Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anti-Virus Disabled, Internet Disabled, GUI messed up.


  • Please log in to reply
4 replies to this topic

#1 RiotStarter

RiotStarter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 27 May 2010 - 08:11 PM

G'day,


As my title probably suggests, this virus has hijacked and royally raped my pc. My Anti-Virus and spyware removal tool have disabled "NOD32" and "STOPzilla". My Taskbar is an ancient NT style "grey" and my wireless network has been disabled. It also disabled my Audio but i re-enabled that through admin tools. As well as that my USB has been messed with somehow its reads from the USB but doesn't let anything write to usb. I tried booting my anti-virus through cmd prompt but it seems that trick doesn't work anymore. And i can't find any usual suspects in my vast registry. I scanned my pc before i rebooted came up with nothing so i restarted and this bleepstorm happened. I can still run Proggys and games normally so it hasn't bleeped with any of my drivers yet but yeh it still greatly inconviniences me. Help?



OS:Windows XP
Screenshots: Can't provide because all the USB has been disabled on my PC and can't access the interwebs off of it.
Error messages: Not getting any, anything i try to start that the virus doesn't want me to it just ends with no message.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 AM

Posted 27 May 2010 - 09:27 PM

Hello and welcome.
Sounds like you have this infection..

Please follow our Removal Guide here Remove Antispyware Soft

You will move to the Automated Removal Instructions

After you completed that, post your scan log here,let me know how things are.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 RiotStarter

RiotStarter
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 29 May 2010 - 02:04 AM

Umm, it says in the rKill logs the only process its killing is rKill. And even though im running Safemode with networking i still can't access the internet. Theres no proxy setting turned on. And its saying malware bytes isn't a valid windows installation program.

?

Edited by RiotStarter, 29 May 2010 - 02:05 AM.


#4 RiotStarter

RiotStarter
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 29 May 2010 - 09:04 PM

I think i have finally found what this is, the virus is injecting itself into the system files and somehow making the Anti-virus think its a deletable file and then the anti-virus is deleting my system files. some Cognac Virus or something.

Also no matter how far i do a system restore it seems the virus has indefinitly imbedded itself in the system somehow.

Edited by RiotStarter, 29 May 2010 - 09:27 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 AM

Posted 01 June 2010 - 11:22 AM

Hi Can you use OTL
then post that log here.... Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.

Let me know if that went well.

OTL:
  • 1. Please download OTL from one of the following mirrors:
  • This is THE Mirror
    2. Save it to your desktop.
    3. Double click on the Posted Image icon on your desktop.
    4. Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT

    5. Push the Quick Scan button.
    6. Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users