help msn virus!

Discussion in 'malware problems & news' started by fuzi0n, Oct 21, 2005.

Thread Status:
Not open for further replies.
  1. Fuzi0n

    Fuzi0n Registered Member

    Joined:
    Oct 21, 2005
    Posts:
    12
    ok this is weird, i spent like an hour last night trying to get safe mode to open, but it didnt, so i gave up and went to sleep. turned on my pc this morning. and for some reason, that virus doesnt seem to be there.

    task manager stays open
    that text doesnt seem to be pasting, but ill keep this post box open for a while, just to test it.
    and hijack this opens fine.

    i guess a few of them adaware and virus scan things got rid of it. that ewido did it i think, deleted quite a few infected files for me.

    my firefox keeps minimizing by itself every now and then, but i am running s+D and adaware. ill report bk after theyve finished
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Once you think you are clean, run through the entire process again in Safe Mode, just to be sure.

    Let us know how you go.

    Cheers :D
     
  3. Fuzi0n

    Fuzi0n Registered Member

    Joined:
    Oct 21, 2005
    Posts:
    12
    Ill pass that :p lol it seems to be ok. everythings fine. if its not broke, dont fix it.

    Just one other thing, is there a way to stop or remove things from when my pc starts up, and all the programmes load in the bottom bar, near the clock, can i stop things from start up loading? o_O
     
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    REALLY bad idea, if your system is not clean you will open yourself back up to reinfection.

    Can you run Hijack This again and send your Log to me in a Private Message.

    Cheers :D
     
  5. Fuzi0n

    Fuzi0n Registered Member

    Joined:
    Oct 21, 2005
    Posts:
    12
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    You are still infected, you need to post that log at www.castlecops.com and have a specialist look at your log, you also need to follow their advice precisely, or you will be wasting everybody’s time...

    Cheers :D
     
  7. Fuzi0n

    Fuzi0n Registered Member

    Joined:
    Oct 21, 2005
    Posts:
    12
    grrrt
     
  8. Fuzi0n

    Fuzi0n Registered Member

    Joined:
    Oct 21, 2005
    Posts:
    12
  9. beetlejuice69

    beetlejuice69 Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    780
    Go to Start-Run then type in msconfig once that opens you`ll see the start up there. Just becareful of what ya uncheck.
     
  10. frankf

    frankf Registered Member

    Joined:
    Oct 23, 2005
    Posts:
    2
    this dam thing blocks everthing on my XP-SP2 machine ! no chance to get into safe mode! it ignores the F8 key, the boot.ini and you can't get into taskmanager, regedit nor msconfig...
     
  11. Hi... Strange thing your av didn't catch it when it arrived on your system. Was it up to date?

    If nothing else will do the trick, I hope your backup policy is good, so you just have to restore some recent image of your drive to solve matters.

    If not, you may want to use some Linux Knoppix Live CD, which will allow you to load and run a complete Linux interface from the RAM without installing on hard drive, so the tools will allow you to perform maintenance on your partition, for example launch some FProt antivirus or something.

    Good luck anyway.
     
  12. frankf

    frankf Registered Member

    Joined:
    Oct 23, 2005
    Posts:
    2
    i think i got it.. but not with the complete check ( this discovered just a few minor flaws )

    check for a file called svshost.exe ( not svchost.exe ! ) in your registry and on your systemfiles ( i found it in c:\windows\system32\ihrbvzh\svshost.exe )

    After removing those entries / files my system works okay now.
     
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    That is at least part of the problem.

    Cheers :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.