win32/tenga.a and installoption.dll problem

Discussion in 'NOD32 version 2 Forum' started by merlin3000, Nov 26, 2005.

Thread Status:
Not open for further replies.
  1. merlin3000

    merlin3000 Registered Member

    Joined:
    Nov 26, 2005
    Posts:
    2
    Hi there I've been using nod32 without any kind of problems until I've had a virus detected notification of win32/tenga.a I've repared the dozens of inected files but abou 90% of them were damaged. The problem s that even after the computer is clean a few hours later if I have new exe's in the computer they will be infected too. After a few days of redownloading everything I wanted several times I tried to do another scan winth nod but when he finds a file named "installoptions.dll" it just stays there I've waited hours with no progression. I've searched by that file but it doesn't exist so I supposed it is some kind of windows process but other AV run just fine.

    Can someone help me to resolve the tenga.a infection and the installoptions.dll problems?

    Thank you in advance
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi merlin3000, welcome to Wilders.

    Have you tried a scan with Nod32 while in "Safe Mode"?

    Cheers :D
     
  3. merlin3000

    merlin3000 Registered Member

    Joined:
    Nov 26, 2005
    Posts:
    2
    Yes I've tried but the problem remains, once the "InstallOptions.dll" is detected nod32 stays scanning that file forever.
     
  4. m9918868

    m9918868 Registered Member

    Joined:
    Mar 27, 2006
    Posts:
    5
    Although Nod32 didn't come up with any win32/tenga, I do have the exactly same problem with the installoption.dll (keeps scanning for hours, hogs till a worrisome 99%cpu usage, hangs Nod32). Has there been found a solution for this problem?

    This problem bothers me, as i have noticed in my router-log that my pc is used for syn flood-attacks (with a consequent slowed down internet connection).
     
  5. Happy Bytes

    Happy Bytes Guest

    can you send this file please?
     
  6. m9918868

    m9918868 Registered Member

    Joined:
    Mar 27, 2006
    Posts:
    5
    Well, its situated in the "c:\volume\information\_restore\..." and I have no idea how to acces that folder.

    Any suggestion?
     
  7. Happy Bytes

    Happy Bytes Guest

    If you just want to get rid of it just disable the system restore function and apply this, then enable it again. Result: This **** should burn now in hell :D
     
  8. m9918868

    m9918868 Registered Member

    Joined:
    Mar 27, 2006
    Posts:
    5
    Thanks for your time, Happy Bytes. I'm gonna try that right now.
     
  9. Happy Bytes

    Happy Bytes Guest

    If your using XP just right click on my computer and then select properties.
    In the tab "System Restore" you will find all things what you need.
     
  10. m9918868

    m9918868 Registered Member

    Joined:
    Mar 27, 2006
    Posts:
    5
    I did as you described above. In addition (and to get rid of the syn flooding), I ran Hijackthis in order to find out if there were any trojans to be found. The only thing Hijackthis found, by the way, were two old Symantec entries. Yes, I admit, before discovering Nod32 i was ignorantly using NAV.

    The problem is not solved anyhow. Or better said: the problem might be solved, but it triggered a new one. When scanning, Nod32 just vanishes (not the control center, but the scanner) at 32% of the files.

    The problem with InstallOption.dll was at 85%, so I really don't know whether the original problem is solved. Fact is that vanishing scanning windows do not sound very healthy either.
     
  11. Happy Bytes

    Happy Bytes Guest

    Can you post a HJT-Log here?
     
  12. m9918868

    m9918868 Registered Member

    Joined:
    Mar 27, 2006
    Posts:
    5
    No need anymore. I restored everything, ran my reg cleaner, rebooted and let Nod32 scan again. And now -hurrah!- everything worked smooth as ever.

    Only thing is that I really don't have any clue anymore how to stop the syn floods: Nod32 didn't find any threat, neither did spyware doctor. But I guess this forum is not the place to ask for such advice.

    Cheers again for the help.
     
  13. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Hi, syn floods should be protected through your Firewall, I wouldn't know how Nod32 could stop this? It could disinfect/delete the malicious install, but cannot interphere with your inbound and outbound .. probably (most likely) this will get resolved with the new suite that Eset will release (a firewall incorporated and probably some other components too ...) but it's way too soon to talk about it .. no official details as of yet.

    By the way, this forum is an excellent place for asking such questions! :thumb: but once it isn't related to Nod32 anymore, this will get moved to the proper area :D .. and sometimes, you won't have to do a thing for it :)
     
Thread Status:
Not open for further replies.