Virus - Regedit, Task Manager not opening, New Folder.exe and more

[The Incredible]

I have seen that must read thread.

But I' still posting because I'm facing many of those problems collectively.


1. Task Manager + Regedit are not opening
2. New Folder.exe is everywhere
3. The device generic volume can't be stopped right now. try stopping it later
4. Computer is slow
5. can't find svicihossst file
6. my avg is reporting a virus in my kingston pen drive but is unable to remove it.
7. can't format my pen drive too
8. can't open images, videos, mp3s, .exe files
9. system is not recognising .pdf format files
10. can't run the removal tool for new folder.exe
11. can't start computer in safe mode


Pls Help

 

[Yasa_Zidfrau]

your antivirus is avg right
try kaspersky if you have money or avast for free it's better than avg
and if the virus still there after you disinfect it then use acd.see. Search the virus and delete it directly from acd.see

 

[prateek007391]

I have seen that must read thread.

But I' still posting because I'm facing many of those problems collectively.


1. Task Manager + Regedit are not opening
2. New Folder.exe is everywhere
3. The device generic volume can't be stopped right now. try stopping it later
4. Computer is slow
5. can't find svicihossst file
6. my avg is reporting a virus in my kingston pen drive but is unable to remove it.
7. can't format my pen drive too
8. can't open images, videos, mp3s, .exe files
9. system is not recognising .pdf format files
10. can't run the removal tool for new folder.exe
11. can't start computer in safe mode


Pls Help

I must say it is my experience which is speaking

avast is never able to remove the virus from the pendrive
this virus is mostly a malware & trojan in autorun.inf file it created a file named newfolder.exe or other .exe files with the name of the folder that is contained in the pendrive

It is better u get KAV 2009 though trial version or take online scanning

wait I will give u some links

 

[prateek007391]

this guy looks creative

here r some of his creations

*mrintech.com/5-best-online-virus-scanners-you-can-use

 

[mrintech]

this guy looks creative

here r some of his creations

*mrintech.com/5-best-online-virus-scanners-you-can-use

Thanks

 

[The Incredible]

I'm running KAV online in opera but everytime it hangs. Also I've tried MalwareByte's Anti Malware but that also hangs after scanning 3287 files everytime. It takes 2 seconds to scan that many files.

What to do ?

That Blog page is also not opening. Everytime the browser downloads 23% of it and then no more downloading.

Also everytime I'm logging out a small window with undefined written on it and a tab with OK on it.

Two of my friends are also facing the same problems.

I'm pasting here HiJackThis! log of one of them (Jazib).

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:37:08 AM, on 5/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Opera 10 Preview\opera.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Fonts\unwise_.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\LEE\Desktop\SDFix.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = *search.speedbit.com/
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{22E75FBA-A554-4DA7-8555-BF818D3F6312}: NameServer = 218.248.255.194 218.248.255.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{22E75FBA-A554-4DA7-8555-BF818D3F6312}: NameServer = 218.248.255.194 218.248.255.146
O17 - HKLM\System\CS2\Services\Tcpip\..\{22E75FBA-A554-4DA7-8555-BF818D3F6312}: NameServer = 218.248.255.194 218.248.255.146
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Windows Hosts Controller - Unknown owner - C:\WINDOWS\Fonts\unwise_.exe

--
End of file - 4110 bytes

 

[mrintech]

Try: *www.thinkdigit.com/forum/showthread.php?t=114327

 

[The Incredible]

I use Windows XP SP2

 

[mrintech]

when u Analyse your hijack this log here: *www.hijackthis.de , you can see there are some Nasty Processes

Try Full Scan with:

* *www.superantispyware.com/download.html
* *www.emsisoft.com/en/software/free/

Update them to latest definitions

 

[Disc_Junkie]

Try deleting the autorun.inf files from all the partitions!!

Try Noob Killer and do a 8-X Kill!!

www.freewarefiles.com/Noob-Killer_program_42299.html

Also use Trojan Remover!!

*www.download.cnet.com/
www.softpedia.com/get/Antivirus/Trojan-Remover.shtml

 

[hayabusa_ryu]

Try these. Hope it work for u :
1. Use autorun virus remover.--> Fix everything with this one
2. Install KIS 2009 trial version n remove rest
3. Install XP Manager trial n fix the rest things

 

[bilalarc]

gte the files list then, if your are some techi then try to delete the spyware files using winrar if possible , coz My pc was also infected with such **** spyware/virus so, try it then tell me

 

[The Incredible]

There's some problem with my modem. I can't connect to the net. I changed some configurations. So I can't update my anti-virus and other softwares.

Also I'm not sure whether the systems at the cafe are infected or not.

I use pendrive for data transfer.

And for the same reason I can't use online scan.

But I can go to cafe which serves me at high speed. Is there some way I can get the updates.

My computer is taking roughly 1hr to get on and even more time to do anything else.


I can't install all the anti-virus mentioned. I have to be specific.

I have AVG 8.5 in a CD.

I have few more softwares -

already installed but have installation file on disk

-MalwareBytes Anti Malware
-Loaris Trojan Remover
-Super Anti Spyware

already installed but installation file is on computer

-Spybot- Search and Destroy

not yet installed and have installation file on disk

-Panda Antivirus (old)
-Norton 360
-Kaspersky Anti-Hacker
-HijackThis!


Some S/W which are already installed are infected too such as MalwareBytes...,AVG8.5, ZoneAlarm.

Those installation files which are on disk are also undert risk that when I execute them they too may get corrupted.


What to do ?

 

[The Incredible]

Will using Linux help me in any manner ?

I have many digit Dvds with linux distros. Shall I boot with a linux and then run some antivirus ?

 

[mrintech]

Will using Linux help me in any manner ?

I have many digit Dvds with linux distros. Shall I boot with a linux and then run some antivirus ?

Read out: *www.clamav.net/download/packages/packages-linux and then Boot with suitable Live CD

 

[Disc_Junkie]

What to do ?

Actaully one of friend came yesterday with hell lotta viruses in his pen drive and his PC. This is what I did....

1. Click Start--->Run and type gpedit.msc. Click on Administrative Templates--->System and on the right pane and double clicked Turn Off Autoplay. I Enabled it and selected All drives in the drop-down menu.

2. Installed Noob Killer. So many viruses and spyware were running. No traditional antiviruses could remove them(Kaspersky and Avast). I did an 8-X Kill with it. It took 20 minutes to scan and kill the viruses. After that the computer got restarted and voila!! not even one malware was running!

3. I went to msconfig--> Startup and removed all the entries there and again restarted.

4. Deleted the New Folder.exe files from the pen drive(which didn't got deleted before the scan) and took it out.

Thus the PC was clean and clear!! Therefore try Noob Killer, it just works!!

 

[mrintech]

Can you please give here the official site for Noob Killer

 

[Disc_Junkie]

I don't think every freeware files have got an official site! But you ca go here for details..

www.freewarefiles.com/Noob-Killer_program_42299.html

 

[mrintech]

Here's your Noonie's Website: *leerz25.sitesled.com/

 

[Disc_Junkie]

^^ Thankyou very much for the link!!