Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Pc Is Effected With Unknow Virus?


  • Please log in to reply
1 reply to this topic

#1 ranayl

ranayl

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 19 July 2007 - 09:02 AM

My PC has been Effected with Virus/Spyware. I'm using windows XP Professional .It deletes all Virus protection files immediatley when I try to run it. I checked with Ad-aware/Smithfraud but of no use. It deletes the ad-aware definition files and also the smithfraud when I'm Trying to run those. I also tried Hijackthis to have a look at log but when I tried to Run hijack this (From both normal and safe mode) it deletes hijackthis software. My applications (like word,excel) are running fine.

During my login time I gets a message Box [Windows- Registry Recovery]
"One of the files containing the system's registry data had to be recovered by use of a log or alternate copy.The recovery was successful".

Also this disables my taskmanger/run/regedit.

Can anyone please help me.

BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:07:38 AM

Posted 19 July 2007 - 07:00 PM

Hi ranayl
This seems very serious.
I know of some malware that can stop your task manager/ run/ regedit.
but to delete all the updates and hjt.... this is beyond me.
Only thing i can suggest is that once you have hjt installed....... re name it before you try to run it.
Some malware programs can recognise HJT.

Try doing the following:

Go to the folder that Hjt is saved in,
Right click on Hijackthis.exe and select Rename, rename it to 'anything you like'.exe
Double click on 'anything you like'.exe (which is still Hijackthis.exe),Run another scan and see if it will produce a log.
(when i say..... 'anything you like'.... i mean any name you can think of... no matter how silly it sounds.
Chances are, the malware won't have thought of this name. lol

If it does produce a log..................

I suggest you post a HijackThis log for examination.
A member of the HijackThis Team will walk you through, step by step, how to disinfect your computer.

Read the Preparation Guide before posting a HijackThis Log.
Please read, and follow, all directions carefully

Run a log, and post it in the HijackThis Logs and Analysis forum.

Do not, post it in this topic.
Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response from the HJT Team, because they are very busy. Please, be patient, as these people are volunteers. They will help you, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.


If you haven't heard back from them in 5 days, go to this topic, Haven't Had A Reply In Five Days?, and carefully follow all directions.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users