Win32:CTX virus

Drs Orders · Sep 21, 2007

Win32:CTX virus has shown up on a scan with avast . any way of removing it . i put it in the vault for now . Thanks .

abri · Sep 21, 2007

Hi Drs Orders!
Welcome to MajorGeeks! I would recommend following the instructions and links in the box below and letting us look at the logs. It's possible if you have one virus, that you may have others as well.

Welcome to Majorgeeks!

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

If, after doing ALL of the above, you still have a problem, make sure you have booted to normal mode and run the steps in Downloading, Installing, and Running HijackThis taking care to install it as per the instructions to the proper folder and to properly rename the hijackthis.exe file to analyse.exe. This is very important due to some new infections going around!

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:

CounterSpy (this one must be saved by you)

(AVG Antispyware log) – this one ONLY IF you were not able to run CounterSpy

Bitdefender – from step 6

activescan.txt – from the Panda scan from step 6

runkeys.txt - the log from GetRunKey.bat

newfiles.txt - the log from ShowNew.bat

hijackthis.txt – the log from the analyse.exe scan – (HijackThis has to be renamed and be in the proper folder – read the instructions!)

NOTE:You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
Click to expand...

abri

Drs Orders · Sep 21, 2007

Thanks abri , Will do .

chaslang · Sep 21, 2007

Drs Orders said: ↑

Win32:CTX virus has shown up on a scan with avast . any way of removing it . i put it in the vault for now . Thanks .
Click to expand...

Pay close attention to step 6 of the READ ME. This is often just a false positive from Avast. It picks up Panda's defintions as this virus. That may be what your problem is. What was the filename that was detected.

Drs Orders · Sep 22, 2007

The virus is in 2
locations:
1. C:\System Volume
Information\_restore{93EA7B1-3634-4E01-BFEE-735EDB571361}RP1121. The file
name is AD101175.dll
2. C:\Windows\system32\ActiveScan. File name is pskavs.dll . should i flush the system restore before trying to remove it , or after we take it out from hjt ?

Will post the HJT log alter today . thanks for all the help .

chaslang · Sep 22, 2007

Drs Orders said: ↑

1. C:\System Volume
Information\_restore{93EA7B1-3634-4E01-BFEE-735EDB571361}RP1121. The file
name is AD101175.dll
2. C:\Windows\system32\ActiveScan. File name is pskavs.dll . should i flush the system restore before trying to remove it , or after we take it out from hjt ?
Click to expand...

This is just what I mentioned from Panda and is a false detection. It is also probably what you see in the System Restore folder. I would ignore.

A HijackThis log the last log requested and would not show any problems related to the above.

Drs Orders · Sep 22, 2007

Thanks chaslang .

chaslang · Sep 22, 2007

You're welcome. Surf safely!

Log in or Sign up

Win32:CTX virus

Drs Orders Private E-2

abri MajorGeek

Drs Orders Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Drs Orders Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Drs Orders Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Log in or Sign up

Win32:CTX virus

Drs Orders Private E-2

abri MajorGeek

Drs Orders Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Drs Orders Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Drs Orders Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Useful Searches