|
Alright, here are the contents of log1.txt and log.txt. In case it matters, when I rebooted after creating these logs, I still got the same "Infected file found!" message from ewido -- after clicking ok about 5-6 times, it goes away. And, restarting as it suggests doesn't change anything. Anyway . . .
Here's log1.txt . . .
C:\Documents and Settings\Gregory Jones\Desktop\Rkfiles
PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Files Found in system Folder............
------------------------
C:\WINDOWS\system32\bH.dll: UPX!
C:\WINDOWS\system32\cpuinf32.dll: UPX!
C:\WINDOWS\system32\in3bI.dll: UPX!
C:\WINDOWS\system32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213
C:\WINDOWS\system32\epx30104.exe: PEC2
C:\WINDOWS\system32\wkouy.exe: PEC2
Files Found in all users startup Folder............
------------------------
Files Found in all users windows Folder............
------------------------
C:\WINDOWS\IFinst27.exe: UPX!
C:\WINDOWS\tsc.exe: UPX!
C:\WINDOWS\vsapi32.dll: UPX!t4
Finished
bye
And here's log.txt . . .
The batch is run from -- C:\remv3.zip
Files Found.................
----------------------------------------
Files Not deleted.................
----------------------------------------
Merging registry entries
-----------------------------------------------------------------
The Registry Entries Found...
-----------------------------------------------------------------
Other bad files to be Manually deleted.. Please note that this might also list legit Files, be careful while deleting
-----------------------------------------------------------------
Volume in drive C has no label.
Volume Serial Number is 384A-CCD9
Directory of C:\WINDOWS\system32
msi.dll
Finished
Hope that helps . . .
|