The last time I had a virus problem I ran Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro APAC and it helped me.
Security Software Notorious Virus Problem!
- Thread starter prabs
- Start date
- Status
^^ havent read the whole thread.. .. goto safe mode.. backup all the installation files that u can..
and completely format and erase all the partitions on your harddrive...
now reinstall xp and voila you are done..
Now goto mycomputer>tools>folder options>View tab>
Select : Show All hidden files and folders
Deselect :hide extensions for known file types
Deselect: Hide protected operating system files
now disable autorun on all removable media
and when u insert your pen drive hit Windows+E .. this will take you to the explore mode..
right click on your pen drive and scan it with kaspersky
then click on your pen drive on the right and it should open up your pen drive(Click once ONLY) and u can see the hidden viruses either in folders or exe files.. click ONCE AND ONCE ONLY on the viruses ... (DO NOT DOUBLE CLICK AS YOU WILL ACTIVATE THE VIRUS.) and shift delete them...
No more pen drive viruses!!!
In addition if you require a Startup list Proggy let me know.. its a small file but immensly helpful ( i dont remember where i got it, but i can give it to you )
^^hi jack is good but not as effective as this program.
and completely format and erase all the partitions on your harddrive...
now reinstall xp and voila you are done..
Now goto mycomputer>tools>folder options>View tab>
Select : Show All hidden files and folders
Deselect :hide extensions for known file types
Deselect: Hide protected operating system files
now disable autorun on all removable media
and when u insert your pen drive hit Windows+E .. this will take you to the explore mode..
right click on your pen drive and scan it with kaspersky
then click on your pen drive on the right and it should open up your pen drive(Click once ONLY) and u can see the hidden viruses either in folders or exe files.. click ONCE AND ONCE ONLY on the viruses ... (DO NOT DOUBLE CLICK AS YOU WILL ACTIVATE THE VIRUS.) and shift delete them...
No more pen drive viruses!!!
In addition if you require a Startup list Proggy let me know.. its a small file but immensly helpful ( i dont remember where i got it, but i can give it to you )
^^hi jack is good but not as effective as this program.
kasadrohan
Contributor
Just try to format whole harddisk removing partition and reinstall windows and close internet. then first install anti virus as u like then install drivers and software these can help u
faced this same problem with my lap recently, things went pretty bad when networking failed and i couldnot connect it to any place on my offices network....i am not all that techead; so re-installed XP by formating the OS drive and installed spybot and norton 360. Updated both and things seem to be in control now...atleast!!and i pray that it remains the same, spent half a day setting things right!!!
nj_gamer
Contributor
A boot disk anti-virus is the only solution... i'm sure the virus is attached to some exe on your system/software cd, probably a setup file. the only solution is to run a virus scan via dos mode @ bootup.
To create the Rescue Disk, follow the steps in this link
Setting Anti-Malware
You might wanna try this out, but its not reccomended, since its in a beta stage. Its based on a linux live disk.
Index of /devbuilds/RescueDisk/
download and burn the iso file.
You might also need to follow the thread on the rescue disk if u encounter any problems...
[Updated]Linux Rescue disk iso - Kaspersky Lab Forum
Regards
To create the Rescue Disk, follow the steps in this link
Setting Anti-Malware
You might wanna try this out, but its not reccomended, since its in a beta stage. Its based on a linux live disk.
Index of /devbuilds/RescueDisk/
download and burn the iso file.
You might also need to follow the thread on the rescue disk if u encounter any problems...
[Updated]Linux Rescue disk iso - Kaspersky Lab Forum
Regards
prabs
Herald
I no longer think I am dealing with a an ordinary virus.
I deleted all the partitions while installing XP on Saturday Night and changed the drive size for each drive. By the time I completed the entire setup it was around 10:00 P.M. I then started to install drivers and completed that by 10:30 or 11:00 P.M. which includes installing and updating KAV 2009, CFP, Spybot 1.6.2 and Anti-Malware Bytes.
I installed KAV 2009 from CHIP DVD, the rest downloaded from filehippo. The moment I scanned with anti malware bytes it found an infection in Wextract.exe but I ignored it on finding this:
Wextract.exe - Malwarebytes Forum
Also the anti virus programs found nothing wrong with it. Immunized the system using Spybot.
I went on to install other programs all freshly downloaded apps from filehippo and chip dvd. Since the last time the problem had begun after I installed Java Run time enviroment and active X. I installed that and rebooted and checked. Later in the night after all seemed well, I started installing plugins for mozilla and started surfing using that. I also installed Opera. For both the browsers the Task Manager showed more than 200 mb ram usage when multi tab browsing was used. I thought that was bcoz of the multi tab browsing.
