Is this a virus help?

Status
Not open for further replies.

Choto Cheeta

Rebooting
possible, try a run a scan with AVS like Kaspersky, u may try their online scanner too, *www.kaspersky.com/virusscanner,

get a Anti Spyware like, Spybot, *www.spybot.info
 

boosters

In the zone
try Kaspersky or Bitdefender Online Scan. Winlogon is not a virus or spyware, it is only just like a winxo login option. It seems like a adword or spyware comes on your computer better to scan with spyware doctor.
 

47shailesh

Security Exp
i dont't think it's a virus... Most probably u have used some other ver of XP CD for ur OS install(not english ver) that's y u r facing such problem..
 

koolbluez

Šupər♂ - 超人
Me too dont think it's a virus.. some corrupt file.. that's all. As shailesh said... corrupted installation using some other MS version might have caused it... replace the corrupt files if possible using some live cds... might work...
 

Projjwal

free world from money
Yes man it's a virus . It generally comes from "Pendrive" or flash memory.to trace it open ur task manager. from "Process" tab search a process which name is "EXPLORER.EXE" (the name is in caps/capital )It's the virus. Right click then chose "end process tree".I think it will work for u. Stop it from msconfig startup menu.

I think it is not a Dengarous virus.It just add a newitem right click menu on the place open.
 

Projjwal

free world from money
47shailesh said:
^^ never heard of storage specific(pendrive) virus :D:D lol lol

No man it's not storage specific it's kind of virus which create a exe file & set it on startup.The exe always search for removable7 writable disk like ur pendrive,mp3 player,flash memory & flopy also.after finding it ,It create an autorun on that removable disk.The autorun's job is just to create the virus prototype on the specific location.
 
OP
digit i am thinking

digit i am thinking

Journeyman
WHAT the hell is this?
I format my pc still not get eliminated.
Projjwal when i try to end the process called EXPLORER.EXE it try to shut down my pc.
Also when i clicked on ????? it doesnt open removeable media insted of that it opens my documents.Only autoplay works to open removeable disk.
 

abhipal

Journeyman
digit i am thinking said:
WHAT the hell is this?
I format my pc still not get eliminated.
Projjwal when i try to end the process called EXPLORER.EXE it try to shut down my pc.
Also when i clicked on ????? it doesnt open removeable media insted of that it opens my documents.Only autoplay works to open removeable disk.

This virus has infected all of your harddisks. So even if you format your PC and install new OS, it is still on your PC in some other HDD like say D:\.

Here is the solution :

1) if the data you have on your PC is of no importance i.e. you can get that data from other friends, then format your all HDD.

2) otherwise go to a friend who has two or more antivirus (but good one like Kaspersky,AVG,Norton. Don't go for Avast, Ashampoo like antivirus. Personal experiance) and scan your whole system. But before you go to your friend install the antivirus I have suggested one by one and scan your system with updated antivirus just to minimize the risk to infect your friend's PC.


I will suggest you to go for the first option as now a days you can get your data form internet within no time if you know where to look.
No matter which option you choose after format and new installation, very first thing you do would be install antivirus and update it. After that you can go for driver/software installation.
I will also suggest you if possible use two antivirus like
kaspersky internet security + AVG
PCCillin internet security + AVG.
You must install AVG after you install Kaspersky or the PCCillin.
 

47shailesh

Security Exp
^^worst suggestion i had ever seen..

Never install more than one AV on ur system coz this always cause resource bottleneck..never ever do this ur system will hang frequently.

What we can do here small investigation if u post HijackThis log...
 

Kiran.dks

Technomancer
digit i am thinking said:
Please help me,whenever i right click on my external HDD insted of open is shows somthing ????(o). what is this? is it becaue of virus.

Your system is infected with malware.
Name: Trojan.vb.atv
Risk:High


This Trojan is usually transmitted from pen-drives. It opens two exe process "wsctf.exe" and "EXPLORER.exe". On transmitting further it kills most of the system32 process and has a disastrous effect on the computer. Proceeding further it will also make some changes in the registry, making "My Documents" folder to open automatically at Windows log-in. It also adds a value "EXPLORER.EXE" in winlogon key value and makes EXPLORER.EXE to run at start-up.

This is a Trojan, hence most of the antivirus won't recognise it. However antisyware applications do recognise it. Please follow the instructions I gave given exactly.

Removal Instructions:

1. Download and install "AVG Antispyware Free Edition".

2. Disable "System Restore" in Windows. This is very important to see that the trojan doesn't come back.

3. Restart Windows in "Safe Mode"

4. Make sure all windows are closed. Now scan complete system using AVG Antispyware

5. Quarantine all the infections displayed after scanning.

6. Now restart Windows in normal mode.

If "My Documents" folder is opening automatically after log-on, do the following changes in the registry:

1. Start>Run
2. Type "regedit" and enter
3. Propogate to:

Code:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

4. In the right pane, right-click Userinit, and then click Modify.

5. In the String dialog box, you will find "EXPLORER.EXE". This is the entry left by Trojan. Type C:\WINDOWS\system32\userinit.exe under Value data, and then click OK. (I am assuming that you installed Windows in C drive. The drive letter may vary depending upon where you installed Windows)

6. Now propogate to:

Code:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

7. In the right pane, right-click PersistBrowsers, and then click Modify.

8. In the DWORD Value dialog box, type 0 under Value data, and then click OK.

9. Exit Registry editor

10. Log-off Windows and Log-in again, "My Documents" will not open automatically now.

Your problem must be solved if you follow all these exactly.
 
Last edited:

abhipal

Journeyman
47shailesh said:
^^worst suggestion i had ever seen..

Never install more than one AV on ur system coz this always cause resource bottleneck..never ever do this ur system will hang frequently.

What we can do here small investigation if u post HijackThis log...

I think you are a man who compromises his security for speed.
I suggested those two antivirus because I use them on my PC.
Never trust and relay on only on antivirus.
Slow speed because of two antivirus is better than slow speed because of virus along with data corruption.*www.thinkdigit.com/forum/images/icons/icon8.gif *www.thinkdigit.com/forum/images/icons/icon8.gif *www.thinkdigit.com/forum/images/icons/icon8.gif
 
Last edited:

47shailesh

Security Exp
^^ one more in series :D:D
look what M$ says.
*www.law.umich.edu/currentstudents/informationtechnology/laptops/laptop-security.htm


*www.avast.com/eng/faq-other-questions.html
*www.firewallguide.com/anti-virus.htm

plz do not pm me on sily topics
 
OP
digit i am thinking

digit i am thinking

Journeyman
well I scan my External HDD and got virus in system vol information
it's a trojan horse Generic2.FRK,worm generic.fx

The virus is deleted but still the problem remains the same.
it still gives something ?????(o) insted of open.
only autoplay can be used to open the HDD.
same as in pic that i have attached earlier.
 
Status
Not open for further replies.
Top Bottom