Bit@UOM.dll.vbs

Avast Free Antivirus / Premium Security
1

avast displays a warning message which says that my flash drive is infected with Bit@UOM.dll.vbs, But I am not abe to see the file.Even after changing the settings at folder options the situation is the same, nor am I able to see the autorun.inf file too?

what is this and what is the solution
Thanks Varuna

2

If you still detecting any strange behavior or even you’re sure you’re not clean, maybe it will be good to test your machine with anti-rootkit applications. I suggest AVG, Panda and/or F-Secure BlackLight.

3

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.

Ensure that you have view hidden files and folders and also show system files, windows explorer, Tools, Folder Options, View tab, see image.

4

is that your computer are infected by microsoftpowerpoint.exe before???
Or maybe when u tried to show the hidden file the hidden file still not showing itself???
If that happen see the post “youtube and mozilla virus”…

i have post some registry item to merge to the registry so that problem will be solved…

5

Hi DavidR
This is what the log file contains
29/09/2007 22:57:35 Varuna Seneviratna 832 Sign of “VBS:Solow” has been found in “E:\Bit@UOM.dll.vbs” file.
And also I would like to know how to edit the autorun.inf file
Your alterrations to view the autorun and the virus files really worked thanks for the help
Varuna :slight_smile:

6

Ah so it is infected with VBS:Solow, which is a worm. This usually spreads through removable drives and places another file in the windows folder and creates a registry entry to run that VBS file on startup, since avast didn’t find anything in the windows folder or other locations on your hard disk it probably caught it and stopped it from spreading.

You say you can’t see the E:\Bit@UOM.dll.vbs file, which may well be correct depending on your response when avast detected it. You should have had a number of choices, Move to chest (best), Delete (worst), Repair (only if possible and not in this case), etc. What choice did you select ?

The autorun.inf file is just a text file so it can be edited with notepad or any text editor. I would imagine that it has an entry to run the E:\Bit@UOM.dll.vbs visual basic script file (which hopefully avast dealt with), remove that line, save and exit. If there is anything else in the file post the contents here and we can have a look at it.