Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

avifil.dll unable to clean/delete/quarantine [Solved]


  • This topic is locked This topic is locked

#16
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Lets do an online scan to see if we missed anything :)


Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic



How is the computer now? :)
  • 0

Advertisements


#17
vvv447

vvv447

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
The checking takes longer than I'd thought. Another hour maybe. Thanks.
  • 0

#18
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Ok. will wait for you.. Its over 12.15 am in Malaysia and I need to sleep.. Tomorrow I have class until 3pm.. So, I'll be here after that.. :)
  • 0

#19
vvv447

vvv447

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3853 (20090214)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=cc4aa4858b1a0c449b87b3015b6eafa5
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2009-02-15 03:59:03
# local_time=2009-02-15 06:59:03 )
# country="Russia"
# osver=5.1.2600 NT Service Pack 3
# scanned=548998
# found=11
# scan_time=3168
C:\Qoobox\Quarantine\C\autorun.inf.vir Win32/AutoRun.Agent.BE worm (unable to clean - deleted) 00000000000000000000000000000000
C:\Qoobox\Quarantine\C\resycled\boot.com.vir a variant of Win32/Kryptik.BT trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\Qoobox\Quarantine\C\WINDOWS\system32\_avifil_.dll.zip a variant of Win32/Rootkit.Podnuha trojan (deleted) 00000000000000000000000000000000
C:\Qoobox\Quarantine\C\WINDOWS\system32\_avifil_.dll.zip »ZIP »avifil.dll a variant of Win32/Rootkit.Podnuha trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_jmdfmwtz_.sys.zip Win32/BHO.EXT trojan (deleted) 00000000000000000000000000000000
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_jmdfmwtz_.sys.zip »ZIP »jmdfmwtz.sys Win32/BHO.EXT trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
D:\Consultant\Инструкции и таблетки\REGISTRATOR.rar probably a variant of Win32/StartPage trojan (deleted) 00000000000000000000000000000000
D:\Consultant\Инструкции и таблетки\REGISTRATOR.rar »RAR »ђ…ѓ€‘’ђЂ’Ћђ.exe probably a variant of Win32/StartPage trojan (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
D:\Consultant\Инструкции и таблетки\REGISTRATOR.rar »RAR »ђ…ѓ€‘’ђЂ’Ћђ.exe »RAR »Set.exe probably a variant of Win32/StartPage trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
D:\Consultant\Инструкции и таблетки\РЕГИСТРАТОР.exe probably a variant of Win32/StartPage trojan (deleted) 00000000000000000000000000000000
D:\Consultant\Инструкции и таблетки\РЕГИСТРАТОР.exe »RAR »Set.exe probably a variant of Win32/StartPage trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000

Please, disregard all files named registrator - it's a trusted program, which is known to be identified as virus threat. The rest - it cleaned them alright. It's strange that my Symantec missed these threats, though it's a paid software.

Thank you so much for your help!!! Should you need anything in Russia, please, apply, we'll see what can be done.
:)

Edited by vvv447, 15 February 2009 - 10:32 AM.

  • 0

#20
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts

Please, disregard all files named registrator - it's a trusted program, which is known to be identified as virus threat.


D:\Consultant\Инструкции и таблетки\REGISTRATOR.rar probably a variant of Win32/StartPage trojan (deleted)


I'm afraid its already deleted by ESET :)

You might have to install it again.. :)


I have a brother in Moscow, he's studying Medical there.. I can't remember which University though...


Ok, my final instruction for you.. Just before I go to sleep :)


Please download OTCleanIt and save it to Desktop.
  • Make sure you have internet connection..
  • Double-click OTCleanIt.exe
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes




Please read these excellent articles by miekiemoes :
Help! My computer is slow!
How to prevent Malware

Please reply to this thread once more and tell us about the computer behaviour before we can close this thread :)



Have a safe and happy computing day!


Regards
fenzodahl512
  • 0

#21
vvv447

vvv447

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
No problem for "registrator.exe" - have a copy of it
The computer is running quite well, fast loading, even faster than before the virus appeared.

Thank you again. If your brother needs any assistance here, we might be able to help.

Have a good day you too.

Edited by vvv447, 15 February 2009 - 01:02 PM.

  • 0

#22
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP