TechSpot

Deadly Virus

By ckj
Apr 9, 2009
  1. Hi All,

    my pc has been infected with a deadly virus. Tried adware, superantispyware, trojan remover etc...

    It disables taskmanager and regedit: Below are details:

    Disabled task Manager: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system, Disable TaskMgr

    Disabled Registry Tools: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system, DisableRegistry Tools
     
  2. B00kWyrm

    B00kWyrm TechSpot Paladin Posts: 1,436   +37

    You _will_ find the help you need here...

    First you need to read, understand, and strictly follow the directions
    which you find at the top of this board.

    Start with... http://www.techspot.com/vb/topic120350.html
    Then ... http://www.techspot.com/vb/topic58138.html
    Followed by ... http://www.techspot.com/vb/topic65943.html

    Once you have posted the three logs mentioned in the 8 steps,
    one of the experienced helpers will be more able to assist you.

    How to post your Hijackthis log-file as an ATTACHMENT:
    http://www.techspot.com/vb/topic19133.html

    Good Luck. Repost if you have difficulties along the way.
     
  3. ckj

    ckj TS Rookie Topic Starter

    Logs of Malware and Super Antipware attached.

    The logs I gave in the 1st post are from exterminate it.

    Everytime I scan, these are the same logs I get. I remove them every time, but same logs.

    Plz help me out.

    Hi,

    I have attached hijack log.
     
  4. touch

    touch TS Rookie Posts: 978

    I notice that you do not seem to be running antivirus software.This is somewhat suicidal in today's digital world.


    Download the Norton Removal Tool (SymNRT) to your Desktop.
    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039
    Once downloaded please close ALL open browsers, also save any work because this may require a restart.

    Go to your desktop and double click on the removal tool and then click Setup.
    Once open Click Next
    Accept the license agreement and click Next
    Type in the letters/numbers that you see into the text box then click Next.
    Then click Next and the tool will start running.
    Once finished restart the PC and run the tool again to ensure everything has been removed.
    Delete Nortonremoval tool from your Desktop.

    Restart

    Install Avira Free AntiVirus, from here ->
    Avira
    Or: Avast

    Install, check for updates, run a complete systemscan

    Run Malwarebytes again; Update it; then run a full scan (remove all found Malwares)

    Reboot, attach new hijackthis log, along with new malwarebyte log.
     
  5. ckj

    ckj TS Rookie Topic Starter

    tried installing Norton cleaner and then Avast and Avira....but the virus just does not allows me to do that...now it removed the sound drivers from my pc and I cannot install them again...
     
  6. touch

    touch TS Rookie Posts: 978

    I have some suspicions that this could be pretty bad, but let's run a scan to see what we're dealing with.

    Download Dr.Web CureIt to the desktop:
    ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

    Doubleclick the drweb-cureit.exe file and Allow to run the express scan
    This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
    Once the short scan has finished, move dot to - Complete Scan
    Click the green arrow at the right, and the scan will start.

    Click 'Yes to all' if it asks if you want to cure/move the file.
    When the scan has finished, in the menu, click file and choose save report list
    Save the report to your desktop. The report will be called DrWeb.csv
    Close Dr.Web Cureit.

    Please attach the Dr.Web report in your next reply.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...