Re: special virus in my flash disk (hitman and film)



From: "Ahmed Abdelmoumen" <abdelmoumen@xxxxxxxxx>

| hi, every time i plug my USB flash disk,

| the system genere a hitman.ece and film.exe file in my USB disk

| and in each folder, i found an exe file file named like the directory.

| if i delete these files, they will be generate again.

| if i kill cftmon process this fact will stop, and i can delete these files,
| but in the next time they will be again.

| if i delete the cftmon.exe under windows\system32

| it will be recreated again.

| can any one help me.
| best regards.
| Ahmed.


You need to turn off AutoPlay/AutoRun as well as clean the computer of malwae as well as
all Flash Drives/removable reda/write media.


Download MULTI_AV.EXE from the URL --
http://www.pctip.ch/ds/28400/28470/Multi_AV.exe
or
http://212.98.39.7/ds/28400/28470/Multi_AV.exe

http://www.pctip.ch/downloads/dl/35905.asp
or
http://212.98.39.7/downloads/dl/35905.asp

English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/


To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file.

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


.



Relevant Pages

  • Re: W32.alrca.C
    ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key ... It is suggested to run the scanners in both Safe Mode and Normal Mode. ...
    (microsoft.public.security.virus)
  • Re: TrojanDownloader.ImLoad.100
    ... | please see my comments to symantec at bottom: ... you may want to try my Multi AV Command Line Scanner front end ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... You can choose to go to each menu item and just download the needed files or you can ...
    (microsoft.public.security.virus)
  • Re: security toolbar 7.1
    ... To go back to Normal Mode, ... A description of the Safe Mode Boot options in Windows XP ... You can choose to go to each menu item and just download the needed files ... have downloaded the files needed for each scanner you want to use, ...
    (microsoft.public.windowsupdate)
  • Re: Codbot.X
    ... malware applications isn't the software to use. ... The following multi-vendor AV scanner utility includes; ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... You can choose to go to each menu item and just download the needed files or you can ...
    (microsoft.public.windowsxp.general)
  • Re: pop up across desktop
    ... Thanks, Steve T. ... download it and upgrade immediately then press Scan Your Computer button ... in normal mode; found 7 infections and cleaned them ... It did not find anything in Safe Mode after. ...
    (microsoft.public.windowsxp.general)