Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » Anti-Virus » [Resolved] My students downloaded a new virus on my networked cpu

Anti-Virus - [Resolved] My students downloaded a new virus on my networked cpu posted in the Security & Safety forums; :x? ? The Fsecure version 5.40 identified the following? infected files (win2000NT)? networked It was unable to disinfect or delete these files.. ? C:\WINNT\system32\in10b6s.dll Infection: Trojan-Dropper.Win32.Small.tz ? C:\WINNT\system32\in10b6s.dlltmp Infection: Trojan-Dropper.Win32.Small.tz ...

JOIN US NOW to remove these Ads

pc help forum number one in the search engines
Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 03-14-2005
Hollowjim's Avatar
Bronze Member
  
Join Date: Jan 1970
Posts: 18
Hollowjim - See this Members User comments on their Profile page
Default [Resolved] My students downloaded a new virus on my networked cpu
:x? ?

The Fsecure version 5.40 identified the following? infected files (win2000NT)? networked
It was unable to disinfect or delete these files..

? C:\WINNT\system32\in10b6s.dll Infection: Trojan-Dropper.Win32.Small.tz
? C:\WINNT\system32\in10b6s.dlltmp Infection: Trojan-Dropper.Win32.Small.tz
? C:\WINNT\system32\MB.dll Infection: Trojan-Dropper.Win32.Small.so
? C:\WINNT\system32\saie321.dll Infection: Trojan-Dropper.Win32.Small.nj
? C:\WINNT\system32\saie321.dlltmp Infection: Trojan-Dropper.Win32.Small.nj

Please help before I'm fired..lol? ? ?
  #2  
Old 03-14-2005
Zimbo's Avatar
Friend of PCHF
  
Join Date: Sep 2004
Location: Right here !
Posts: 2,150
Zimbo - See this Members User comments on their Profile page
Default Re: My students downloaded a new virus on my networked cpu
Hey Jim
Try this, not too sure if it works 100%

Unregister DLLs:

Unregister these DLLs with Regsvr32, then reboot:
mydailyhoroscope17307.dll

Remove Files:

Remove these files (if present) with Windows Explorer:
mydailyhoroscope17307.dll

Also might be worth downloading AVG and trying to scan it with that.
http://www.pcworld.com/downloads/fil...RSS,RSS,00.asp

Have you tried booting your machine into SafeMode and running the viruscan from there, this normally fixes the problem when anti-virus stuff cant "disinfect or delete files"

Also might be worth posting your HiJack list for us to check.
  #3  
Old 03-14-2005
Hollowjim's Avatar
Bronze Member
  
Join Date: Jan 1970
Posts: 18
Hollowjim - See this Members User comments on their Profile page
Default Re: My students downloaded a new virus on my networked cpu
Unfortunately ... in safe mode I have no access to the Fsecure program.. But I tried renaming a tmp folder and putting the files in there.. but no luck..can't move files .. or rename them.


  #4  
Old 03-15-2005
Hengis's Avatar
PCHF Founder & Owner
My PC
 
Join Date: Jan 2004
Location: Newbury, England
Posts: 10,785
PC Experience: Always learning
Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page
Send a message via Skype™ to Hengis
Default Re: My students downloaded a new virus on my networked cpu
Hi Jim.

I have had the.dropper "trojan" in the past and I got rid of it by running Ad-Aware. It's usually associated with mp3 sites.


__________________
> Pre-Work > System File Checker
> Did we help you? If we did, please consider Donating
  #5  
Old 03-15-2005
Hollowjim's Avatar
Bronze Member
  
Join Date: Jan 1970
Posts: 18
Hollowjim - See this Members User comments on their Profile page
Default Re: My students downloaded a new virus on my networked cpu
:-o? ?I ran Ad-Aware SE today.. even in safe mode.. but it never deletes the files... it says they are quarentined...but fsecure still locates them..very stubborn.. after reboot they are still there..?

:oops:
  #6  
Old 03-16-2005
Zimbo's Avatar
Friend of PCHF
  
Join Date: Sep 2004
Location: Right here !
Posts: 2,150
Zimbo - See this Members User comments on their Profile page
Default Re: My students downloaded a new virus on my networked cpu
Could you post a HijackThis list, will make it easier to see the problem

Otherwise
Try boot into safemode again, this time open the registry. (START --- RUN --- and type regedit)

Look in the following folder
HKEY_LOCAL_MACHINE --> SOFTWARE --> MICROSOFT --> WINDOWS --> CURRENTVERSION--> RUN

Look for anything strange e.g. anything with these names:
  • saie321
  • in10b6s
  • mb

Also run a search for these files:

? C:\WINNT\system32\in10b6s.dll
? C:\WINNT\system32\MB.dll
? C:\WINNT\system32\saie321.dll

Delete the files once found. (Windows doesn't need them)

Could be worth checking this website out:

http://www.easydesksoftware.com/news/news25.htm

Reply
New! Norton Internet Security 2008 – Download Now Click Here
Page 1 of 2 1 2 >

Bookmarks

« [Information/Pending]MSN virus shuts down access to AV software | [Answered] Help with Norton Antivirus 2005 »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 04:37 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top