Help Help VIRUS VIRUS(I guess)

Discussion in 'Software Q&A' started by ashu_dps, Oct 4, 2006.

Thread Status:
Not open for further replies.
  1. ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    Hi frnd
    Recently i was away frm net for abt 15 dayz as i returned i updated my Avast, Spyware blaster,Ad-aware n Spybot n started surfing. I use IE 7 n Windows Media centre SP2.
    Afr surfing a couple of pages the mouse stopped clicking, so i pressed CTRL+ALT+DEL bt only could here a DING sound, the error one.
    The mouse was working perfectly outside the page just its right click got disabled and None of the applications were starting!!
    I tried to run Avast or As-aware to run a scan bt they simply refused to start.
    Aftr sum time whn nthg worked, i closed the page n the mouse began working bt as i pressed CTRL+AL...... all that i got was a taskmanager window bt w/o anythng in it! It was just border n nthng else
    Then i went to the 'SYSTEM' folder on my desktop, there also everything had vanished, just shaded borders remained. Whn i right clicked certain application only the option of 'Pin to start menu' was present other than cut copy rename etc.
    Finally i restarted n evrythng was okay until today i opened cntrl panel and the same symptoms returned, none of the CPL applications would work n no right click n no CTRL+A.... also would work either.
    Whn i close CPL then mouse is released n in some time Contents in taskmanager also appear.

    Now plz say what to do ?

    Thanks
     
  2. Chirag

    Chirag bang bang!

    Joined:
    Feb 17, 2005
    Messages:
    1,294
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    Vadodara
    Yea same thing happened to me. Not even a/v was starting. I had no option but to format drive in which Windows was there and reinstall.:(
     
  3. OP
    OP
    ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    No, everything works aftr closing the application which causes such malfunctioning bt nw my CPL is inaccesible
     
  4. mihirvashist

    mihirvashist New Member

    Joined:
    Mar 5, 2006
    Messages:
    150
    Likes Received:
    0
    Trophy Points:
    0
    it seems to me that your computer has been infected by any one or more of any of these:-
    ->a deadly undetectable virus
    ->a root kit which has pulled viruses,trojans etc on ur comp. without got caught
    ->a trojan

    there can be many ways to solve this but can't say which onewill work or if any of these will work....try them...
    ->ask ur service men to come and use repair CD to repair ur media center edition
    ->try updating ur spyware and then scan.....
    ->or go online and get a trojan removal tool(they are specifically designed to remove trojans) and scan ur HDD
    ->if you have created a restore point then restore ur PC to that point
     
  5. OP
    OP
    ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    Bahuhuhuhu..... No restore point either.
    And i think i might be infected with any of those rootkits as nthng is being detected.
    Help Help Help
     
  6. s18000rpm

    s18000rpm ಠ_ಠ

    Joined:
    Mar 1, 2006
    Messages:
    5,608
    Likes Received:
    87
    Trophy Points:
    48
  7. Tanmay

    Tanmay New Member

    Joined:
    May 3, 2006
    Messages:
    134
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Dadar (W), Mumbai
    Last edited: Oct 4, 2006
  8. anandk

    anandk Distinguished Member

    Joined:
    Mar 8, 2005
    Messages:
    3,786
    Likes Received:
    106
    Trophy Points:
    0
    Location:
    Pune
    first download install n use 'ccleaner' to clear ALL ur pc junk.
    reboot go into safe mode and scan ur pc with ur updated avast, adawre, spybot.
    reboot. if problem still unsolved pls post ur hijackthis logfile here or at www.hijackthis.de for scrutiny. then we will see...
     
  9. OP
    OP
    ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    As i read the suggestions of u ppl, i decided to reboot in safe mode bt b4 that i decided to check CPL bt nw its working allright n also evrythng else is working fine for nw !!!!!

    Nw wht shud i do, shud i perform all these or let it be as it is ?
     
