TechSpot

My system seems infected help me :(

By mnaumans
Dec 2, 2007
  1. Hello everybody,

    I think (as my panda virus detection report says) my pc is infected with some W32 virus. Panda detected the virus in every single .exe file I have in my system :'( But even after doing all this, i do still have something wrong with my pc, coz whenever I click to open any hard drive from my computer it shows me the open with dialog box, secondly option to view hidden files get auto reset to dont show :'( Tell me what to do .


    Regards,

    Nauman
     
  2. Jase123

    Jase123 Banned Posts: 1,122

    Hello mnaumans and welcome to Techspot. :wave:

    Please could I see an Hijackthis log - see the instructions HERE.

    Regards Jason :)
     
  3. mnaumans

    mnaumans TS Rookie Topic Starter

    here you go

    Thanks Jason, here is the attached log files
     

    Attached Files:

  4. mnaumans

    mnaumans TS Rookie Topic Starter

    Helllllllllllooooooooooooo

    Hey anybody out there to help, please do reply my system is going crazy.
     
  5. Jase123

    Jase123 Banned Posts: 1,122

    * Run HijackThis
    * Click on the Scan button
    * Put a check beside all of the items listed below:

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - (no file)

    * Close all open windows and browsers/email, etc...
    * Click on the "Fix Checked" button
    * When completed, close the application.

    Please be more specific - what exactly is happening?

    Regards Jason :)

    This thread is for the use of mnaumans ONLY. Please do NOT post your own virus/spyware problems into this thread. Instead, open a new thread in our security and the web forum.
     
  6. momok

    momok TS Rookie Posts: 2,272

    It appears these entries are also dangerous. Please tend to them Jase.

    O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe
    O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
    O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Video ActiveX Object\pmsngr.exe

    O20 - Winlogon Notify: ddccy - C:\WINDOWS\
    O20 - Winlogon Notify: khfcyvs - khfcyvs.dll (file missing)
    O20 - Winlogon Notify: winzwr32 - winzwr32.dll (file missing)

    O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)
    O22 - SharedTaskScheduler: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)

    Regards,
    momok

    This thread is for the use of mnaumans ONLY. Please do NOT post your own virus/spyware problems into this thread. Instead, open a new thread in our security and the web forum.
     
  7. Jase123

    Jase123 Banned Posts: 1,122

    I'm afraid to say that you have some trojans.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the Panda Antirootkit scan.

    Regards Jason :)

    This thread is for the use of mnaumans ONLY. Please do NOT post your own virus/spyware problems into this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.