rocky2[1].exe

Networking/Security Forums -> Viruses // Worms

Author: killercrushLocation: earth PostPosted: Tue Jul 27, 2004 2:59 am    Post subject: rocky2[1].exe
    ----
Is this a virus? When I did a scan on RAV it said that it was a virus/infected file. It's located in
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6OEYI42A\
and it wont allow me to delete it.

Or should I not be worried about it at all?

Author: fuzed PostPosted: Tue Jul 27, 2004 3:48 pm    Post subject:
    ----
havent used that flavour of AV, but some av apps tell you what the virii are... I would get to command prompt and delete the file from there, make sure its not running in task manager either.

run AV on all of your HD's as well...

do a search on google for the file found and add virus on as well.

Author: GroovicusLocation: Centerville, South Dakota PostPosted: Tue Jul 27, 2004 6:01 pm    Post subject:
    ----
Boot into safe mode, open IE...go to tools, preferences, and flush your temp files.

See if that does it.

Author: killercrushLocation: earth PostPosted: Tue Jul 27, 2004 7:36 pm    Post subject:
    ----
groovicus wrote:
Boot into safe mode, open IE...go to tools, preferences, and flush your temp files.

See if that does it.


ive already done that and it didn't work. Confused

Author: GroovicusLocation: Centerville, South Dakota PostPosted: Tue Jul 27, 2004 7:47 pm    Post subject:
    ----
Your AV should give you the option to rename, delete, etc. Rename it or delete it from there.

It is in your browser cache, so that is where it needs to be deleted from.

Can I get the fill path name? Very Happy

EDIT:

Just had another thought.

Open notepad and paste in the following lines:

del c:\ *.tmp
del %temp%\*.tmp /f
del %windir%\prefetch\*.*
del %windir%\temp\*.* /f

Save to desktop as 'clean.bat' , file type - 'all files'

DoubleClick on the icon, and say yes when prompted.

Author: killercrushLocation: earth PostPosted: Tue Jul 27, 2004 8:00 pm    Post subject:
    ----
I got rid of the rocky2[1].exe. it had duplicated itself into some other folders but each allowed me to delete it. so that problem is now out of the way.

however

i did end up finding some more problems listed when i ran RAV once more. here is what it came up with. Please let me know if any of these files will be harmful to the computer of if it's something that I shouldn't worry about.

Scan started at 7/27/2004 12:40:39 PM

Scanning memory...
Scanning boot sectors...
Scanning files...
C:\RECYCLER\S-1-5-21-1051151432-1597056692-1010472921-1003\Dc1.exe - PWS:Win32/Briss -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164713.EXE - Tool:PornDialer.BP -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164749.exe - Tool:PornDialer.BP -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164750.dll - Trojan:Win32/StartPage.IX -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164751.dll - Trojan:Win32/StartPage.IX -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164752.dll - Trojan:Win32/StartPage.IX -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164753.dll - Trojan:Win32/StartPage.IX -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164754.dll - Trojan:Win32/StartPage.IX -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164755.dll - Trojan:Win32/StartPage.IX -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164756.dll - Trojan:Win32/StartPage.IX -> Infected
C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP219\A0164757.dll - Trojan:Win32/StartPage.IX -> Infected

Scanned
============================
Objects: 51404
Directories: 3055
Archives: 6077
Size(Kb): 855621
Infected files: 11

Found
============================
Viruses found: 3
Suspicious files: 0
Disinfected files: 0
Mail files: 68



Thanks

Author: GroovicusLocation: Centerville, South Dakota PostPosted: Tue Jul 27, 2004 8:07 pm    Post subject:
    ----
Empty your recycle bin, then disable, then re-enable your system restore.

That should solve it. Very Happy

Author: heh PostPosted: Tue Jul 27, 2004 10:23 pm    Post subject:
    ----
start page is annoying Mad

Author: killercrushLocation: earth PostPosted: Wed Jul 28, 2004 5:39 am    Post subject:
    ----
groovicus wrote:
Empty your recycle bin, then disable, then re-enable your system restore.

That should solve it. Very Happy


See... my recycle bin is empty. That's a file that's inside of a protected items deleted folder and it wont let me completely delete it, only restore it.



Networking/Security Forums -> Viruses // Worms


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group