Malware- Admin 2009.08.05

manilka835 · Aug 5, 2009

Dr. K.D.J.H. Manilka Jayawardena,
Medical Officer,
National Tuberculosis Reference Laboratory (Central Laboratory of NPTCCD),
Chest Hospital Premises,
Welisara.
Sri Lanka.
Wednesday, 05th August 2009.

Dear MajorGeeks Support Forums,

Malware- Admin 2009.08.05

The following objects were identified by the Antivirus Programme as infections and were quarantined safely as they could not be cleaned.

1. Object Name- D:\System Volume Information\_restore{3EE612D7-53B0-4B4B-A178-F74AA09A354B}\RP19\A0001800.exe
Size-1342377
Reason-Probably a variant of Win32/Trojen Dropper.Agent trojen

2. Object Name- D:\System Volume Information\_restore{3EE612D7-53B0-4B4B-A178-F74AA09A354B}\RP12\A0000976.exe
Size-1342377
Reason-Probably a variant of Win32/Trojen Dropper.Agent trojen

3. Object Name- D:\System Volume Information\_restore{3EE612D7-53B0-4B4B-A178-F74AA09A354B}\RP7\A0000592.exe
Size-1342377
Reason-Probably a variant of Win32/Trojen Dropper.Agent trojen

I will proceed with their deletion.

As per my weekly scanning programme, I have also run
1. SUPERAntiSpyware
2. Malwarebytes Anti-Malware prior to running the Anti-virus Programme.

The relevant logs are attached herewith.

I wish to know whether any further actions are necessary.

Thanking you.
All the best,
Manilka
:confused

TimW · Aug 7, 2009

Malware that resides in the system restore folders can only be removed by toggling system restore:

If you are running Vista, Windows XP or Windows ME, do the below:
Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
Then reboot and Enable System Restore to create a new clean Restore Point.
Click to expand...

Log in or Sign up

Malware- Admin 2009.08.05

manilka835 Specialist

Attached Files:

SUPERAntiSpyware Scan Log - 08-03-2009 - 21-34-38.log

mbam-log-2009-08-03 (22-14-02).txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member