Virus PSW.small.D
metal_maniac
-
dark knight -
dark knight -
Bonjour a tous,
Voici mon souci :
AVG 6.0 Free me détecte le virus PSW.Small.D, je le mets enquarantaine ->No problem
Le "Hic" c'est qu au démarrage suivant du PC, AVG me le retrouve et c'est reparti pour un tour, etc,etc...
Si quelqu'un a rencontré le problême merci de me tenir aua courant de la suite à donner
@+
Voici mon souci :
AVG 6.0 Free me détecte le virus PSW.Small.D, je le mets enquarantaine ->No problem
Le "Hic" c'est qu au démarrage suivant du PC, AVG me le retrouve et c'est reparti pour un tour, etc,etc...
Si quelqu'un a rencontré le problême merci de me tenir aua courant de la suite à donner
@+
A voir également:
- Virus PSW.small.D
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Virus facebook demande d'amis - Accueil - Facebook
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
17 réponses
salut
deja supprime le de la quarantaine
Effacer fichiers temps
tu click sur demarrer/panneaux de configuration/option internet
une fenetre s ouvre tu click sur supprime les fichiers
une nouvelle petite fenetre s ouvre tu coche effacer tous le contenu hors connection et click ok
Desactiver restauration
il faut la desactiver
pour ca tu fait click droit sur poste de travail
propriete.tu click sur onglet restauration systeme
tu coche la case desactiver la restauration et applique
tu redemarre
tu fait scan en ligne ici pour verif
et si tous vas bien tu reactive ta restauration en refaisant le meme
chemin mais la tu decoche la case et tu redemarre
deja supprime le de la quarantaine
Effacer fichiers temps
tu click sur demarrer/panneaux de configuration/option internet
une fenetre s ouvre tu click sur supprime les fichiers
une nouvelle petite fenetre s ouvre tu coche effacer tous le contenu hors connection et click ok
Desactiver restauration
il faut la desactiver
pour ca tu fait click droit sur poste de travail
propriete.tu click sur onglet restauration systeme
tu coche la case desactiver la restauration et applique
tu redemarre
tu fait scan en ligne ici pour verif
et si tous vas bien tu reactive ta restauration en refaisant le meme
chemin mais la tu decoche la case et tu redemarre
Scan started at 28/05/2004 22:06:32
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\syshost.exe->(UPXW) - Exploit:Win32/RpcDcom.gen! -> Suspicious
C:\Program Files\Serials 2000\maj\s2k.serials2k7.1.zip->s2k.hacking.exe->(UPXW) - Tool:PornDialer.gen! -> Infected
C:\Program Files\Serials 2000\maj\s2k.hacking.exe->(UPXW) - Tool:PornDialer.gen! -> Infected
Scanned
============================
Objects: 19532
Directories: 1696
Archives: 767
Size(Kb): 1055202
Infected files: 2
Found
============================
Viruses found: 1
Suspicious files: 1
Disinfected files: 0
Mail files: 34
Voila ce que donne le scan en ligne et j ai encore eu le message d'avg concernant le virus PSW.Small.D au démarrage du PC en pendant le scan en ligne.
Meric d'avance et @+
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\syshost.exe->(UPXW) - Exploit:Win32/RpcDcom.gen! -> Suspicious
C:\Program Files\Serials 2000\maj\s2k.serials2k7.1.zip->s2k.hacking.exe->(UPXW) - Tool:PornDialer.gen! -> Infected
C:\Program Files\Serials 2000\maj\s2k.hacking.exe->(UPXW) - Tool:PornDialer.gen! -> Infected
Scanned
============================
Objects: 19532
Directories: 1696
Archives: 767
Size(Kb): 1055202
Infected files: 2
Found
============================
Viruses found: 1
Suspicious files: 1
Disinfected files: 0
Mail files: 34
Voila ce que donne le scan en ligne et j ai encore eu le message d'avg concernant le virus PSW.Small.D au démarrage du PC en pendant le scan en ligne.
Meric d'avance et @+
salut
pour ces fichiers tu demarre en mode sans echec
et tu supprime ces fichiers
a tu bien fait ce que j ai dit au niveau de la restauration et des temps
donne moi ce que te dit exactement le message de avg
pour ces fichiers tu demarre en mode sans echec
et tu supprime ces fichiers
a tu bien fait ce que j ai dit au niveau de la restauration et des temps
donne moi ce que te dit exactement le message de avg
Salut,
merci pour tes réponses rapides!
