General discussion



By lassy ·
unknown virus detected ... anti virus program unable to disinfect. scanned.... no virus detected.
the virus was found in the following file..

--> d:\docume~1\username~1\local~1\pic32.tmp.exe
--> d:\docume~1\username~1\local~1\pic33.tmp.exe
--> d:\docume~1\username~1\local~1\pic64.tmp.exe
--> d:\docume~1\username~1\local~1\pic70.tmp.exe

delete next reboot box, checked, rebooted.... message keeps popping up... scanned over and over... no files infected... why the drive???

help me!!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by gary In reply to HELP

I notice that your 'virus' is appearing in documet~1 - Thats normally your documents and settings folder so:

1. Do you have roaming profiles?

2. Do you have any suspect services running that could be recreating/downloading this virus?

3. Do you have any suspect programs running under HLM/Run or similar that could be doing the same?

Collapse -

by lassy In reply to
Collapse -

by w2ktechman In reply to HELP

get an update for your AV program, from another system and put it on dosk, flash drive, etc.
Boot infected system into safe mode.
delete files, empty c:\docs&set\profile\localset\temp
systemroot prefetch

turn off system restore
regedit -- look under
\software\microsoft\windows\currentver\run, runonce, runonceex
look for what loads, backup these folders before doing anything else (I export to my desktop).
remove any offending entries. If you are unsure do a web search for each file name
update AV and scan
obtain antispyware utils from a different system and put on a disk,
install and scan
if it all looks good, reboot and try again.

Collapse -

by lassy In reply to

Poster rated this answer.

Collapse -

by sgt_shultz In reply to HELP

i take it you have no d: drive. give us more: what antivirus? did you run it in safe mode? maybe it is reinfecting...altho that doesn't answer your d: drive question...
you run it with system restore off, yes? and in all the user profiles, yes? and you manually searched for these fishy *tmp.exe files and deleted them, yes?

Collapse -

by lassy In reply to

Poster rated this answer.

Related Discussions

Related Forums