  10. anandk

    anandk Distinguished Member

    Joined:
    Mar 8, 2005
    Messages:
    3,786
    Likes Received:
    106
    Trophy Points:
    0
    Location:
    Pune
    anyway no harm in running ur av and anti-spy in safe mode, and clearing up ur pc junk :) so do it pls.

    make sure u create restore point/s....;-)
     
  11. OP
    OP
    ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    okay m gonna run em in safe mode nw n wl inform u abt the report, bt do u ppl thnk that it can b a root kit infection ?
    Actually never had one so was a bit exited, hihihihi :)
     
  12. OP
    OP
    ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    Nothng has been detected!!!!!!!

    Used all, Ad-aware,Spybot,Avast bt nthng exposed.
    Nw what to do ?
     
  13. return_of_vengeance

    return_of_vengeance New Member

    Joined:
    Aug 16, 2006
    Messages:
    176
    Likes Received:
    0
    Trophy Points:
    0
    just format the drive! i think its the only solution left as such root kits gennerally dont get noticed ......
     
  14. AshishSharma

    AshishSharma Livin' in the ghetto

    Joined:
    May 17, 2006
    Messages:
    309
    Likes Received:
    6
    Trophy Points:
    0
    Location:
    Hmm .... Home
    Why format now that everything is back to normal :)

    Just update ur antivirus and malware detection programs and scan again if nothing is found create a backup point .. thank god and carry on :)
     
  15. : SPiRiT :

    : SPiRiT : New Member

    Joined:
    Feb 14, 2006
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    0
    if the process tab is visible on the task manager..

    Wud u jus post the tasks here...

    if not available use tuneup utilities and use its task manager...
     
  16. anandk

    anandk Distinguished Member

    Joined:
    Mar 8, 2005
    Messages:
    3,786
    Likes Received:
    106
    Trophy Points:
    0
    Location:
    Pune
  17. OP
    OP
    ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    I used the root kit remover frm www.sysinternals.com n it showed me 4 discrepancies n in one entry it showed access denied which acc. to its manual should never be shown

    HKLM\S-1-5-21-1992511848-3998705894-1547661245-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{76945258-12F3-0BA3-D431-F592A30CD47E}* 9/10/2006 10:06 PM 0 bytes Key name contains embedded nulls (*)
    HKLM\SOFTWARE\Classes\Component Categories\{6F625EB1-D1B1-11D2-8B29-0050041850C1}\409 5/26/2006 11:32 PM 37 bytes Data mismatch between Windows API and raw hive data.
    HKLM\SOFTWARE\Hagel\DU Meter\Totals 10/7/2006 2:21 PM 80 bytes Data mismatch between Windows API and raw hive data.
    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 8/22/2006 8:31 PM 0 bytes Access is denied.
    C:\Documents and Settings\Ashutosh Kumar\Local Settings\Temp\~DFA83.tmp 10/7/2006 2:28 PM 16.00 KB Hidden from Windows API.
    C:\Documents and Settings\Ashutosh Kumar\Local Settings\Temp\~DFA98.tmp 10/7/2006 2:28 PM 512 bytes Hidden from Windows API.

    Just see if this makes any sense to u all n m also gonna post this at sysinternals.com to see what they have to say about it.

    @SPIRIT : I have seen n analyzed the tasks, there is nthng suspicious and i knw them
     
    Last edited: Oct 7, 2006
  18. anandk

    anandk Distinguished Member

    Joined:
    Mar 8, 2005
    Messages:
    3,786
    Likes Received:
    106
    Trophy Points:
    0
    Location:
    Pune
    nothing suspicious imo, but do get a 2nd opinion too :)
     
  19. spiderman

    spiderman New Member

    Joined:
    Sep 12, 2006
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    0
    from my side it is the problem occured due to the improper use of the avast
    avast provides the best performance than any other anti/ firewalls
    also please reinstall and then download updated virus database it will prevent the problem
     
  20. OP
    OP
    ashu_dps

    ashu_dps Hell Sucks!!!

    Joined:
    Jul 22, 2006
    Messages:
    326
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    New Delhi
    The root kit remover shows one entry as access denied, which shouldnt happen in any case according to its manual. then why thid discrepancy?
     
Thread Status:
Not open for further replies.

Share This Page