V.com Virus

few days ago i got a virus make pc act waired ... open the HDD in new window ... cant unhide the files in the driver to see it .... after i updated BD to last DB then BD found it but coudnt delete / fix it ..... then the .exe files start get dmg .... then the boot files gone and i couldnt login to windows any more ..... after i formated my pc b4 i open any HDD (cuz the virus get effected when i do that - Autorun - ) i unhide the files and then opened the HDD .... i found the file name v.com and autorun file near it ... i deleted it and the HDD back to not open in new window ... but the virus already activated again the moment i opened the HDD .... and BD did nothing ... not even warnning ..... now i cant unhide the files in HDD again ...... plz help cuz this virus start share on the network pc's and its getting worth

thanx

Rani

Find more posts tagged with

Comments

unknown

Please submit a scan log so we know what we are dealing with here, or at least give us the detection name and we'll make a removal tool for this malware if one is not already available.

Charming

E:\System Volume Information\_restore{468F33AD-F390-48A5-B8F5-3037DB04C3F4}\RP36\A0006496.exe Trojan.Generic.90910 Deleted

F:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP30\A0005467.cmd Trojan.PWS.LMir.ULZ Deleted

C:\Documents and Settings\A.Sabouni\Local Settings\Temp\help.exe Trojan.PWS.OnLineGames.SQN Deleted

C:\System Volume Information\_restore{468F33AD-F390-48A5-B8F5-3037DB04C3F4}\RP11\A0001477.exe Trojan.PWS.OnLineGames.SQN Deleted

C:\System Volume Information\_restore{468F33AD-F390-48A5-B8F5-3037DB04C3F4}\RP12\A0001533.exe Trojan.PWS.OnLineGames.SQN Deleted

C:\System Volume Information\_restore{468F33AD-F390-48A5-B8F5-3037DB04C3F4}\RP12\A0001534.dll Trojan.PWS.OnLineGames.SQN Deleted

C:\WINDOWS\system32\amvo.exe Trojan.PWS.OnLineGames.SQN Deleted

C:\WINDOWS\system32\amvo0.dll Trojan.PWS.OnLineGames.SQN Deleted

\System Volume Information\_restore{468F33AD-F390-48A5-B8F5-3037DB04C3F4}\RP9\A0000734.com Trojan.PWS.OnLineGames.SQN Deleted

\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP30\A0005451.com Trojan.PWS.OnLineGames.SQN Deleted

\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP31\A0005475.com Trojan.PWS.OnLineGames.SQN Deleted

\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP32\A0005549.com Trojan.PWS.OnLineGames.SQN Deleted

E:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP30\A0005453.com Trojan.PWS.OnLineGames.SQN Deleted

E:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP31\A0005477.com Trojan.PWS.OnLineGames.SQN Deleted

E:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP32\A0005550.com Trojan.PWS.OnLineGames.SQN Deleted

E:\v.com Trojan.PWS.OnLineGames.SQN Deleted

F:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP30\A0005455.com Trojan.PWS.OnLineGames.SQN Deleted

F:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP31\A0005479.com Trojan.PWS.OnLineGames.SQN Deleted

F:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP32\A0005551.com Trojan.PWS.OnLineGames.SQN Deleted

F:\v.com Trojan.PWS.OnLineGames.SQN Deleted

F:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP30\A0005468.bat Trojan.PWS.OnlineGames.RAB Deleted

C:\Documents and Settings\A.Sabouni\Local Settings\Temp\dxw.dll Trojan.PWS.OnlineGames.SQS Deleted

\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP29\A0005423.com Trojan.PWS.OnlineGames.SQS Deleted

E:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP29\A0005425.com Trojan.PWS.OnlineGames.SQS Deleted

F:\System Volume Information\_restore{EEA95F91-7908-4F06-B2DD-2A6FDC656A2E}\RP29\A0005427.com Trojan.PWS.OnlineGames.SQS Deleted

it say deleted .... but still cant see the hidden files and still the same effect on my pc as b4

srry for my english

unknown

I see v.com is already detected so it may be dropped by some other (unfortunately undetected) trojan. I'll need you to please submit a BDAspy syslog and a sample v.com file. There are already tutorials on the forum on how to submit each of these. If you encounter any problems in attaching them please let me know.

Charming

I see v.com is already detected so it may be dropped by some other (unfortunately undetected) trojan. I'll need you to please submit a BDAspy syslog and a sample v.com file. There are already tutorials on the forum on how to submit each of these. If you encounter any problems in attaching them please let me know.

well i did the BDAspy syslog u asked m but when i open it ... it gave me error .. maybe i need somthing special to read it

here is the XML file .... btw the V.com gone now but the effect still (openning HHD in new window .... cant apply show hidden files .... dumg .exe files )

thanx

/applications/core/interface/file/attachment.php?id=1727" data-fileid="1727" rel="">bd_sys_log.zip

bd_sys_log.zip

dodo80

hello ppl i have this viuers also and realy iam going crazy so if ther's any help to solve this problem please advise