At 2:30 A.M. I shut it down, Last night I kept on using the system normally, at 10:30 P.M. I installed WMP 10 and Free Download Manager and installed them. I then rebooted went to msconfig and disabled wdfmgr and Btntservice and rebooted again.
I was then back to square 1. I was greeted with a log on screen. This time too I had not set a password for my account and still I would not be able to log into the system. In safe mode I can set a password and use it to log into the normal mode account. But, not otherwise. If I remove the password in normal mode log off and log in again, I am unable to log in. Again I have to repeat the safe mode steps.
So far I have not used any old software and I don't doubt filehippo.
What am I supposed to do? What I have noticed is, at both times the problem started between 10:30 P.M and 11:00 P.M. Do you think I have a virus in my bios, and if yes how can I fix that?
I deleted all the partitions while installing XP on Saturday Night and changed the drive size for each drive. By the time I completed the entire setup it was around 10:00 P.M. I then started to install drivers and completed that by 10:30 or 11:00 P.M. which includes installing and updating KAV 2009, CFP, Spybot 1.6.2 and Anti-Malware Bytes.
I installed KAV 2009 from CHIP DVD, the rest downloaded from filehippo. The moment I scanned with anti malware bytes it found an infection in Wextract.exe but I ignored it on finding this:
Wextract.exe - Malwarebytes Forum
Also the anti virus programs found nothing wrong with it. Immunized the system using Spybot.
I went on to install other programs all freshly downloaded apps from filehippo and chip dvd. Since the last time the problem had begun after I installed Java Run time enviroment and active X. I installed that and rebooted and checked. Later in the night after all seemed well, I started installing plugins for mozilla and started surfing using that. I also installed Opera. For both the browsers the Task Manager showed more than 200 mb ram usage when multi tab browsing was used. I thought that was bcoz of the multi tab browsing.
At 2:30 A.M. I shut it down, Last night I kept on using the system normally, at 10:30 P.M. I installed WMP 10 and Free Download Manager and installed them. I then rebooted went to msconfig and disabled wdfmgr and Btntservice and rebooted again.
I was then back to square 1. I was greeted with a log on screen. This time too I had not set a password for my account and still I would not be able to log into the system. In safe mode I can set a password and use it to log into the normal mode account. But, not otherwise. If I remove the password in normal mode log off and log in again, I am unable to log in. Again I have to repeat the safe mode steps.
So far I have not used any old software and I don't doubt filehippo.
What am I supposed to do? What I have noticed is, at both times the problem started between 10:30 P.M and 11:00 P.M. Do you think I have a virus in my bios, and if yes how can I fix that?
1)can u use any *.exe commands like regedit etc in normal windows mode ?
2)under taskmanager (normal mode , not safe mode) is there any svchost.exe process under ur user name?, (multiple occurence of svchost.exe under System/network/local service is normal for win os. and its ok.)
3) Is there any other suspicious file / process under ur user name in the task manager.
ps: stop d/l or using free stuff from the net. for e.g. freeware / shareware/ files/movies/pics etc...and most importantly do not open any attachments in email. ur infection is probably due to this.
infact i would recemmend do not use any huge antivir software at all like noton etc. most of them are useless and simply hog the system resources.
d/l the emergency resue disk file sav32cli.exe from the sophos website and run it in windows safe mode and post back what malware it detects.
2)under taskmanager (normal mode , not safe mode) is there any svchost.exe process under ur user name?, (multiple occurence of svchost.exe under System/network/local service is normal for win os. and its ok.)
3) Is there any other suspicious file / process under ur user name in the task manager.
ps: stop d/l or using free stuff from the net. for e.g. freeware / shareware/ files/movies/pics etc...and most importantly do not open any attachments in email. ur infection is probably due to this.
infact i would recemmend do not use any huge antivir software at all like noton etc. most of them are useless and simply hog the system resources.
d/l the emergency resue disk file sav32cli.exe from the sophos website and run it in windows safe mode and post back what malware it detects.
prabs
Herald
obama said:
1. Yes it works.
2.Nope except mozilla and opera that consumes more than 80mb as much as 200 mb at times. Multiple instances of Svchost is normal agreed but still I checked it with "tasklist /svc" in cmd and all of them seem well defined.
3.So far I only see Imapi.exe at the start but it disappears later. which is not really supposed to happen cause it never used to happen before. Also wuauclt starts despite me turning off automatic updates. Planning to turn it off through services.msc.
I think everyone here will vouch for filehippo to be safe. It is not filehippo but the time that bothers me bcoz at both the occasions it occured between 10:30 P.M. and 11:00 P.M.
I will try sav32cli but I don't think it is an ordinary malware or virus 'cause nothing could have survived partition deletion.
Here is how I plan to use sav32cli, download it set it as read-only. Reboot in safe mode and run it.
- Status