Speaker hi-pitched 4-notes sound) when it find a virus, then i just choose "quarantine"
it's annoying when you play a MMORPG or when you watch TV in the living room, and then you hear that sound...
-
- Posts: 176
- Joined: Mon Oct 16, 2006 11:51 am
- Location: Southeast, USA
-
- Moderator
- Posts: 7681
- Joined: Mon Dec 09, 2002 7:11 pm
- Location: Maynard, MA, Eaarth
- Contact:
Hello,
Did you try the Panda online scan? Another alternative is to use the trial version of Bit Defender -- this program has impressed me with catching all sorts of stuff that NOD32 didn't. But having said that, they all miss some things, though use all of them (in series, not all at once) seems to do a pretty good job...don't ask me how I know...
Did you try the Panda online scan? Another alternative is to use the trial version of Bit Defender -- this program has impressed me with catching all sorts of stuff that NOD32 didn't. But having said that, they all miss some things, though use all of them (in series, not all at once) seems to do a pretty good job...don't ask me how I know...
Have you tried a scan from a bootable CD? e.g. The F-Secure rescue CD
i didn't got a virus warning for almost 24hours (not counting the time the computer is turned off while i sleep...)
i played a few different games today (FatalFake and Live for Speed)...and then i wanted to play a game that i used a NoCD crack on it (from Gamecopyworld.com, which they say their cracks doesn't contain virus or trojan), called Xpand Rally, well i played that game for a while, then i quit, and while i was watching TV, i heard Antivir's chime.
is that possible that, upon quitting a game that i used a NoCD patch on it, that "patch" would create a file/trojan somewhere on my hard disk that get detected by an antivirus?
because they say on the website, when you click on the game you wish to get a crack for, that Antiviruses might detect a trojan from the game crack/patch, but in fact it's harmless and is a false alarm
i played a few different games today (FatalFake and Live for Speed)...and then i wanted to play a game that i used a NoCD crack on it (from Gamecopyworld.com, which they say their cracks doesn't contain virus or trojan), called Xpand Rally, well i played that game for a while, then i quit, and while i was watching TV, i heard Antivir's chime.
is that possible that, upon quitting a game that i used a NoCD patch on it, that "patch" would create a file/trojan somewhere on my hard disk that get detected by an antivirus?
because they say on the website, when you click on the game you wish to get a crack for, that Antiviruses might detect a trojan from the game crack/patch, but in fact it's harmless and is a false alarm
-
- *Lifetime Patron*
- Posts: 1740
- Joined: Sun Dec 21, 2003 11:24 am
- Location: 'Sunny' Cornwall U.K.
That is a system restore file.RaptorZX3 wrote:Antivir detected "TR/Crypt.FSPM.Gen" again
in that folder:
C:\System Volume Information\_restore{9AB42FE9-5659-4481-95E8-4F6AF518DB91}\RP112\A0021752.exe
You cannot remove a virus from it, hence why you keep getting told about a virus. All you can do is create a new system restore point and then delete all the old system restore points.
The virus is 'safe' whilst it's in the system restore file... but if you ever use that file you'll have your virus back.
-
- Moderator
- Posts: 7681
- Joined: Mon Dec 09, 2002 7:11 pm
- Location: Maynard, MA, Eaarth
- Contact:
-
- *Lifetime Patron*
- Posts: 1740
- Joined: Sun Dec 21, 2003 11:24 am
- Location: 'Sunny' Cornwall U.K.
To delete old system restore files:
Go to 'My Computer', right click a drive and select 'Properties'.
Left click 'Disk Cleanup'... and wait.....
Select 'More Options' tab when window opens, then click the System Restore 'Clean up' button.
Then click Ok OK OK OK etc etc.
This needs to be done on each drive.
Go to 'My Computer', right click a drive and select 'Properties'.
Left click 'Disk Cleanup'... and wait.....
Select 'More Options' tab when window opens, then click the System Restore 'Clean up' button.
Then click Ok OK OK OK etc etc.
This needs to be done on each drive.
-
- Posts: 4
- Joined: Wed Jun 02, 2010 9:08 pm
- Location: chicago