Virus Infection

[bedek78]

Hi,

I did as the Technical Support team advised. Here is what had happened:

Once I installed the Virus Removal Tool 2010, a window popped out with a message that said something like 'application launch failed'. It gave me the option to send a report, which I did. Not sure if it was sent, though. Nevertheless, the Removal Tool is installed. I was able to do the scan you suggested. But funny thing is that the Tool didn't go to my tray and whenever I try to exit it, it asked whether or not I want to uninstall it. Is it supposed to do that?

Anyway, after the scan, I again did the same scan, but using the Anti-Virus. After that I was able to "Neutralize All" the threats. This got rid of the red "your computer is at risk" message, and replace it with the green "Your computer is protected" message.

However, this did not get rid of most of the problems I explained to you earlier and it seems that there is still virus/malware activities infecting my computer.

Below I list the virus/malware activities so you can recognize them:

• Any Kaspersky-related windows constantly being minimized (and thrown out of the screen), despite my effort to maximize them. This makes it difficult to manage them. I had tried repairing it through the "Modify, Repair, or Remove" command, but to no avail. Will uninstalling the Anti-Virus and re-installing it fix the problem?
• There seems to be a spyware affecting my "Windows Explorer". It is constantly being detected, and denied by Kaspersky. But I was wondering if Kaspersky can get rid of it for good?
  (4/29/2010 1:59:58 AM Detected: 85.17.93.189 Windows Explorer hxxp://85.17.93.189/cdn/vf2104c115165440
  Databases)
• In Firefox, there is this plugin called XUL Cache that seem to install itself and it redirects Google search results to "attack sites" (hxxp://tinyurl.com/2efrqzq). I can uninstall it, but once I restart my computer, it will return. I assume this is a malware and I was wondering why Kaspersky isn't detecting it?
• Also, I kept getting lsass.exe system error. I read from the net that lsass.exe is often infected. Again, can Kaspersky fix this?
• One last thing is that ever since I was attacked by the 'virus' (?), video streaming from any browser had become ridiculously slow, and sometimes it even stopped completely. Even uploading small files become ridiculously slow as well.

Please, enlighten me on these issues. Are those virus-related that can be fixed by Kaspersky or are they something else?

Thanks again for your continuous support.

PS: Here's the most recent report from KAV 2009: http://www.zumodrive.com/share/4ZFkNThkZT. Also attached the report from Kaspersky Virus Removal Tool 2010.

Regards,
ALDI<img style="visibility: hidden;" id="kosa-target-image">

[Rene-gad]

- Execute following script in Manual Healing

Код:

begin
SetAVZGuardStatus(True);
 QuarantineFile('C:\WINDOWS\system32\cmdial3232.dll','');
 QuarantineFile('C:\WINDOWS\system32\CleanMem.exe','');
 QuarantineFile('C:\WINDOWS\system32\btbip32.dll','');
BC_ImportAll;
BC_Activate;
RebootWindows(true);
end.

After reboot:
- Execute following script in Manual Healing

Код:

begin
CreateQurantineArchive('C:\quarantine.zip');    
end.

- Upload the C:\quarantine.zip here: http://virusinfo.info/upload_virus_eng.php?tid=77298

[CyberHelper]

Статистика проведенного лечения:

• Получено карантинов: 1
• Обработано файлов: 9
• В ходе лечения обнаружены вредоносные программы:
  
  1. c:\windows\system32\btbip32.dll - Trojan-Downloader.Win32.Agent.dqjc ( DrWEB: Trojan.Searcher.102, AVAST4: Win32:Dracur-B [Cryp] )
  2. c:\windows\system32\cmdial3232.dll - P2P-Worm.Win32.Nugg.dn ( DrWEB: Trojan.Bender.4, BitDefender: Backdoor.Generic.330084, AVAST4: Win32:Dracur-B [Cryp] )