Voila ce que me dit AVG à chaque démarrage :
Virus
Trojan Horse PSW.Small.D
is found in file
C:/windows\system32\lol.dll
To remove the virus, please run avg for windows
Voila
En ce qui concerne la resrauration elle est toujours désctivée sur mon PC et pour les temp, j ai fait une recherche *.tmp puis suppression de tout ce qui m'a trouvé (quelques fichiers dans c:/windows n'ont pas pu etre supprimé car actifs, j'ai également supprimés les fichiers dans options internet et j'ai fait pour finir un nettoyage du disque c:
Un autre truc qui te mettra peut etre sur la voie : le pc ne s'éteint plus normalement, je sui obligé de faire Démarrer-fermer la seesion-changer d uilisateur-arreter le systeme pour qu'il s'arrete
Merci d'avance pour ton aide
merci pour tes réponses rapides!
Voila ce que me dit AVG à chaque démarrage :
Virus
Trojan Horse PSW.Small.D
is found in file
C:/windows\system32\lol.dll
To remove the virus, please run avg for windows
Voila
En ce qui concerne la resrauration elle est toujours désctivée sur mon PC et pour les temp, j ai fait une recherche *.tmp puis suppression de tout ce qui m'a trouvé (quelques fichiers dans c:/windows n'ont pas pu etre supprimé car actifs, j'ai également supprimés les fichiers dans options internet et j'ai fait pour finir un nettoyage du disque c:
Un autre truc qui te mettra peut etre sur la voie : le pc ne s'éteint plus normalement, je sui obligé de faire Démarrer-fermer la seesion-changer d uilisateur-arreter le systeme pour qu'il s'arrete
Merci d'avance pour ton aide
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Un peiti complement d'infos :
j ai refait scan en ligne apres avoir supprimé les deuc fichiers serial2k (je savais pas si je pouvais supprimé le fichier windows?) et j'ai cette fois ci désactivé AVG pendant le sca en ligne, voila ce que ca donne :
Scan started at 29/05/2004 11:05:33
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\syshost.exe->(UPXW) - Exploit:Win32/RpcDcom.gen! -> Suspicious
C:\WINDOWS\system32\lol.dll - SpyTool:Win32/Small.Q -> Suspicious
Scanned
============================
Objects: 19686
Directories: 1696
Archives: 765
Size(Kb): 1124340
Infected files: 0
Found
============================
Viruses found: 0
Suspicious files: 2
Disinfected files: 0
Mail files: 38
j ai refait scan en ligne apres avoir supprimé les deuc fichiers serial2k (je savais pas si je pouvais supprimé le fichier windows?) et j'ai cette fois ci désactivé AVG pendant le sca en ligne, voila ce que ca donne :
Scan started at 29/05/2004 11:05:33
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\syshost.exe->(UPXW) - Exploit:Win32/RpcDcom.gen! -> Suspicious
C:\WINDOWS\system32\lol.dll - SpyTool:Win32/Small.Q -> Suspicious
Scanned
============================
Objects: 19686
Directories: 1696
Archives: 765
Size(Kb): 1124340
Infected files: 0
Found
============================
Viruses found: 0
Suspicious files: 2
Disinfected files: 0
Mail files: 38
oki on avancee demarre en mode sans echec et supprime ces 2 fichiers redemarre une fenetre vas peut etre s ouvrir te disant qu il na pas trouver cette dll c est pas grave dit le moi je te dirais quoi faire
voici le compte rendu du scan apres avoir effacé les deux fichiers :
Scan started at 02/06/2004 20:53:55
Scanning memory...
Scanning boot sectors...
Scanning files...
Scanned
============================
Objects: 19888
Directories: 1702
Archives: 770
Size(Kb): 1107873
Infected files: 0
Found
============================
Viruses found: 0
Suspicious files: 0
Disinfected files: 0
Mail files: 44
Ca me semble plutot pas mal, je n ai plus de messag au démarrage et j'ai fait une ou deux arrets sans problemes, donc je pense que le probleme est résolu...
En tout cas je te dis un grand MERCI !! MERCI !! d'avoir pris du temps pour résoudre mon probleme !
Merci encore
Scan started at 02/06/2004 20:53:55
Scanning memory...
Scanning boot sectors...
Scanning files...
