Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Warning: Spyware Threat Has Been Detected On Your Pc


  • Please log in to reply
6 replies to this topic

#1 The Kidd

The Kidd

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 09 June 2008 - 08:09 PM

I know this has come up somewhere here. But when I search nothing shows up. The machine I'm working on has the Trojandownloader virus. The biger problem is when I try to execute a program I get a rundll error and can't get to anything to fix it. Does anyone have a clue how to get around this?

BC AdBot (Login to Remove)

 


m

#2 diego_moicano

diego_moicano

  • Security Colleague
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brazil
  • Local time:09:45 AM

Posted 09 June 2008 - 08:24 PM

Hi The Kidd

Put the CD in the drive in Windows, close the window and go

start > run and type sfc /scannow, waiting the download finished and restart the PC!

Or

http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Hugs :thumbsup:

Edited by Orange Blossom, 09 June 2008 - 08:29 PM.
Move to more appropriate forum. ~ OB

UNITE & ASAP member

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,702 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:45 AM

Posted 09 June 2008 - 08:32 PM

Hello The Kidd and welcome to BC :thumbsup:

I have moved your topic to the I Am Infected forum where it can get the attention it deserves.

Can you provide us with the exact error message?

Do you get the error message if you use an application off a USB drive?

Orange Blossom :flowers:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#4 The Kidd

The Kidd
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 09 June 2008 - 08:53 PM

If I try to use add remove programs I get Application not found c:\windows\systen32\rundll.exe. If I use the run dialog for any command I get the open with dialog. It does the same thing in safe mode. I tried to do a repair and in the middle of that I was getting the open with dialog as well. It looks like the problem is in the registry but I can't get in to edit it.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:45 AM

Posted 09 June 2008 - 10:03 PM

Hello again please try downloading EXE File Association Fix (Restore default association for EXE files)
from here and it should fix this.
Windows® XP File Association Fixes

BACK Up your Registry First.
WARNING:
(The information provided above, requires a registry edit) (The recommended program, will make changes to the registry.)
Improper changes to the registry could render your computer inoperable.
Remember to backup the registry, before making any changes.
Instructions, on how to do that, can be found here:
How to back up, edit, and restore the registry
(I highly recommend, you make a copy of this article, before proceeding.)

Or you can download and use ERUNT which is an excellent free tool that allows you to to take a snapshot (backup) of your registry before making changes and restore it when needed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 The Kidd

The Kidd
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 09 June 2008 - 11:00 PM

I download that but I can't run regedit. Is there a way to run regedit from the safe mode command prompt?

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,582 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:45 AM

Posted 11 June 2008 - 07:27 AM

Did you try doing "System Restore from a command prompt in Safe Mode"?

Are you getting any error messages when trying to run regedit in normal or safe mode? If so, what does the error say?

Some malware infections target and place restrictions on files such as regedit.exe, cmd.exe and taskmgr.exe. If using System Restore does not work, then do this.

Click on the link below:
http://www.kellys-korner-xp.com/xp_tweaks.htm
Scroll down to #275 and click "Lift Restrictions - TM, Regedit and CMD" in the left column. Go to File, choose "Save page as" All Files and save regtmcmdrestore.vbs to your desktop. Double-click on that file to allow the script to run and reboot when done. Since the script modifies certain registry settings your anti-virus package may warn you about it. Ignore the warning and allow it to run.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users