Help Help VIRUS VIRUS(I guess)

Status
Not open for further replies.
A

ashu_dps

Hell Sucks!!!
Hi frnd
Recently i was away frm net for abt 15 dayz as i returned i updated my Avast, Spyware blaster,Ad-aware n Spybot n started surfing. I use IE 7 n Windows Media centre SP2.
Afr surfing a couple of pages the mouse stopped clicking, so i pressed CTRL+ALT+DEL bt only could here a DING sound, the error one.
The mouse was working perfectly outside the page just its right click got disabled and None of the applications were starting!!
I tried to run Avast or As-aware to run a scan bt they simply refused to start.
Aftr sum time whn nthg worked, i closed the page n the mouse began working bt as i pressed CTRL+AL...... all that i got was a taskmanager window bt w/o anythng in it! It was just border n nthng else
Then i went to the 'SYSTEM' folder on my desktop, there also everything had vanished, just shaded borders remained. Whn i right clicked certain application only the option of 'Pin to start menu' was present other than cut copy rename etc.
Finally i restarted n evrythng was okay until today i opened cntrl panel and the same symptoms returned, none of the CPL applications would work n no right click n no CTRL+A.... also would work either.
Whn i close CPL then mouse is released n in some time Contents in taskmanager also appear.

Now plz say what to do ?

Thanks
 
C

Chirag

Cyborg Agent
Yea same thing happened to me. Not even a/v was starting. I had no option but to format drive in which Windows was there and reinstall.:(
 
OP
A

ashu_dps

Hell Sucks!!!
No, everything works aftr closing the application which causes such malfunctioning bt nw my CPL is inaccesible
 
mihirvashist

mihirvashist

Journeyman
it seems to me that your computer has been infected by any one or more of any of these:-
->a deadly undetectable virus
->a root kit which has pulled viruses,trojans etc on ur comp. without got caught
->a trojan

there can be many ways to solve this but can't say which onewill work or if any of these will work....try them...
->ask ur service men to come and use repair CD to repair ur media center edition
->try updating ur spyware and then scan.....
->or go online and get a trojan removal tool(they are specifically designed to remove trojans) and scan ur HDD
->if you have created a restore point then restore ur PC to that point
 
OP
A

ashu_dps

Hell Sucks!!!
Bahuhuhuhu..... No restore point either.
And i think i might be infected with any of those rootkits as nthng is being detected.
Help Help Help
 
s18000rpm

s18000rpm

ಠ_ಠ
download this "RootKit Hook Analyzer" from www.resplendence.com

try to run a FULL system scan in SAFE MODE, or download a PORTABLE AV & then scan for virus

for portable antivirus go here= *portableapps.com/apps/utilities/clamwin_portable it works on USB flash drive, iPod, portable hard drive or a CD.
 
Tanmay

Tanmay

Journeyman
To save up on Reinstalling things again you can perform a Repair Install of XP and then perform a Full System Virus Scan and Spyware Scan in Safe Mode with the latest Virus and Spyware Definitions.Or if your have Unlimited Internet you can also perform a Virus Scan Online : *housecall.trendmicro.com/ OR *safety.live.com/site/en-us/default
 
Last edited:
anandk

anandk

Distinguished Member
first download install n use 'ccleaner' to clear ALL ur pc junk.
reboot go into safe mode and scan ur pc with ur updated avast, adawre, spybot.
reboot. if problem still unsolved pls post ur hijackthis logfile here or at www.hijackthis.de for scrutiny. then we will see...
 
OP
A

ashu_dps

Hell Sucks!!!
As i read the suggestions of u ppl, i decided to reboot in safe mode bt b4 that i decided to check CPL bt nw its working allright n also evrythng else is working fine for nw !!!!!

Nw wht shud i do, shud i perform all these or let it be as it is ?
 
anandk

anandk

Distinguished Member
anyway no harm in running ur av and anti-spy in safe mode, and clearing up ur pc junk :) so do it pls.

make sure u create restore point/s....;-)
 
OP
A

ashu_dps

Hell Sucks!!!
okay m gonna run em in safe mode nw n wl inform u abt the report, bt do u ppl thnk that it can b a root kit infection ?
Actually never had one so was a bit exited, hihihihi :)
 
AshishSharma

AshishSharma

Livin' in the ghetto
Why format now that everything is back to normal :)

Just update ur antivirus and malware detection programs and scan again if nothing is found create a backup point .. thank god and carry on :)
 
S

: SPiRiT :

Broken In
if the process tab is visible on the task manager..

Wud u jus post the tasks here...

if not available use tuneup utilities and use its task manager...
 
anandk

anandk

Distinguished Member
what problms r u facing now ?! dont format...yet...if u suspect rootkits download sophos or some other anti-rootkit. click *www.thinkdigit.com/forum/showthread.php?t=10476&highlight=rootkit
 
OP
A

ashu_dps

Hell Sucks!!!
I used the root kit remover frm www.sysinternals.com n it showed me 4 discrepancies n in one entry it showed access denied which acc. to its manual should never be shown

HKLM\S-1-5-21-1992511848-3998705894-1547661245-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{76945258-12F3-0BA3-D431-F592A30CD47E}* 9/10/2006 10:06 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\Component Categories\{6F625EB1-D1B1-11D2-8B29-0050041850C1}\409 5/26/2006 11:32 PM 37 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Hagel\DU Meter\Totals 10/7/2006 2:21 PM 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 8/22/2006 8:31 PM 0 bytes Access is denied.
C:\Documents and Settings\Ashutosh Kumar\Local Settings\Temp\~DFA83.tmp 10/7/2006 2:28 PM 16.00 KB Hidden from Windows API.
C:\Documents and Settings\Ashutosh Kumar\Local Settings\Temp\~DFA98.tmp 10/7/2006 2:28 PM 512 bytes Hidden from Windows API.

Just see if this makes any sense to u all n m also gonna post this at sysinternals.com to see what they have to say about it.

@SPIRIT : I have seen n analyzed the tasks, there is nthng suspicious and i knw them
 
Last edited:
S

spiderman

Broken In
from my side it is the problem occured due to the improper use of the avast
avast provides the best performance than any other anti/ firewalls
also please reinstall and then download updated virus database it will prevent the problem
 
OP
A

ashu_dps

Hell Sucks!!!
The root kit remover shows one entry as access denied, which shouldnt happen in any case according to its manual. then why thid discrepancy?
 
Status
Not open for further replies.
Top Bottom