I was recently infected by a Win 32/Virut.A It caused a few .exe files to stop working, fixed the problem by using AVG, hyjacked and was clean, i fear it has infected run32dll.exe...

I cant open the option of user accounts, the cursor turns to the working in background one for a split second and nothing else happened. (im running 4Gb ram and 3.33Ghz...don't tink its a speed problem) but nothing happens...soo..whats up with that?

How about you post your latest Hijackthis log

I have a suggestion- worry about a good, updated antivirus program and at least 2 spyware/adware programs instead of all the useless software you were asking about.

Bobbye, please stop..ok..just stop...

Ill post the hijack log soon.

Whenever you are ready.

soon as in tommrow, computer's homw, im in work

Our first priority ought to be to answer the question(s) or solve the problem posted when possible.

Then we can make recommendations for alternatives we believe would be applicable.

Yea, can't do much without a log to show us what you have or what you don't have

Attached Files

hijackthis.log (8.4 KB, 6 views)

Update your Java Runtime Environment

• First try going to Start -> Control Panel -> double click Java
• Select the Update Tab at the top of the Java console
• Click the Check for Updates button at the bottom
• If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
• After it installs the newest version Go back to Control Panel -> Add/remove programs
• Uninstall any older versions of Java

If for some reason you couldn't update through the above instructions.

• Click the following link
  Java Runtime Environment 6 Update 5
• The 4th option down is the one you want (click Download)
• Check the box to agree to terms of service
• Check the box for your operating system and click 'Download selected'at the bottom
• After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
• Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

You aren't running Firewall Software. Please download and install one of these first!

Use a Firewall - It is very important that you use a Firewall on your computer. If you use the Windows Firewall you might think that's enough but it only controls inbound traffic. Simply using a Firewall in its default configuration can lower your risk greatly. Here are some firewalls which are free for personal use and most commonly used:
Comodo
Kerio
Online Armor
Zonealarm



To get back control of your task manager/user accounts/registry editor please try this (It won't fix the infection only the policies that have been changed)
Download to your Desktop this self-extracting ZIP archive FixPolicies.exe

• Double-click FixPolicies.exe
• Click the Install button on the bottom toolbar of the box that will open.
• The program will create a new Folder called FixPolicies
• Double-click to Open the new Folder, and then double-click the file named Fix_Policies.cmd
• A black box will briefly appear and then close. This will enable your Control Panel, Task Manager and stop any Administrative warnings.



Malwarebytes' Anti-Malware

• Please download Malwarebytes' Anti-Malware to your desktop.
  
• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidently close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Afterwards run a new scan with Hijackthis and attach here with the MBAM log

that would be correct then; no internet, no need for a firewall.
Keep the default windows version, for that day when you do get an ISP

ok malwarebyte found 6 problems and regdit was re enabled...but i still can't access the options for user accounts and folder options

1) It is an entry in your registry that can be fixed but you are more than likely still infected.

2) You aren't posting any logs to look at so I can not give any further advice without seeing what you are dealing with

Ok ill post one soon

Log attached

Attached Files

Hijackthis.txt (8.2 KB, 4 views)

----bump---

Ok this should show the affected registry entry

Combofix

• Download Combofix to your desktop.
• Double click combofix.exe & follow the prompts.
• A window will open with a warning.
• When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.

Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

Combofix will automatically save the log file to C:\combofix.txt

ok thanks..ill be back soon

Fixed the user accounts problem, the Win32virut destroys .exe files, restored it from another computer.


Used avg 8...fixed 42,679 registry problems... XD