TechSpot

driving me mad

By alien
Oct 19, 2007
  1. Hi all, i have a problem..

    I connected a friend's iPOD to my laptop, that's when the problem started..

    Computer started running VERY slow. Java doesn't run at all. Tried a virus scan (AVG Free) but it was also running very slow (usually takes 2 hours for complete scan, now i stopped it on 9 hours). Cannot open task manager (administrator has disabled Task Manager). Another friend tried to correct it, and now task manager opens, but for a second, and goes away immediately.

    is there a way to salvage my computer, or do i just delete and reinstall everything?

    i'm attaching a hijackthis log I did.

    cheers,

    oh, and a question: if this is a virus, what good is the avg antivirus i keep updaed on my computer?
     
  2. Rik

    Rik Banned Posts: 3,814

    You need to have a read of this - If your system is infected. Read this before deciding whether to CLEAN or REFORMAT.

    Then if you should wish to proceed with cleaning your system you need to go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, Combofix, and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.


    This thread is for the use of alien only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. alien

    alien TS Rookie Topic Starter

    thanks for the reply. i've decided to format and reinstall everything.

    i've transferred my data to an external hard disc. however is it possible that the virus/programme has also been transferred with my data, and would reinfect my computer when i put y data back in?

    how can i avoid that?
     
  4. Rik

    Rik Banned Posts: 3,814

    Your infection doesnt appear to be a virus so you should be fine.

    You could always post the logs from your new install in this thread and i will happily take a look to see if your problem is gone or not.:)


    This thread is for the use of alien only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system is infected with the W32/SillyFDC-G floppy disk and network worm.

    Depending what kind of data you`ve transferred, will depend on whether you`ve transferred the infection or not.

    I advise you to post the log files from your new install as soon as you can, then we can check them out for you.

    Regards Howard :wave: :wave:

    This thread is for the use of alien only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  6. alien

    alien TS Rookie Topic Starter

    hi!

    thanks, guys, for the help.

    i've formatted, reinstalled, and transferred all my data back.

    i did a HJT, and have attached the log file.
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log shows signs of infection.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the Panda Antirootkit scan.

    Regards Howard :)

    This thread is for the use of alien only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  8. alien

    alien TS Rookie Topic Starter

    Hi Howard

    I ran through all the tests in that thread, the 3 logs are attached.

    Panda rootkit scanned 3048, detected 0.

    Really appreciate the help!

    cheers,
     
  9. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I`m finding conflicting reports on this file.

    O4 - HKUS\S-1-5-19\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'LOCAL SERVICE')

    Please do the following.

    Please visit this link http://virusscan.jotti.org/
    * Click the Browse... button
    * Navigate to the following file C:\WINDOWS\system32\msnsc.exe
    * Click Open
    * Please let me know the results.

    Regards Howard :)

    This thread is for the use of alien only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. alien

    alien TS Rookie Topic Starter

    File: msnsc.exe
    Status:
    OK(Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
    MD5: 18002e6a898b85035872cc7beea63f62
    Packers detected:
    UPX
    Bit9 reports: Not analyzed yet (more info)

    All of the test results said Found nothing
     
  11. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    In that case, you should be good to go.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of alien only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  12. alien

    alien TS Rookie Topic Starter

    that's great, thanks a lot for the advice, really appreciate it

    :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...