Win32/AutoRun.Vb.Cg.worm help hir

[deadman_mustang]

Anyone pls pls pls help me hir.. ive already exhausted all that I can do but I cant seem to remove this worm. :dead: it just keeps om popping up but luckily my AV keeps on blocking it.. it's everytime I oen an application that this pops up.. pls helpme.. hirs the log of my AV.
++
View attachment log.txt
++
hope to hir from you guys tnx.

 

[B00kWyrm]

Hello Deadman...
Start at the top... read Julio's stickies first (all three)... then if you want to proceed with cleaning, follow the 8 steps exactly.
You will need to uninstall your current AV (if it is not Avira...) and
Run Avira.... Avira is both free and one of the very best.
Repost if you have difficulties following the steps.

Note for other readers...
I am no longer advising this way, re: Avira... So I have changed the color.
Counsel to uninstall and change AV should only be done by one of the experts...
(Like Touch!) at their discretion.

 

[deadman_mustang]

sorry posting the results now..

 

[deadman_mustang]

scan logs...

here they are.. pls help.. :dead:

 

[touch]

Please download http://jpshortstuff.247fixes.com/FileLook.exe
by jpshortstuff and save to your Desktop.
Double-click FileLook.exe to run it.
Important! If using Windows Vista, be sure to Run As Administrator.
Ensure that BBCode Ouput is checked. Copy and paste everything in the below quotebox into it under FileLook by...

C:\Program Files\ESET\ESET Smart Security\NodEnabler\NodEnabler.exe

Click the FileLook button to start the scan.
When finished, Notepad will open with the results of the scan in a text file named fl_log.txt which will automatically be saved to the root of your system drive.

(Typically C:\fl_log.txt)
Please attach the contents of this log in your next reply.

 

[deadman_mustang]

hey touch,

tnx for the quick reply. i did what you asked me to do and results into this: (see attached file)
im using windows xp sp3 by the way and i am running under Administrator.

 

[touch]

That´s odd.

Please upload and have this file scanned:
C:\Program Files\ESET\ESET Smart Security\NodEnabler\NodEnabler.exe
Here
http://virusscan.jotti.org/

Attach back the result

 

[deadman_mustang]

here you are sir.. (see attached file)

 

[touch]

Thanks.

Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe

And save to the desktop.

Close all other browser windows.

Please connect all your external hard drive/flash drive before running Combofix, if you have any

Double-click on the combofix icon found on your desktop.

Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

 

[deadman_mustang]

ok. here it is.. that actually scared me i thot it was gonna do sumthing on my pc. haha. oh well..

 

[touch]

Open notepad and copy/paste the text in the codebox below into it:
Name the file as CFScript
and Save it on the desktop

Killall::
Snapshot::
File::
F:\gi2ky.exe
FileLook::
c:\program files\ESET\ESET Smart Security\NodEnabler\NodEnabler.exe
c:\windows\system32\GameMon.des 
Driver::
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75c72229-0707-11de-afb5-001d7dcfbbc6}]

http://www.fromsej.saknet.dk/billeder/cfscript.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

 

[deadman_mustang]

here it is.. and thank you very much sir for your precious time. it really helps.. and by the way that thing that kept popping up the autorun thing its now gone, my av doesnt detect it anymore.. anyway here is the log that you ask of me.

 

[touch]

It looks clean.

However, it looks like ESET are a cracked version:
--- c:\program files\ESET\ESET Smart Security\NodEnabler\NodEnabler.exe ---
Company: !DOESN'T APPER TO EXIST IN FILE! ERROR: 1813
File Description:
File Version: 3, 3, 0, 0
Product Name: !DOESN'T APPER TO EXIST IN FILE! ERROR: 1813
Copyright: !DOESN'T APPER TO EXIST IN FILE! ERROR: 1813
Original Filename: !DOESN'T APPER TO EXIST IN FILE! ERROR: 1813

I´ll therefore recommand you buy it, or use a Freeware Antivirus

 

[deadman_mustang]

oh.. so that's what cause the AutoRun virus huh. well yea i might as well do that. and yes its a cracked version. oh well.. thank you very much kind sir. for yer help.. you rock! thumbs up to you sir! thanks again. cheers!