Please report all spam threads, posts and suspicious members. We receive spam notifications and will take immediate action!
Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: can't remove virus




  1. #1
    Join Date
    Feb 2003
    Posts
    63

    Default

    well i picked up some unwanted stuff and having a hard time removing it using AVG virus. i e-mailed avg for there support but i'll probably not here back from until monday or so,so i thought i would make a post and see what your people think.I'm getting tired of having the avg pop up window popping up saying i have virus you must run avg,i'm using there free version 6.0.459.Here is what the pop up window is saying.

    virus identified Win32/hantaner
    is found in file
    C:\\System Volume
    Information\\_restore{910d7d9b-24a4-420c-9ae9-99620447448c2}\\rp20\\a0022949.exe

  2. #2
    Join Date
    Nov 2001
    Location
    New England Highlands, Australia
    Posts
    21,907

    Default

    This is the result of usin' KaZaa but it's fairly harmless though annoyin'.
    Win32.HLLP.Hantaner

    It is a harmless nonmemory resident parasitic Win32 virus. The virus itself is PE EXE file (Win32 executable file), it is written in Delphi and has the length about 47K (not compressed) or 24K (compressed by UPX).

    It searches for *.EXE files (any files with .EXE filename extension) in the KaZaa download directory and writes itself to the beginning of the files. As a result the virus is able to spread through KaZaa files sharing network (being downloaded from infected machine).

    The virus does not manifest itself in any way.

    The virus also contains the text strings:

    HANTA-Vjoiner ,si que lo hice yo, ErGrone/GEDZAC...
    eso va para los se”oritos de PER, en especial a Machado, que no tiene la educaci’n necesaria para responder un E-Mail.
    y para los que se enojaron con CPL, jeje, pa que ocupan Hotmail!!!, teniendo miles de mailbox gratis y con mas espacio.
    Fall’ la Heuristica y contra una t cnica antigua JoJOjOO-Escrito en Delphi 6!-
    Also (according to who you talk to) it affects your windows xp system restore points too (as it has with your's). :(

  3. #3
    Join Date
    Feb 2003
    Posts
    63

    Default

    very very good wiggo,that's exactly were i picked it up,and what would suggest on the removal of it and keep this from happing again,besides not visiting kazaa

  4. #4
    Join Date
    Nov 2001
    Location
    New England Highlands, Australia
    Posts
    21,907

    Default

    Myself, I'd just nuke the lot and reinstall but this maybe of help, http://vil.nai.com/vil/content/v_99881.htm ;)

  5. #5
    Join Date
    Feb 2003
    Posts
    63

    Default

    and once again very very good,i'll give it a try

    thanks :cheers:

  6. #6
    Join Date
    Dec 2002
    Location
    caves of bedrock
    Posts
    3,129

    Default

    i don't understand that how could you have faced a problem...:?:
    the error window that you are getting clearly suggests that you had the virus file backed up by the system restore utility of winXP.
    if you ever visited www.grisoft.com i.e. the home page for AVG anti-virus, it suggests to turn off the system restore feature everytime you clean up a virus. this way all the previous restore points are deleted and your PC is cleaned off without backing up the file effected by virus.
    anyways i hope that you got your PC cleared till now.
    for a future reference i would say, visit kazaa if you want to but do follow the necessary precautions. the most effective one could be scanning your "My Shared Folder" regularly (even while downloading from kazaa). it helps in the way that kazaa saves all the ongoing downloads in this folder as .dat files and cos the virus writes itself as the header of the file, virus part is the first one to be downloaded.
    when you scan the .dat files you will be able to know that whether a particular download is effected by virus. if it is, simply stop the download and delete that particular .dat file. this deletion will not be backed up by system restore feature and you won't be seeing that pop-up window ever again.
    Latest Microsoft Security Updates.
    Last Updated:
    10th MARCH


    If you are a security freak: Use Microsoft Baseline Security Analyzer (NT/2000/XP/2003)
    ======================
    icq : 203189004
    jabber : asklepios20@jabber.org
    =======================
    Linux user since: April 24, 2003 312478
    yabaa dabaa doo...
    Customized for 1024x768

  7. #7
    Join Date
    Feb 2003
    Posts
    63

    Default

    update!

    i went and turned off system restore,deleted kazaa and any files that i moved out off my kazaa folder,then rebooted my pc,well so far everything is working ok,and yes i went back and unchecked the system restore box so it's back on and rebooted my pc.

    asklepios-- thanks for the info i didn't know about turning off the system restore feature every-time you clean up a virus. that could of probably been an easier fix . thanks

    would you guys suggest a different virus program than avg anti-virus? it seems to of worked good so far until know or was that my mistake?

    once again it still seems to be working ok and a big thumb's up you that helped :thumb:

  8. #8
    Join Date
    Nov 2001
    Posts
    4,723

    Default

    It seems to me that it found the problem just fine:thumb:

    I don't think anyone has a 100% virus solution - well, not a software solution anyway:laugh:
    If there were, we wouldn't ever hear about any other:?:
    The reason a diamond shines so brightly is because it has many facets which reflect light.

  9. #9
    Join Date
    Nov 2001
    Location
    New England Highlands, Australia
    Posts
    21,907

    Default

    I'm quite happy with AVG myself and what happened to you then could've happened with another AV program bein' run. This is why I stay away from p2p programs as they are an infection just waitin' to happen. : peace2:

  10. #10
    Join Date
    Dec 2002
    Location
    caves of bedrock
    Posts
    3,129

    Default

    i would not curse AVG for those error windows you were getting rather you should appreciate the program that it informed you that you have a corrupt file in your system restore.
    just think that what if you had to restore your PC back to that specific date where the virus was there in the restore. what would have happened? you got an infected machine...isn't it?
    its good for you that it was just a harmless Hanataner but what if it was something more dangerous and you got it in restore?
    i would say stay with AVG, its a good AV software. Just cos something is free doesn't mean its not good. Trust the thing...you would not feel down...:thumb:
    Latest Microsoft Security Updates.
    Last Updated:
    10th MARCH


    If you are a security freak: Use Microsoft Baseline Security Analyzer (NT/2000/XP/2003)
    ======================
    icq : 203189004
    jabber : asklepios20@jabber.org
    =======================
    Linux user since: April 24, 2003 312478
    yabaa dabaa doo...
    Customized for 1024x768

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •