I've got infected

comp@ddict · Nov 9, 2008

Crack file widout AV on. Happened with me, got infected with some Win32Perfibt or something virus. Wiped out the uninstall files of some 14 programs of mine. Now I'm not able to uninstall O&O Defrag 2000 Freeware, and Vista Inspirat 2 BricoPack, rest all handled by reinstalling. What shud I do god darn it!

thewisecrab · Nov 9, 2008

Thanks n6300 for the log
@Cool Buddy
To me, this seems to be the problem:

C:\WINDOWS\System32\svchost.exe

All the remaining system files (and they are clean) are in "system32"
whereas
this is in "System32" (different caps)

Try using this too:
*thinkdigit.com/forum/showpost.php?p=920275&postcount=36

ubersoldat · Nov 9, 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:15:54 PM, on 09-Nov-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe

@thewisecrab. Do u mean to say that my system is infected too? lol

. Just run Hijackthis urselves and watch the log file generated. lol

. If that doesnt help, try creating a 'System32' folder in the Windows directory urselves. lolz

.

@Cool Buddy. Try using Avast 4.8 and Windows Defender. Using Avast, scan ur C: drive for viruses and Spyware. Inmost case, ur problem should be solved. :mrgreen:

Bye

Cool Buddy · Nov 11, 2008

@ubersoldat
You do seem to be an experienced user. Thanks for your help, I'll definitely try these, but are You sure I can remove all no name no file entries safely.

BTW launchy is a good program, no problems from that, you can also try it here.
Lclock is also harmless, just shows the clock in a better way in the tray.

I think it helped, right now I'm not getting the error.
Please give your views about this entry:

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

it is 139 KB in size, the size that vundoo's dll's are generally. however hovering the mouse aboove it shows a description "client service for netware provider and authenticcation package dll company Microsoft" (how to copy text from status bar of explorer?!)

thewisecrab · Nov 11, 2008

ubersoldat said:
@thewisecrab. Do u mean to say that my system is infected too? lol . Just run Hijackthis urselves and watch the log file generated. lol . If that doesnt help, try creating a 'System32' folder in the Windows directory urselves. lolz .

@Cool Buddy. Try using Avast 4.8 and Windows Defender. Using Avast, scan ur C: drive for viruses and Spyware. Inmost case, ur problem should be solved.

Bye

I'm not very good at log files, just thought a little trial and error tricks might help...it didnt...I can see that

ubersoldat · Nov 12, 2008

Hi,

@Cool Buddy, there is no issue with the file nwprovau.dll . I checked the file and its frm MS. Comments go as: Client Service for NetWare Provider and Authentication Package DLL . Dint try Launchy. Regarding the 'no file' and 'no name' entry in HijackThis, I am not very sure becos I too have deleted these entries frm my registry and faced no probs. Not sure about urs. U have to analyse those entries.

I suggest u use Avast 4.8, an updated version of Spy-Bot and Windows Defender. Other AV I am not sure. But I can say that Avast does a better job of catching Viruses, Spyware, Adware, Malware and Trojan Horses than paid AV's like Norton and MCAffee. Just make sure that u update it daily.

Bye

Hi again everyone,

Pls check this link:

*www.seasonsecurity.com/attention-u...-your-system-microsoft-windows-xp-files-51803

Bye and Happy Virus Hunting

VarDOS · Nov 12, 2008

Hi friends,
I too have been infected with Worm/VB.QG virus......It has infected all my exe files on my PC....all my SETUPS and Installations have been infected. Those SETUPS i had dloaded from net....and are more than 60GB pls help guys

ubersoldat · Nov 12, 2008

@ Varad Dilip . Hey, I would suggest u run a boot time scan using Avast. Same thing happened with my friends PC. He got over 7000 infected exe files. lol

. Also, pls dont delete any file if avast gives u options whether to move infected file to chest or delete. U dont go to delete any file. If u do, then ur setup will be deleted rather than the Virus. lol

Bye

paroh · Nov 12, 2008

Try this as it look similar to the problem that i encounter

Code:

*www.thinkdigit.com/forum/showthread.php?t=101875

Cool Buddy · Nov 12, 2008

Problem solved.

comp@ddict · Nov 12, 2008

^^

"happy to help"

I've got infected

comp@ddict

EXIT: DATA Junkyard

thewisecrab

AFK

ubersoldat

Deadly Creature Me!

Cool Buddy

Wise Old Owl

thewisecrab

AFK

ubersoldat

Deadly Creature Me!

VarDOS

15.0 GHz

ubersoldat

Deadly Creature Me!

paroh

Padawan

Cool Buddy

Wise Old Owl

comp@ddict

EXIT: DATA Junkyard