Need some info on virus

Discussion in 'Malware Help (A Specialist Will Reply)' started by Bladesofhalo, May 27, 2006.

  1. Bladesofhalo

    Bladesofhalo MajorGeek

    I did a antivirus scan with Avira and found 21 detections of some virus can I get some info on what it is? Ill post the scan log.
     

    Attached Files:

    Bladesofhalo, May 27, 2006
    #1
  2. Bladesofhalo

    Bladesofhalo MajorGeek

    Well they are multiple viruses but I still dont know how they got there? :eek:
     
    Bladesofhalo, May 28, 2006
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Well I only see one detection!

    D:\I386\Apps\APP29100\src\BIN\TUTESN.EXE

    The rest are all the samething (although some were just found in system restore).

    Is the D drive you Windows Boot drive. The I386 folder is the normal folder that stores backups of all the Windows installation files but it does not have an Apps folder. Where did this folder come from?

    Your AV deleted the one on i386 but cannot fix anything in System Restore while system restore is enabled. This can be a serious infection. It can delete all of your Windows files. You appear to have a new form that is not clearly describe yet. See:

    http://www.viruslist.com/en/viruses/encyclopedia?virusid=121901

    For an older form that is described, see: http://www.sophos.com/virusinfo/analyses/trojkillwinak.html
     
    chaslang, May 29, 2006
    #3
  4. Bladesofhalo

    Bladesofhalo MajorGeek

    Yes my D drive is my boot drive. But im not sure where the folder came from.

    So if my anti-virus didnt delete the files like it said it did, then what should I do?
     
    Bladesofhalo, May 29, 2006
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Check for yourself and delete the file if it exists. In reality I question what the whole D:\I386\Apps folder is. i386 would be okay if it just contained a copy of the files from your Windows XP CD which is normal, but the Apps folder does not appear to be normal. What else is in this Apps folder and what else is in the APP29100 folder? Does anything there look familiar to you?
     
    chaslang, May 29, 2006
    #5
  6. Bladesofhalo

    Bladesofhalo MajorGeek

    I cant access my drive D cause this message pops up:

    Recovery Partition
    Warning!

    This area of your hard disk
    (or partition) contains files used
    for your system recovery.

    Do not delete or alter these files.

    Any change to this partition could
    prevent any recovery later.
     
    Bladesofhalo, May 29, 2006
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I thought you said the D drive was your Boot drive. Apparently it is not your boot drive.

    Base on the below old thread of yours, your boot drive is C:

    http://forums.majorgeeks.com/showthread.php?t=88912
     
    chaslang, May 30, 2006
    #7
  8. Bladesofhalo

    Bladesofhalo MajorGeek

    Weird, I always thought my D Drive was my boot drive.....:mad:
     
    Bladesofhalo, May 30, 2006
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    We learn something every day. ;)

    I assume we are all done anyway since that is your recovery partition and you should not be touching it?
     
    chaslang, May 30, 2006
    #9
  10. Bladesofhalo

    Bladesofhalo MajorGeek

    Yep lets not mess with my recovery partiiton ;)
     
    Bladesofhalo, May 31, 2006
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds