Author Topic: Virus in assembly\temp\U\80000032 (Read 10809 times)

pokerbiker · « **Reply #15 on:** December 13, 2011, 04:40:52 PM »

This is the latest scan that I did with OTL.exe

essexboy · « **Reply #16 on:** December 13, 2011, 09:08:22 PM »

Did Combofix run - try safe mode if need be

Do the following:

Click on the Start button and then choose Control Panel.
Click on the System and Security link.

Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link so just click on the Administrative Tools icon and skip to Step 4.
In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
In the Administrative Tools window, double-click on the Computer Management icon.
When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.

After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.

Note: If you don't see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.

Take a screen Shot of the Disk Management Window and attach the screen shot to your reply.

pokerbiker · « **Reply #17 on:** December 14, 2011, 03:12:43 PM »

This is the screen shot of the Computer Management. I tried the combo fix again and left it over night and it was still at Completed Stage_49 this morning. How do I run it on safe mode? I tried pressing F8 while it was restarting, but it still restarted normal

essexboy · « **Reply #18 on:** December 14, 2011, 08:25:11 PM »

Looks like this one has targeted Combofix, another new variant. So I will use AVP for a virus scan initially , but more importantly an analysis scan
Could you upload the entire zip folder created to Megaupload or mediafire and post the sharing link

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threats report from the left and press Save button
Save it to your desktop and attach to your next post

Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

On completion click the link to locate the zip file to upload and attach to your next post

Megaupload

pokerbiker · « **Reply #19 on:** December 15, 2011, 02:37:54 PM »

http://www.megaupload.com/?d=NR9GH4VI
this is the report that I got from Kaspersky Virus Removal Tool, after running it it did find the Assembly Virus and I got to delete it.

pokerbiker · « **Reply #20 on:** December 15, 2011, 03:43:17 PM »

http://www.megaupload.com/?d=NZNNNL7S

the last one was the zip file that it gave me after I ran the scan, this is the .txt report that I saved

essexboy · « **Reply #21 on:** December 15, 2011, 08:53:31 PM »

Nice could you now run combofix please

Author Topic: Virus in assembly\temp\U\80000032 (Read 10809 times)

pokerbiker

Re: Virus in assembly\temp\U\80000032

essexboy

Re: Virus in assembly\temp\U\80000032

pokerbiker

Re: Virus in assembly\temp\U\80000032

essexboy

Re: Virus in assembly\temp\U\80000032

pokerbiker

Re: Virus in assembly\temp\U\80000032

pokerbiker

Re: Virus in assembly\temp\U\80000032

essexboy

Re: Virus in assembly\temp\U\80000032