problem plz help virus

Time Module Object Name Threat Action User Information
6/17/2007 2:24:57 AM AMON file C:\DOCUME~1\Tao\LOCALS~1\Temp\laf1EA3.tmp Win32/Hoax.Renos.NBN application quarantined - deleted LEO\Tao Event occurred on a file modified by the application: C:\Documents and Settings\Tao\Desktop\setup.exe. The file was moved to quarantine. You may close this window.
6/4/2007 16:20:00 PM IMON archive ~snip~ a variant of Win32/TrojanDownloader.Small.NUS trojan Connection terminated LEO\Tao

i have this problem...can anyone help me?
the Win32/Hoax.Renos.NBN application

 

Hi minijumbuk, welcome to Wilders.

NOD32 has dealt with both: AMON - "application quarantined - deleted" and IMON - "Connection terminated".

Cheers

 

Hey try smitfraudfix to clear out the RENOS threat. Just google the word, smitfraudfix

 

the problem was not solved and the popups continued to come up...its very annoying!! please help

 

Open Control Center and click on Update -> Update now to ensure your NOD32 is up to date.

Make sure your settings are the same as this tutorial.

Open Control Center -> NOD32 -> Run NOD32 and perforum full Scan&Clean over your hard drives . NOD32 will take care of all threats found

If you have problems deleting them in Normal mode , boot in Safe Mode and then perform full scan there .

If the problem still persists , don't hesitate to contact ESET Tech Support

 

many pop-ups continue to come up...please help

 

Hi there, the most likely cause is Smitfraud; however I have also included 3 other links for removal of the most prevalent advertising popups.

Please complete the following, it is required to remove detection of 4 tools that we are about to download and use, these tools may be detected by NOD32 if you have “Potentially Dangerous Applications” (version 2.5) or "Potentially unwanted and unsafe applications" (version 2.7) ticked within NOD32.

1. Please go to the NOD32 Control Centre (Start> All Programs> Eset> NOD32 Control Centre)
2. Click on AMON> Setup> Options (tab)
3. Untick “Potentially Dangerous Applications” (version 2.5) or "Potentially unwanted and unsafe applications" (version 2.7).
4. Click on OK.
5. Click on IMON> Setup> Miscellaneous (tab)> Scanner Setup> Setup (tab)
6. Untick “Potentially Dangerous Applications” (version 2.5) or "Potentially unwanted and unsafe applications" (version 2.7).
7. Click on OK.
8. Click on OK


When the process below is complete, please place a tick back in “Potentially Dangerous Applications” (version 2.5) or "Potentially unwanted and unsafe applications" (version 2.7).


Please follow the instructions found at the following 3 websites:

VundoFix here: http://www.atribune.org/content/view/24/2/

SmitfraudFix here: http://www.bleepingcomputer.com/forums/topic17258.html

Look2Me Destroyer here: http://www.atribune.org/content/view/28/2/

Fix Wareout here: Fix Wareout here: http://forums.majorgeeks.com/showthread.php?t=95472


When the process above is complete, please place a tick back in “Potentially Dangerous Applications” (version 2.5) or "Potentially unwanted and unsafe applications" (version 2.7).

Please complete the process below to ensure this does not happen again:

Check your settings against those found in the following NOD32 Tutorial: https://www.wilderssecurity.com/showthread.php?t=37509


AFTER this run a scan by following these steps:

1. Click on the NOD32 Control Centre (Green and White split square on the bottom right hand corner of your computers screen).
2. Click on NOD32.
3. Click on Run NOD32.
4. Click on “Scan and Clean”.
5. Reboot your Computer into “Safe Mode”.
6. Click on Start> All Programs> ESET> NOD32
7. Click on “Scan and Clean”.
8. Check the scan results.

AFTER and ONLY AFTER the above two scans are complete and ONLY if the infection remains, please complete the following:

Download HijackThis from here: https://www.wilderssecurity.com/showthread.php?t=12516

Download Autoruns from here: http://www.sysinternals.com/Utilities/Autoruns.html

Download and run Lookinmypc from here: http://www.lookinmypc.com
1. Select "Generate report"
2. Wait - scan results will pop up in a browser
3. Go to folder with LookInMyPC installed (default in C:\ProgramFiles\LookInMyPC\Reports\username\LookInMyPC.zip), and attach LookInMyPC.zip to the reply email

Then run the other 2 programs and forward the logs from all three programs to support @ eset.sk together with the following:

1. Go to the NOD32 Control Centre
2. Click on Logs
3. Right Click on one of last completed full system scan logs.
4. Click on “Details”
5. Right Click anywhere on the scan log
6. Click on “copy all”
7. Right Click in the replying email to me.
8. Click on “Paste”

This will paste a copy of one of the scans you have completed.

Let us know how you go...

Cheers