Scanned
============================
Objects: 19888
Directories: 1702
Archives: 770
Size(Kb): 1107873
Infected files: 0
Found
============================
Viruses found: 0
Suspicious files: 0
Disinfected files: 0
Mail files: 44
Ca me semble plutot pas mal, je n ai plus de messag au démarrage et j'ai fait une ou deux arrets sans problemes, donc je pense que le probleme est résolu...
En tout cas je te dis un grand MERCI !! MERCI !! d'avoir pris du temps pour résoudre mon probleme !
Merci encore
eu uso o AVG Free e ele detectou o virus Psw.Small.d e não consegue remove-lo e quando o virus ataca ele desliga meu computador o que fazer?????
Essa merda desse virus ta me enchendo o saco o dia inteiro e nao consigo nenhuma ferramenta para limpar o meu sistema se algue pelo amor de deus conseguir limpa-lo por favor mande esta ferramenta para mim
this fukin trojan horse make nuts for the hole day if somebody has the clean tool please send me this fukin solution please
this fukin trojan horse make nuts for the hole day if somebody has the clean tool please send me this fukin solution please
to remove Trojan.PSW.Small.d
download eScan Antivirus Toolkit Utility
http://www.mwti.net/download/tools/mwav.exe
and scan your computer.
download eScan Antivirus Toolkit Utility
http://www.mwti.net/download/tools/mwav.exe
and scan your computer.
para retirar Trojan.PSW.Small.d
fazer o download eScan Antivirus Toolkit Utility
http://www.mwti.net/download/tools/mwav.exe
e "scanner" o computador
fazer o download eScan Antivirus Toolkit Utility
http://www.mwti.net/download/tools/mwav.exe
e "scanner" o computador
to use preferably in mode without failure and to decontaminate the restoration system in order to be able to carry out a complete cleaning
utilizar preferivelmente em modo sem malogro e desativar a restauração sistema a fim de poder efectuar uma limpeza completa
utilizar preferivelmente em modo sem malogro e desativar a restauração sistema a fim de poder efectuar uma limpeza completa
I have been attacked by virus Trojan Horse PSW.Small.ID
every time AVG warns me, I do a virus scan, AVG cant cure it, but it quarantines it. But that does not help because two problems: every time I start the computer, the virus is back.
I also did the "turn off system restore", that too does not help.
every time AVG warns me, I do a virus scan, AVG cant cure it, but it quarantines it. But that does not help because two problems: every time I start the computer, the virus is back.
I also did the "turn off system restore", that too does not help.
Apologies but I am English and I do not speak French.
This is the only real hit on the WWW I can get regarding this Virus as it is not listed on Sophos, Norton, Trend or any other main stream Virus OEM software supplier.
AVG V6 will alwasy detect the virus and put in the "Vault" but every time you re-boot your P.C the Virus comes back so there must be something during start up that creates the LOL.dll file in the Windows\system32 directory, the problem is what is it?
It must be somewhere hiden in the start up routine of Windows, I use XP Pro. The LOL.DLL file is something taht Microsoft use the captuer screen text and keys pressed on the keyboard - basically assisting hackers to get at text and therefore find out passwords to sites etc.
You can easily remove the LOL.DLL file that the virus creates by using a standard "batch" files that tell teh machine to go to teh directory where it is and delete it using del lol.dll command. This will stop AVG reporting the Virus.
Has anyone managed to remove the virus totally, if so using what antivirus package?
This is the only real hit on the WWW I can get regarding this Virus as it is not listed on Sophos, Norton, Trend or any other main stream Virus OEM software supplier.
AVG V6 will alwasy detect the virus and put in the "Vault" but every time you re-boot your P.C the Virus comes back so there must be something during start up that creates the LOL.dll file in the Windows\system32 directory, the problem is what is it?
It must be somewhere hiden in the start up routine of Windows, I use XP Pro. The LOL.DLL file is something taht Microsoft use the captuer screen text and keys pressed on the keyboard - basically assisting hackers to get at text and therefore find out passwords to sites etc.
You can easily remove the LOL.DLL file that the virus creates by using a standard "batch" files that tell teh machine to go to teh directory where it is and delete it using del lol.dll command. This will stop AVG reporting the Virus.
Has anyone managed to remove the virus totally, if so using what antivirus package?
Hi Alan - don't know if you'll still be checking this thread, but I'm having the same psw.small.d problem described (AVG finds it every time I turn on the computer, despite my having moved it to the virus vault each preceding time). If I simply delete the lol.dll file, won't the computer miss it for "intended" applications? Would I have to/ be able to download a "clean" version of the file afterwards? Also, how do I delete it - just run a search for lol.dll, highlight it and then click on delete? (I have Windows XP)
Any suggestions /advice would be unbelievably appreciated - thanks!
Any suggestions /advice would be unbelievably appreciated - thanks!
Sorry, three more things.
#1 Alan, when you say "this will stop AVG reporting the virus", do you literally mean just that? Will the virus still BE there but not be reported, or will the virus truly be cleared from the system?
#2 Can someone tell me how do run the scans mentioned in <5> and <7>? How and why did metal_maniac remove the serial2k files?
#3 if I run the dScan Antivirus Toolkit Utility suggested in <14>, is it sufficient to just shut down my AVG control center first, or would I need to uninstall avg altogether (so as not to have two anti-virus programs on the computer at once)?
Merci/thank you!
#1 Alan, when you say "this will stop AVG reporting the virus", do you literally mean just that? Will the virus still BE there but not be reported, or will the virus truly be cleared from the system?
#2 Can someone tell me how do run the scans mentioned in <5> and <7>? How and why did metal_maniac remove the serial2k files?
#3 if I run the dScan Antivirus Toolkit Utility suggested in <14>, is it sufficient to just shut down my AVG control center first, or would I need to uninstall avg altogether (so as not to have two anti-virus programs on the computer at once)?
Merci/thank you!
hello i will try to answer u're question (im not english)
#2 Can someone tell me how do run the scans mentioned in <5> and <7>? How and why did metal_maniac remove the serial2k files?
u can run the scan from this site http://www.ravantivirus.com/scan/ then u clike : "continue without suscribing "
u waite few minuts till u see "ready" then clike "scan my computer"
mental_maniac removed these 2 files in "safe mode" ie (reboot + press F8 or F5)
3 if I run the dScan Antivirus Toolkit Utility suggested in <14>, is it sufficient to just shut down my AVG control center first, or would I need to uninstall avg altogether (so as not to have two anti-virus programs on the computer at once)?
i think u can use Antivirus Toolkit Utilit without uninstaling or closing u're avg .it will not creat a conflict ;)) coz it is a small programe
hope i answered u're questions
bye
#2 Can someone tell me how do run the scans mentioned in <5> and <7>? How and why did metal_maniac remove the serial2k files?
u can run the scan from this site http://www.ravantivirus.com/scan/ then u clike : "continue without suscribing "
u waite few minuts till u see "ready" then clike "scan my computer"
mental_maniac removed these 2 files in "safe mode" ie (reboot + press F8 or F5)
3 if I run the dScan Antivirus Toolkit Utility suggested in <14>, is it sufficient to just shut down my AVG control center first, or would I need to uninstall avg altogether (so as not to have two anti-virus programs on the computer at once)?
i think u can use Antivirus Toolkit Utilit without uninstaling or closing u're avg .it will not creat a conflict ;)) coz it is a small programe
hope i answered u're questions
bye
Hello Guys, talking about this awful trojan. I managed to stop windows to create this lol.dll and it worked fine, untill the AVG center told me that my computer is infected again with this horse but the problem is that the infected file in System Volume Information, but I'm not sure if it's possible to have virus in that folder, coz this folder is not accessible and also when I run AVG for Windows it doesn't find it. It seems to me that there is some problems with AVG as well. Is it possible that this program create some viruses&
hi disable your system restor like this http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
and then make another scan
bye
and then make another scan
bye
hi lena try this
remove your temporary files , remove viruses from the quarantine file of u're avg (if theu existe)
then disable your avg and run a scan online like this
http://www.ravantivirus.com/scan/ then u clike : "continue without suscribing "
u waite few minuts till u see "ready" then clike "scan my computer"
then u copy past the result of the scan here
bye
remove your temporary files , remove viruses from the quarantine file of u're avg (if theu existe)
then disable your avg and run a scan online like this
http://www.ravantivirus.com/scan/ then u clike : "continue without suscribing "
u waite few minuts till u see "ready" then clike "scan my computer"
then u copy past the result of the scan here
bye
to remove PSW.small.D go to www.grisoft.com and download the trial version of AVG version 7 then run a system check and it heals the virus completely
