Tech Support Forum - View Single Post

sjb007 · 08-11-2008, 09:59 AM

Hi there threehundred

Regarding antivirus software, a good free anti virus software to start with is AntiVir®. If you are looking for paid solutions then you may wish to check out Smart Security by ESET which has a good reputation and comes complete with its own firewall, you can try this product on trial before purchasing.

I want to take a closer look at a couple of the bat files by running a further scan for me.

I would ask that you use Internet Explorer if possible
Navigate to either Virus Total -> http://www.virustotal.com/en/indexf.html or Jottis -> http://virusscan.jotti.org/
Click on the browse/choose button and navigate to the following filepath below

C:\Users\Holly\996.bat

Once you have found the file then click on the send button, you may be placed in a queue, please be patient until your results are back
Copy and paste the results to a text file and save them to a secure location and post them as a reply in your next post

Please repeat the proceedure for the folowing files below:
C:\Users\Holly\213.bat
C:\Users\Holly\n.bat

Download and scan with CCleaner lite
1.Double click the file and install ccleaner

2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"

3. Then select the items you wish to clean up.

In the Windows Tab:

Clean all entries in the "Internet Explorer" section.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.

In the Applications Tab:

Clean all in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner.

Click Accept, when prompted to download and install the program files and database of malware definitions.

Click Run at the Security prompt.
The program will then begin downloading and installing and will also update the database.
Please be patient as this can take several minutes.
Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Click View scan report at the bottom.
Click the Save Report As... button.
Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

This animation will guide you through the process:

**Note**

To optimize scanning time and produce a more sensible report for review:
Close any open programs
Turn off the real time scanner of any existing antivirus program while performing the online scan. You may disconnect from the internet once you begin the scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Please post back the results along with the result from virustotal/jotti
Also update me on how things are running

08-11-2008, 09:59 AM	#5 (permalink)
sjb007 Analyst, Security Team Join Date: Dec 2007 Location: Lincoln UK Posts: 2,235 OS: Windows 7 Premium x64 My System	Re: Possible Vundo Infection Hi there threehundred Regarding antivirus software, a good free anti virus software to start with is AntiVir®. If you are looking for paid solutions then you may wish to check out Smart Security by ESET which has a good reputation and comes complete with its own firewall, you can try this product on trial before purchasing. I want to take a closer look at a couple of the bat files by running a further scan for me. I would ask that you use Internet Explorer if possible Navigate to either Virus Total -> http://www.virustotal.com/en/indexf.html or Jottis -> http://virusscan.jotti.org/ Click on the browse/choose button and navigate to the following filepath below C:\Users\Holly\996.bat Once you have found the file then click on the send button, you may be placed in a queue, please be patient until your results are back Copy and paste the results to a text file and save them to a secure location and post them as a reply in your next post *Please repeat the proceedure for the folowing files below:* C:\Users\Holly\213.bat C:\Users\Holly\n.bat Download and scan with CCleaner lite 1.Double click the file and install ccleaner 2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours" 3. Then select the items you wish to clean up. In the Windows Tab: Clean all entries in the "Internet Explorer" section. Clean all the entries in the "Windows Explorer" section. Clean all entries in the "System" section. Clean all entries in the "Advanced" section. Clean any others that you choose. In the Applications Tab: Clean all in the Firefox/Mozilla section if you use it. Clean all in the Opera section if you use it. Clean Sun Java in the Internet Section. Clean any others that you choose. 4. Click the "Run Cleaner" button. 5. A pop up box will appear advising this process will permanently delete files from your system. 6. Click "OK" and it will scan and clean your system. 7. Click "exit" when done. Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner. Click Accept, when prompted to download and install the program files and database of malware definitions. Click Run at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes. Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan. Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it. Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined. Click View scan report at the bottom. Click the Save Report As... button. Click the Save as Text button to save the file to your desktop so that you may post it in your next reply. This animation will guide you through the process: Note To optimize scanning time and produce a more sensible report for review: Close any open programs Turn off the real time scanner of any existing antivirus program while performing the online scan. You may disconnect from the internet once you begin the scan. Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%. Please post back the results along with the result from virustotal/jotti Also update me on how things are running __________________ If we have helped you then please consider donating Proud Member of ASAP & UNITE Since 2007