TechSpot

any solutions??

By shadachi
Jul 10, 2007
  1. halo... sorry to bother but i realy need help ..

    i read the hijack post d.. but my com cant seem to hijack ..half way through will not responding.. my computer juz got infected but weird weird kinds of spywares ,viruses, etc..

    here's the begining..

    when i got infected while i was doing my things ..suddenly alot eror messages popped up... then explorer.exe was gone.. so i restarted the computer.. thinking it might b alrite.. but when after the login part... i hear only the window's login sound theme then i see nothing in the desktop..
    at first i cant even on task manager.. it was disabled.. i then boot the com into safe mode wit cmd .. regedit .. task manager..now got d..
    but the thing is i use task manager>new task>explorer.exe
    my desktop and icons pops out for a while then gone.. i retype explorer.exe again and again..same results.. any solutions ?? >< help
     
  2. momok

    momok TS Rookie Posts: 2,265

    Hi shadachi and welcome to techspot. =)

    I hate to mention this, but try to use proper grammer and punctuation; I can't quite understand parts of your post as it is ambiguous.

    From what I see, you are most likely infected with malware.

    Very Important: Malware infections can possibly lead to identity theft, loss of funds from bank accounts, misuse of credit card information etc. Therefore I strongly encourage you to please read this thread HERE before deciding what course of action to take regarding your infection.

    Should you clean your system, firstly do a search on your system (including all hidden files and folders) and let me know if you find them.

    C:\WINDOWS\System32\MSDATA32.EXE
    C:\WINDOWS\system32\CMD.COM
    C:\WINDOWS\system32\netstat.com
    C:\WINDOWS\system32\ping.com
    C:\WINDOWS\system32\regedit.com
    C:\WINDOWS\system32\msconfig.com
    C:\WINDOWS\system32\tasklist.com
    C:\WINDOWS\system32\taskkill.com
    C:\WINDOWS\system32\taskmgr.com
    C:\WINDOWS\system32\tracert.com

    I will instruct you on how to proceed thereafter. But first let me know if you wish to reformat or clean your system, based on the information in the thread I gave you.


    Regards,
    Your friendly momok =)

    This thread is for the use of shadachi only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. shadachi

    shadachi TS Rookie Topic Starter

    sorry for the poor grammar.. ok. i can't use the search function so i only can manually search for the programs u listed above.. i search through the task manager the new task there. then browse.. that's how i search because my explorer.exe is crashed.. and everytime i open the explorer.exe through new(task) it appears for 2 secs then just close by itself. i tried opening C:drive by right click explore when using the task manager browse function..the explorer did came out but it keeps on on and off ..i caught an image of someting copied over into my pendrive and here it is..


    Microsoft Visual C++ Runtime Library
    ---------------------------
    Buffer overrun detected!

    Program: C:\WINDOWS\explorer.exe

    A buffer overrun has been detected which has corrupted the program's
    internal state. The program cannot safely continue execution and must
    now be terminated.

    ---------------------------
    OK
    ---------------------------
     
  4. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Hello and welcome to TechSpot. :wave:

    Perhaps explorer.exe has been corrupted by malware.

    It looks like you might have a copy of the sdbot worm.

    Please read the thread that momok gave and let us know how you wish to proceed.

    Regards :)

    This thread is for the use of shadachi only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
     
  5. shadachi

    shadachi TS Rookie Topic Starter

    i've tried various ways to detect the virus or spyware.

    i even manually search these files which momok told me

    C:\WINDOWS\System32\MSDATA32.EXE
    C:\WINDOWS\system32\CMD.COM
    C:\WINDOWS\system32\netstat.com
    C:\WINDOWS\system32\ping.com
    C:\WINDOWS\system32\regedit.com
    C:\WINDOWS\system32\msconfig.com
    C:\WINDOWS\system32\tasklist.com
    C:\WINDOWS\system32\taskkill.com
    C:\WINDOWS\system32\taskmgr.com
    C:\WINDOWS\system32\tracert.com

    but i end out finding cmd.exe ping.exe but none .com files

    i tried to hijack my com but it hangs half way ..

    [​IMG]
     
  6. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    There appear to be some nasty infections.

    If I was you, I'd probably reformat my hard drive. But it's up to you.

    Can you run ComboFix or AVG Anti-Spyware? If so, please post those logs.

    Regards :)

    This thread is for the use of shadachi only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
     
  7. shadachi

    shadachi TS Rookie Topic Starter

    sorry that i don't know how to upload it.. lolx. here it is
    i supposed that i have no choice but only to reformat my com..
    but anyways this is the report log
     
  8. momok

    momok TS Rookie Posts: 2,265

    Hi,

    Can you run Hijackthis or ComboFix? Post their logs as attachments here.
    See HERE for instructions on how to attach a file.


    Regards,
    Your friendly momok =)

    This thread is for the use of sadachi only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...