Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vbs:malware-gen Problem


  • Please log in to reply
1 reply to this topic

#1 kingsword11

kingsword11

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 30 January 2008 - 02:32 AM

Hi to all, and i hope you can help me with this problem

System:
Microsoft Windows XP Professional Version 2002 Service Pack 2
Pentium D 2.80 GHz
1.00 GB RAM

Web Browser: Mozilla Firefox

first of all, my brother was the last one who used the PC before i did. and when it was my turn to use it.. VOILA! viruses... how sweet

my limewire can't connect to its server and my Bittorrent cant find any seeds.. this is a virus, i think. here's the details..

so my limewire can't connect.. maybe it's a connection problem..
so what i did is to go to my web browser(to find out if i have connection problems), and there was a connection.. then i downloaded Azureus (for a test download), and i got 60kbp/s dl rate.. how can limewire and bittorrent not work?? there's gotta be some problem, right?

now, for the bittorrent, i guessed that maybe the torrent didnt really have any seeds (even though it was working fine the day before).. i dled another torrent.. a fresh and healthy one... but its still the same.. it cant find any seeds.. its just like this:

Seeds: 0(0) Peers: 0(102)

every torrent i dl is the same 0(0) seeds 0(*any integer*)

im getting really confused by then

i restarted my pc.. on the windows startup, avast detected a virus.. it was called "1.reg" and located in "C:\DOCUME~1\STAANA~1\LOCALS~Temp" .. so i moved it on the chest

now, when i used the web browser.. the connection dropped down heavily..

which lead me to restart my PC again.. then avast detected the "1.reg" virus again.. it resurrected

so i scheduled a boot-time scan with avast..

after that long wait of scanning.. avast now, didnt detect the "1.reg" file anymore.. but instead it detected "C:\a.bat" and everytime i restart, avast will always detect "a.bat" even if i move it in the chest

so now, my web browsing was also affected.. it was heavily slow

also, i found out that all hidden files cant be viewed again. i can still see my "folder options" and i can still check "Show hidden and system files"

but it immediately restarts it self to "Hide hidden and system files", it was like magic, the fact tham im losing control on my own PC is like magic

My theory:
1. my pc was attacked by a virus and it did something to my registry so that how many times i terminate it using avast.. it will still show up

2. it did something to the registry so that it will activate itself or another file at my startup and mess with my connection

please. help me.. i ran out of ideas on this one


ok.. i just found out that i cant also watch videos from youtube thanks to this virus...

i have the latest flash player and i have javascript on.. but youtube says i dont.. so it doesnt show me the videos
but when i use Internet Explorer, it shows the videos..

Edited by kingsword11, 30 January 2008 - 02:45 AM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:12:27 PM

Posted 31 January 2008 - 01:05 AM

Hello kingsword11 and welcome to BC :flowers:

Have you tried scanning with your security programs in safe mode? If not, I suggest doing so. In addition, I suggest scanning with SUPERAntiSpyware Free in Safe Mode.

Download and install SUPERAntiSpyware free found here: http://www.superantispyware.com/superantis...efreevspro.html

Be sure to click on the download button to the left, not on the free trial download on the right.

Install it and double-click the icon on your desktop to run it.
It will ask if you want to update the program definitions, click Yes.
Under Configuration and Preferences, click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
On the main screen, under Scan for Harmful Software click Scan your computer.
On the left check C:\Fixed Drive.
On the right, under Complete Scan, choose Perform Complete Scan.
Click Next to start the scan. Please be patient while it scans your computer.
After the scan is complete a summary box will appear. Click OK.
Make sure everything in the white box has a check next to it, then click Next.
It will quarantine what it found and if it asks if you want to reboot, click Yes.
To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
Click close and close again to exit the program.

Please post the log in your next reply.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users