Jump to content

a-squared cannot remove the following files

Recommended Posts

Hey there,

Did a deep scan and found some malware thanks to a-squared FREE. However, it could not get rid of the items in the following log:

a-squared Free - Version 4.5
Last update: 30/09/2009 11:47:24 PM

Scan settings:

Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\, D:\, E:\, F:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:	30/09/2009 11:48:07 PM

E:\System Volume Information\_restore{D7282F60-B40B-4CCF-AA32-A5EF552EFE49}\RP177\A0068249.exe/regfix.exe 	detected: Trojan-Dropper.Win32.VB!IK
E:\System Volume Information\_restore{D7282F60-B40B-4CCF-AA32-A5EF552EFE49}\RP177\A0068249.exe/A2ANTI~1.EXE 	detected: Trojan-Dropper.Win32.VB!IK
E:\System Volume Information\_restore{D7282F60-B40B-4CCF-AA32-A5EF552EFE49}\RP177\A0068271.exe 	detected: Win32.SuspectCrc!IK
E:\System Volume Information\_restore{D7282F60-B40B-4CCF-AA32-A5EF552EFE49}\RP177\A0068274.nfo 	detected: Win32.SuspectCrc!IK
F:\Programs\0 New - SORT\Alcohol 120% v1.9.7 (Build 6221)+patch.rar/patch.exe 	detected: Riskware.Patch.Alcohol!IK
F:\Programs\0 New - SORT\Alcohol 120%.rar/Activator.exe 	detected: MalwareScope.Trojan-PWS.Game!IK
F:\Programs\0 New - SORT\Alcohol 120%.rar/keymaker.exe 	detected: Riskware.Keygen.Alcohol!IK
F:\Programs\0 New - SORT\ImTOO DVD Audio Ripper.rar/keygen.exe 	detected: Win32.SuspectCrc!IK
F:\Programs\Alcohol 120% v1.9.7 (Build 6221)+patch.rar/patch.exe 	detected: Riskware.Patch.Alcohol!IK
F:\Programs\Alcohol 120%.rar/Activator.exe 	detected: MalwareScope.Trojan-PWS.Game!IK
F:\Programs\Alcohol 120%.rar/keymaker.exe 	detected: Riskware.Keygen.Alcohol!IK
F:\Programs\ImTOO.rar/keygen.exe 	detected: Win32.SuspectCrc!IK
F:\Programs\ImTOO.rar/Lz0.nfo 	detected: Win32.SuspectCrc!IK


Files: 	440805
Traces: 	657784
Cookies: 	0
Processes: 	35


Files: 	13
Traces: 	0
Cookies: 	0
Processes: 	0
Registry keys: 	0

Scan end:	1/10/2009 9:07:23 PM
Scan time:	21:19:16

I have manually removed the ImTOO and Alcohol associated files from my system, but cannot the ones in system volume info...

any help will be appreciated

Link to post
Share on other sites

Hi Mike,

Welcome to the forum

Your logs show that you have pirated / patched Software on your system and using keygens for generating illegal product keys.

Please read special clause of the the instruction about that (see the reference below)

You must not just remove kegens / patches / cracks modules, but uninstall all illegal Software before posting reports, otherwise you will not be assisted by malware fighter.

I have manually removed the ImTOO and Alcohol associated files from my system, but cannot the ones in system volume info...

You will be advised about the way to turn off Restore Point later

After unistalling illegal software update a-squared, Deep rescan and repost

all required log files into this thread as per instruction


Read the instructions in http://forum.emsisoft.com/Default.aspx?g=posts&t=1930

Prepare and post the required log files into this thread

Wait for reply from ShadowPuterDude, Katana, or JeanInMontana for assistance and further instructions.


My regards

P.S. If you have any Antivirus with it's real-time resident being active - disable it when you are performing Deep Scan by a-squared. That will substantially decrease total time of the scan

Link to post
Share on other sites

Hey Lynx,

I got my current winXP of my mate when my last version of legit winXP died. I do not think this current version is legit so I will get back to you when I am legal. However, by that stage I will probably be free of malware (will format hard drive in the process), but I will come back if I get malware in the future.

Cheers, Mike

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...