I've recently got infected with a virus called TrojanDownloader:Win32/Renos.dz.Window alerted me about it and i attempted to remove it with Window defender and thought that the treat was gone.But it seems to come back again everytime i remove it.about every 30 minutes it happened. i tried to go on safe mode and run all my anti-virus SpyBot S&D MalwareBytes Anti-Malware Window Defender but both Malware Bytes and SpyBot wasn't able to detect that virus. Window Defender also didn't detect that virus until later when that same warning pop up. Hope you can help me out of this one :(

Download and run Kaspersky AVP tool: http://devbuilds.kaspersky-labs.com... Once you download and start the tool: # Check below options: * Select all the objects/places to be scanned. * Settings > Customize > Heuristic analyzer > Enable deep rootkit search # Click Scan # Fix what it detects # Attach Scan log/Summary to your next message. Illustrated tutorial: http://img32.imageshack.us/img32/76... If I'm helping you and I don't reply within 24 hours send me a PM.

sorry the scan is now currently at 5% after 5hours..but don't worry i'll send the log to you as soon as it is done. i appreciate the help and sorry for late reply

To speed it up a bit close all running spyware/antivirus protection. Run the scan in safe mode. If I'm helping you and I don't reply within 24 hours send me a PM.

Scan ---- Scanned: 3518550 Detected: 14 Untreated: 0 Start time: 6/26/2009 9:44:53 AM Duration: 18:36:10 Finish time: 6/27/2009 4:21:03 AM Detected -------- Status Object ------ ------ will be deleted when the computer is restarted: Trojan program Trojan.Win32.FraudPack.own File: c:\windows\msa.exe deleted: Trojan program Trojan.Win32.FraudPack.oyl File: C:\Documents and Settings\Zodax\Desktop\Pareto_AV_Setup_RW.exe deleted: Trojan program Trojan.Win32.FraudPack.oyp File: C:\Documents and Settings\Zodax\Local Settings\Application Data\Downloaded Installations\{1B4C9447-81FA-43E8-89FE-9CA0D9B4EB39}\ParetoLogic Anti-Virus PLUS.msi//Data1.cab/paretoshellext.dll deleted: Trojan program Trojan.Win32.FraudPack.oyq File: C:\Documents and Settings\Zodax\Local Settings\Application Data\Downloaded Installations\{1B4C9447-81FA-43E8-89FE-9CA0D9B4EB39}\ParetoLogic Anti-Virus PLUS.msi//Data1.cab/pareto_av.exe deleted: Trojan program Trojan.Win32.FraudPack.own File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP11\A0002273.exe deleted: Trojan program Trojan.Win32.FraudPack.oyl File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP11\A0002276.exe deleted: Trojan program Trojan.Win32.FraudPack.oyp File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP11\A0002277.msi//Data1.cab/paretoshellext.dll deleted: Trojan program Trojan.Win32.FraudPack.oyq File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP11\A0002277.msi//Data1.cab/pareto_av.exe deleted: Trojan program Trojan.Win32.FraudPack.oyp File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP7\A0002174.msi//Data1.cab/paretoshellext.dll deleted: Trojan program Trojan.Win32.FraudPack.oyq File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP7\A0002174.msi//Data1.cab/pareto_av.exe deleted: Trojan program Trojan.Win32.FraudPack.oyp File: D:\System Volume Information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP9\A0002199.RBF deleted: Trojan program Trojan.Win32.FraudPack.oyq File: D:\System Volume Information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP9\A0002200.RBF deleted: Trojan program Trojan.Win32.FraudPack.oyq File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP11\A0002277.msi//Data1.cab deleted: Trojan program Trojan.Win32.FraudPack.oyq File: C:\system volume information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP7\A0002174.msi//Data1.cab Events ------ Time Name Status Reason ---- ---- ------ ------ 6/26/2009 9:45:04 AM Running module: smss.exe\smss.exe ok scanned Statistics ---------- Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ --------- Settings -------- Parameter Value --------- ----- Security Level Custom Action Prompt for action when the scan is complete Run mode Manually File types Scan all files Scan only new and changed files No Scan archives All Scan embedded OLE objects All Skip if object is larger than No Skip if scan takes longer than No Parse email formats No Scan password-protected archives No Enable iChecker technology No Enable iSwift technology No Show detected threats on "Detected" tab Yes Rootkits search Yes Deep rootkits search Yes Use heuristic analyzer Yes Quarantine ---------- Status Object Size Added ------ ------ ---- ----- Backup ------ Status Object Size ------ ------ ---- Sorry it took so long :D thanks again

Does it still detect virus? If I'm helping you and I don't reply within 24 hours send me a PM.

so far so good thanks for your help :D i'll confirm with you again next weekend,i got school. but i think it's gone for good because window defender will tell me it found the Win32/Renos. dz every time i switch on my computer.Thanks for taking your time to help me :D