removing virus

View previous topic View next topic Go down

removing virus

Post by abirganguly on Sun Aug 02, 2009 6:25 pm

Hello ,

I have a problem with my laptop. i was surfing and I guess I got affected pretty bad. I CANNOT open any executable files. CANNOT open command prompt. CANNOT open files downloaded from the internet. When I am double clicking any icon in the control panel its saying

C:\WINDOWS\System32\rundll32.exe
Application not found.

Sometimes there are audio files playing automatically.

Please Help!!

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by Origin on Sun Aug 02, 2009 6:25 pm

Hello abirganguly,

Welcome to Geek Police, my name is Origin and I will be helping you today. Please keep the following in mind:

  • If you do not get a reply from me or another helper within 2 days, please reply to your topic with the phrase BUMP
  • If you have any cracked/pirated software in your computer delete them or we will not help you.
  • Only follow advise from Geek Police Staff and not a regular member.
  • Do NOT run any tool without Geek Police supervision as it could hinder your system useless.
Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Sun Aug 02, 2009 6:30 pm

I did download Hijackthis ...but I cannot run the executable..Its saying " Choose the program you want to open the executable with...

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by Origin on Sun Aug 02, 2009 6:31 pm

Could be a sign of Virut, it tends to do this:

Please use the Internet Explorer browser, and do an online scan with [You must be registered and logged in to see this link.]

Note: If you have used this particular scanner before, you MAY HAVE TO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component

Click Accept, when prompted to download and install the program files and database of malware definitions.

  • Click Run at the Security prompt.
  • The program will then begin downloading and installing and will also update the database.
  • Please be patient as this can take several minutes.
  • Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Click View scan report at the bottom.
  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

    **Note**

    To optimize scanning time and produce a more sensible report for review:

  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Sun Aug 02, 2009 9:51 pm

the scan is going on......but its going to take a long long time......till now its just 1% .....in the meantime ctrl+alt+del is not working .....and when I m typing the text..like I am doing here..the cursor is strangely going back and forth automatically...could this be because of a virus as well ? its been 2hrs 33 mins ..and the progress of the scan is only 1%. Please help

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Sun Aug 02, 2009 9:52 pm

the scan is going on......but its going to take a long long time......till now its just 1% .....in the meantime ctrl+alt+del is not working .....and when I m typing the text..like I am doing here..the cursor is strangely going back and forth automatically...could this be because of a virus as well ? its been 2hrs 33 mins ..and the progress of the scan is only 1%. Please help

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by Origin on Sun Aug 02, 2009 10:02 pm

You can try ESET's scanner, its faster:

Run ESET Online Scan
Please do an online scan with
Code:
http://www.eset.com/onlinescan/
ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Uncheck (untick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Sun Aug 02, 2009 10:05 pm

I cannot open the internet explorer ......its saying the same thing..."choose an application to open "

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Mon Aug 03, 2009 2:25 am

i did the scan and here is the scan report...please suggest me something..


KASPERSKY ONLINE SCANNER 7.0 REPORT
Monday, August 3, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Sunday, August 02, 2009 19:35:17
Records in database: 2575705
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
E:\
Scan statistics
Files scanned 275253
Threat name 5
Infected objects 7
Suspicious objects 0
Duration of the scan 06:06:13

File name Threat name Threats count
c:\windows\system32\iasex.dll/c:\windows\system32\iasex.dll Infected: Trojan-Spy.Win32.Agent.aytn 1
C:\Documents and Settings\Abir\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-5407a763-1998c8dd.zip Infected: Exploit.Java.Gimsh.b 1
C:\Documents and Settings\Abir\Local Settings\Temp\ij67knbyu44.exe Infected: Trojan-Downloader.Win32.DlfBfkg.si 1
C:\WINDOWS\system32\Iasex.dll Infected: Trojan-Spy.Win32.Agent.aytn 1
C:\WINDOWS\Temp\t4m0_328269860506.bk.old Infected: Trojan-Downloader.Win32.DlfBfkg.st 1
D:\videos\odd n evens\its_n_bits\PASSWORD FINDER\ARISKKEY.EXE Infected: not-a-virus:PSWTool.Win32.Aster.55 2
The selected area was scanned.

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by Belahzur on Mon Aug 03, 2009 8:24 pm

Hello.
Please right click [You must be registered and logged in to see this link.] and select "save target as..." to save the .reg file.

Save it to your Desktop and run it. Select yes to merge with the registry.

See if you can run things now, then we'll deal with the malware.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Tue Aug 04, 2009 12:36 am

When I right click on the link......the window has no 'save target as'..only 'save link as'....I saved it to the desktop....it got saved in form of a notepad file....now its opening...but I do not know how to merge with the registry

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Tue Aug 04, 2009 2:41 am

please give me some solution.....really scared with my laptop...

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by Belahzur on Tue Aug 04, 2009 6:27 pm

Hello.
When you saved it, did it save as xxx.reg.txt?

If so, right click > Rename and remove ".txt"


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Tue Aug 04, 2009 10:29 pm

Hi Belahzur,

it is just saved in the name exefix.reg.....and it is in the form of notepad file.

Please suggest something.

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by Belahzur on Wed Aug 05, 2009 5:42 pm

Ah, then it just needs changing back to regedit.exe.
Right click the reg file > "open with..."

Is regedit on the list that opens? if so, select it and then you should get the merge prompt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Wed Aug 05, 2009 10:55 pm

nope....i right clicked the file........clicked open with... but could not find regedit...i went to choose program.....but could not find them there too.....

what should I do ? Sad tearing

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

Re: removing virus

Post by abirganguly on Thu Aug 06, 2009 12:34 am

my laptop has deteriorated considerably....i am really scared for all the data.....please please help ..urgent..

abirganguly
Novice
Novice

Status :
Online
Offline

Posts : 12
Joined : 2009-08-02
OS : XP

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum