Cant get rid of VB.DY, HELP !!!

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hey guys ..

Nod32 keeps saying that it has found VB.DY .. and that it is unable
to get rid of it.

I have tried every program that claimed to be able to get rid of vb.dy

including ...

adaware
pestpatrol
spybot s&d
spyware detective
spyware doctor
ewido
super antispyware
spycatcher

the problem is NONE of them see it .. just nod32

whats up with that

tia
Mike

Re: Cant get rid of VB.DY, HELP !!!

Ewido does detect it and removes it. It is probably a false positive, submit
the file to http://www.virustotal.com/en/indexf.html for analysis.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system  W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



Quoted text here. Click to load it



Re: Cant get rid of VB.DY, HELP !!!

pcbutts1 - 16.05.2006 05:01 :

Quoted text here. Click to load it

are you "betina" also? If, it's very confusing. Do you want that?

And: Please avoid always fullquoting and even placed after yout
sig-line. THX in advance for your kind understanding.

--
by(e) PS
spam will be killed


Re: Cant get rid of VB.DY, HELP !!!


| Hey guys ..
|
| Nod32 keeps saying that it has found VB.DY .. and that it is unable
| to get rid of it.
|
| I have tried every program that claimed to be able to get rid of vb.dy
|
| including ...
|
| adaware
| pestpatrol
| spybot s&d
| spyware detective
| spyware doctor
| ewido
| super antispyware
| spycatcher
|
| the problem is NONE of them see it .. just nod32
|
| whats up with that
|
| tia
| Mike

Mike:

You haven't supplied enough information.  Is "vb.dy" the name of the infector or
the file
deemed to be infected ?

Please post the fully qualified name and path to the file deemed to be infected
by NOD32.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Cant get rid of VB.DY, HELP !!!

|
Quoted text here. Click to load it

Thanks for all the replys guys ..

It said the file was in d:\system information\restore\blah blah

So I just made an exception in NOD32 exception area .. and its ok now.

thanks again
mike

Re: Cant get rid of VB.DY, HELP !!!

Mike_in_SD wrote:
Quoted text here. Click to load it

ah, well that explains a few things... it was trapped in your system
restore and you're using xp... the system restore folder(s) are
protected from modification by the user or programs run by the user by
default (you can change the file system permissions if you want)...

flushing your restore points will get rid of it for good (so you won't
need an exception in your av)...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Cant get rid of VB.DY, HELP !!!

kurt wismer wrote:
Quoted text here. Click to load it

Ah, yes. Windows XP System Restore ...

   Insanity <==> Windows XP System Restore

Once a piece of malware, and there are hundreds, has the ability to
insinuate itself into any and all WinXP Restore points, it is no
longer of any use. In such a case, the phrase "Last Known Good
Configuration" is a true oxymoron, i.e., there is absolutely no way of
knowing whether it is any _good_ or not.

Disable Windows XP System Restore, flush all restore points as Kurt
noted, and go with Lars Hederer's ERUNT utility.

   (http://www.larshederer.homepage.t-online.de/erunt /)

Even MS aficionados swear by this utility. And for those not using
WinXP (NTFS), Lars explains how to back up a FAT32 OS.

Ron :)

Re: Cant get rid of VB.DY, HELP !!!


| kurt wismer wrote:
Quoted text here. Click to load it
|>>>> Nod32 keeps saying that it has found VB.DY .. and that it is unable
|>>>> to get rid of it.
|>>>>
|>>>> I have tried every program that claimed to be able to get rid of vb.dy
Quoted text here. Click to load it
|
| Ah, yes. Windows XP System Restore ...
|
|    Insanity <==> Windows XP System Restore
|
| Once a piece of malware, and there are hundreds, has the ability to
| insinuate itself into any and all WinXP Restore points, it is no
| longer of any use. In such a case, the phrase "Last Known Good
| Configuration" is a true oxymoron, i.e., there is absolutely no way of
| knowing whether it is any _good_ or not.
|
| Disable Windows XP System Restore, flush all restore points as Kurt
| noted, and go with Lars Hederer's ERUNT utility.
|
|    (http://www.larshederer.homepage.t-online.de/erunt /)
|
| Even MS aficionados swear by this utility. And for those not using
| WinXP (NTFS), Lars explains how to back up a FAT32 OS.
|
| Ron :)

Insanity is the only sane response to an insane world !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline