VIRUS HELP URGENT

[dilrasan]

doestn work.. trid dat in safe mode also.. dint work... dats da only pob i haf

if u have one account...then Make a new Account...(Administrater)
then Delete ur existing Account...
it'll solve the problem..

just an Idea...may be it'll nto work..

But...Don't Forget to Have a Copy of ur Documents....:
(copy them into D: or E:...U know those Stuff right?)

 

[airbus342]

Mama hithanne oka hide wela thiyenne kaspersky guard eka athule..sirawatamai kiyanne.eka parak mama office eke weda karaddi eke important file ekak nathi wela thibba......mama boka wela hama thanama search kala...eth naha.passe mama kasper eka open karala nikamata option walata giya..ethakota eka opt ekaka a file eka thibba...passe mama file eka resend kala thibba thanata...but machan mama path eka danne naha.....kanawata weda kale...boru neme...sirawatamai kiyanne

 

[dilrasan]

Mama hithanne oka hide wela thiyenne kaspersky guard eka athule..sirawatamai kiyanne.eka parak mama office eke weda karaddi eke important file ekak nathi wela thibba......mama boka wela hama thanama search kala...eth naha.passe mama kasper eka open karala nikamata option walata giya..ethakota eka opt ekaka a file eka thibba...passe mama file eka resend kala thibba thanata...but machan mama path eka danne naha.....kanawata weda kale...boru neme...sirawatamai kiyanne

Quarantine Option eke wenna oni

 

[deffa]

if u have one account...then Make a new Account...(Administrater)
then Delete ur existing Account...
it'll solve the problem..

just an Idea...may be it'll nto work..

But...Don't Forget to Have a Copy of ur Documents....:
(copy them into D: or E:...U know those Stuff right?)

wel i did try dat b4. but da hidden partition thin is still der.. dat isnt goin..
and i googled this virus name can t fing any thing... on this

wat happns. is from the RRT it cancels the hidden drive. .but as soon as it happns there is a nothr script whic runs and turns it bak to hidden i asume..

 

[dilrasan]

wel i did try dat b4. but da hidden partition thin is still der.. dat isnt goin..
and i googled this virus name can t fing any thing... on this

wat happns. is from the RRT it cancels the hidden drive. .but as soon as it happns there is a nothr script whic runs and turns it bak to hidden i asume..

Well then.....let me see...mmmm...

Did u try this...

well if u have the Mother Board CD..there will be a Virus Guard in it wich has A Build in Registry Key(most Probably Norton)

Uninstall the Virus Guard U have now and Install that one and Scan..Viruses may be identified By it..then u can Do the rest...:

if i were u...i may have tried this method also

 

[funkoluwa]

machan AVG 8.0 ekata oya virus eka enne nehe
try to install it

 

[deffa]

Well then.....let me see...mmmm...

Did u try this...

well if u have the Mother Board CD..there will be a Virus Guard in it wich has A Build in Registry Key(most Probably Norton)

Uninstall the Virus Guard U have now and Install that one and Scan..Viruses may be identified By it..then u can Do the rest...:

if i were u...i may have tried this method also

machna wats running is a prog which changes the reg key of dat.. when its change.,.. im doin sum research..

and hav u heard of da solo virus

 

[Halloween]

my cpomputer got infecteed wit the followiin virus

riskware Worm.P2P.generic ƒOEÑIX.EXE

this virus blocks

floder options
task manager
registry editor
and HIDEs the c drive

can some one help me please.. urgent guys

Remove your hard drive and put it in another computer which is running from another hard drive. (Its better if there is Kaspersky installed in it.) Then scan the whole hard drive. I'm sure Kaspersky will fix it.

 

[dilrasan]

machna wats running is a prog which changes the reg key of dat.. when its change.,.. im doin sum research..

and hav u heard of da solo virus

mmmm...nope..

 

[deffa]

mmmm...nope..

dat virus doenst allow the user to work on sundays.. it was made by a sri lankan..hehe

 

[Malinga]

dat virus doenst allow the user to work on sundays.. it was made by a sri lankan..hehe

oyaage prashane dan hari da? mokak da velaa thiyenne? C: partition eka penanne nathi eka da?


http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

oya deka daala logs file denna oya deke. eeta passe balamu run vena virus eka mokak da kiyala.

