TechSpot

Flashdrive worm

By marvin_111111
Mar 1, 2007
  1. help! my friend lend me his flashdrive, and i got the worm.. now i can't double-click on my hard drive (c:\) what to do? i read about the HJT and i did everything that was told in the instructions. i have also attached my log here.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Hello and welcome to Techspot.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.

    Regards Howard :wave: :wave:

    This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. marvin_111111

    marvin_111111 TS Rookie Topic Starter

    another problem

    i have managed to get rid of the worm from my computer, i think. because i can already double-click on the hard drive icon. but there's another problem bothering me now, every time i start my computer.. the windows* window (*windows as in drive c:/windows) always pops up automatically and it irritates me. how can i fix this? please help.. thanks! =)
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Just because you`ve managed to get rid of the worm, doesn`t necessarily mean your system is clean.

    When I looked at your HJT log it showed your system was infected with several infections. Therefore, I advise you to follow the instruction exactly and post fresh HJT and AVG Antispyware logs as requested.

    If, once your system is clean, you still have the window opening on bootup, we`ll try and deal with that as a separate issue.

    Regards Howard :)

    This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. marvin_111111

    marvin_111111 TS Rookie Topic Starter

    still a problem

    i've done every step in the instructions. here are my logs, but the windows window still appear automatically. what is the problem?
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Delete all files in AVG Antispyware quarantine.

    Go to add remove programmes in your control panel and uninstall anything to do with(if there).

    UltimateBet

    Close control panel.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    UltimateBet.exe

    Close task manager.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O4 - HKLM\..\Run: [FS6519] C:\WINDOWS

    O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

    O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\Program Files\UltimateBet<Delete the entire folder.
    C:\WINDOWS\FS6519.dll.vbs

    Reboot into normal mode and rehide your protected OS files.

    Post a fresh HJT log and let me know if you`re still having problems.

    Regards Howard :)

    This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. marvin_111111

    marvin_111111 TS Rookie Topic Starter

    done

    i did all the steps the you told me to do except for the ff:

    1) Click on the processes tab and end process for(if there).

    UltimateBet.exe

    2) O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

    3) O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

    4)Locate and delete the following bold files and/or directories(if there).
    C:\WINDOWS\FS6519.dll.vbs

    for the reason that i couldn't find them.

    but the good thing is the windows window didn't appear automatically in the startup anymore. is my pc already free from viruses?
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Well done, your HJT log is now clean.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  9. marvin_111111

    marvin_111111 TS Rookie Topic Starter

    thanks!

    yeah!! thanks for your time mr. howard hopkins! you are great!! thank you very much! god bless!
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.