Norton Partition Magic vage ekak daala partition eka hidden velaa nadda kiyala balannath puluvan onnum oyaata.

 

[Pura Pagal]

Proven Solutions...

my cpomputer got infecteed wit the followiin virus

riskware Worm.P2P.generic ƒOEÑIX.EXE

this virus blocks

floder options
task manager
registry editor
and HIDEs the c drive

can some one help me please.. urgent guys

Please follow the link http://www.elakiri.com/forum/showthread.php?p=3558864#post3558864

 

[deffa]

machan i forund da worm form the command prompt

the locations are

c:/recycler`/ƒOEÑIX.EXE
c:/autorun.inf

c:/windows/system32/ƒOEÑIX.EXE


d:/recycler`/ƒOEÑIX.EXE
d:/autorun.inf

so on on each drive.... i managed to delet the autorun.inf form cpommand prompt..

but when i try to do it for ƒOEÑIX.EXE cant do

 

[dilrasan]

machan i forund da worm form the command prompt

the locations are

c:/recycler`/ƒOEÑIX.EXE
c:/autorun.inf

c:/windows/system32/ƒOEÑIX.EXE


d:/recycler`/ƒOEÑIX.EXE
d:/autorun.inf

so on on each drive.... i managed to delet the autorun.inf form cpommand prompt..

but when i try to do it for ƒOEÑIX.EXE cant do

Did u try Removing System Restore Points And Temparary Files...

coz it's in Recycler right?(it means the Virus)

 

[deffa]

C:\>attrib -h -r -s autorun.inf

C:\>del autorun.inf


:\WINDOWS\system32>dir/ah
Volume in drive C has no label.
Volume Serial Number is 9C69-A46F

Directory of C:\WINDOWS\system32

10/06/2008 10:03 PM 749 cdplayer.exe.manifest
10/23/2008 08:04 AM 56 ezsidmv.dat
10/06/2008 10:03 PM 488 logonui.exe.manifest
12/24/2006 01:14 AM 158,208 msconfig.exe
10/06/2008 10:03 PM 749 ncpa.cpl.manifest
10/06/2008 10:03 PM 749 nwc.cpl.manifest
10/06/2008 10:03 PM 749 sapi.cpl.manifest
10/06/2008 10:03 PM 488 WindowsLogon.manifest
10/06/2008 10:03 PM 749 wuaucpl.cpl.manifest
11/20/2008 05:40 PM 65,536 ƒOEÑIX.exe
10 File(s) 228,521 bytes
0 Dir(s) 0 bytes free

C:\WINDOWS\system32>del ƒOEÑIX.exe
Could Not Find C:\WINDOWS\system32\ƒOEÑIX.exe

dats da log of da files

 

[Malinga]

machan i forund da worm form the command prompt

the locations are

c:/recycler`/ƒOEÑIX.EXE
c:/autorun.inf

c:/windows/system32/ƒOEÑIX.EXE


d:/recycler`/ƒOEÑIX.EXE
d:/autorun.inf

so on on each drive.... i managed to delet the autorun.inf form cpommand prompt..

but when i try to do it for ƒOEÑIX.EXE cant do

http://killbox.net/

ooken delete karanna. habai vadee thiyenne registry keys makanne nathuva delete kalaata ooka aaith ai da kiyana ekai.

 

[deffa]

ela il c..hehe

 

[deffa]

http://killbox.net/

ooken delete karanna. habai vadee thiyenne registry keys makanne nathuva delete kalaata ooka aaith ai da kiyana ekai.

machan kant kill it.. file not found kiyanawa.. but dos wala baluwama pennanawa

 

[Malinga]

machan kant kill it.. file not found kiyanawa.. but dos wala baluwama pennanawa

e file not found kiyanne eeka hidden ekak venna athi. oyaa ara dunna Autoruns kiyana software eken e file hadena registry key eka makala danna. eeta passe run venne nae e file eka. ethakota oyaata ara RRT eka daala hidden files aapahu ganna puluvan.

ehema naththum oyaa dena nama varadi athi. eeka penvanne nathi name kotasak athi thava.

 

[kamalmawa]

http://killbox.net/

ooken delete karanna. habai vadee thiyenne registry keys makanne nathuva delete kalaata ooka aaith ai da kiyana ekai.

Yeap this could do the trick to delete the files..
Use this to clean up your registry. Do a scan and delete the entries with that file name

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html