Jump to content

!virus!


Aluno

Recommended Posts

Someone please help

 

Ive picked up a virus and i cannot use ANY of my programs apart from IE.

Im running Windows XP and ive got Norton Antivirus 2003 but it wont work any more. Everytime i try to open a program it says it cannot find the file "C:\..............exe".

Ive done an online scan on Symantec but it says that there are no viruses.

If it matters i cannot use my E-mail account either.

System Restore doesnt work and im getting really frustrated

Im young and dont deserve to be punished like this :blushing:

 

If anyone could help i would be VERY VERY thankful :(

Link to post
Share on other sites

Hey thanks for helping but i cannot view the properties of My Computer

it says "cannot find rundll32.exe" :help:

 

What do you think? Ideas welcome!

 

Thanks

 

Aluno

Link to post
Share on other sites

Hey thanks for helping but i cannot view the properties of My Computer

it says "cannot find rundll32.exe" :help:

 

What do you think? Ideas welcome!

 

Thanks

 

Aluno

 

If your internet explorer is working,,that would be what I would try before it quits.

 

maybe theres a fix tool for the virus,,we need to know what the virus is tho.

 

It still may be too late.

 

 

http://www.jsifaq.com/SUBM/tip6300/rh6330.htm

Link to post
Share on other sites

The problem is that the file association for .exe has been tampered with by the virus. You can run an exe directly by going to Start | Run and typing in the exe name but you need to know its name. For example, you could run regedit.exe to get to the registry editor. Then you could edit the hosed associations. If you can find out the name of the virus you could probably repair it manually by googling for the repair instructions.

Link to post
Share on other sites

I tried the page that VOLT recomended (thanks VOLT) but it tells me to run CMD and i cant it says that that file is missing too

 

If it helps i think i remember my Norton Antivirus picking up a virus .HLLP But when i looked it up on the symantec site it said the name and a very brief description and No Further Details

 

Also thanks for the sugestion Dave i tried to run REGEDIT but guess what

Yes, thats right it cannot find that file either

 

:mrsgreen:

Please keep helping guys

 

Much appriciated

Aluno

Link to post
Share on other sites

We still need to know what virus it is,,run the scan below,,click the "To continue without subscribing" button and see what it says,,if your machine will let you,,copy and paste whats found in the center white box when its done.and post it back here.

 

 

 

http://www.ravantivirus.com/scan/

Link to post
Share on other sites

ok Volt heres the result of the scan you told me to do

 

C:\WINDOWS\Downloaded Program Files\Search_Mp3s.exe - TrojanDownloader:Win32/Swizzor.C -> Infected

C:\WINDOWS\Downloaded Program Files\free-MP3.exe - TrojanDownloader:Win32/Swizzor.C -> Infected

C:\WINDOWS\Win_Types\WinConst.exe->(UPXW) - Backdoor:Win32/Assasin.2_0.C -> Infected

C:\WINDOWS\Win_Types\1\0.dll->(ASPack 2.12) - Backdoor:Win32/Assasin.2_0.C -> Infected

C:\WINDOWS\Win_Types\0\optifwb.exe->(UPXW) - Trojan:Win32/OptixPager -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0135777.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0135778.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0135822.exe - TrojanDownloader:Win32/Swizzor.C -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0136772.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0136779.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0136784.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0136788.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0136795.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0136821.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP197\A0136833.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP198\A0136867.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP198\A0136883.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP198\A0136910.exe->(UPXW) - Backdoor:Win32/Assasin.2_0.C -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP198\A0136912.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP198\A0136915.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP198\A0136916.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP199\A0136942.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP199\A0136963.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP199\A0137004.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP199\A0137005.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP200\A0137008.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP200\A0137011.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP200\A0137012.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP200\A0137021.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP200\A0137150.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP200\A0137167.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP205\A0137350.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP205\A0137353.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP205\A0137354.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP209\A0137391.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP209\A0137395.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP209\A0137557.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP209\A0137590.exe - TrojanDropper:Win32/FreshBind.11.B -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP209\A0137591.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP209\A0137629.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP210\A0137696.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP212\A0138866.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP213\A0138948.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP214\A0139201.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP216\A0139338.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP216\A0139404.exe - TrojanDownloader:Win32/Delf.J -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP216\A0139503.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP217\A0139584.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP217\A0139727.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP218\A0139836.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP218\A0139964.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP219\A0140355.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP220\A0140386.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP221\A0141408.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP222\A0141498.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP222\A0141583.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP223\A0141753.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP223\A0141818.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP223\A0141849.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP223\A0141867.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP224\A0141911.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP224\A0141920.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP224\A0141938.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP224\A0141964.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP224\A0141986.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP225\A0142052.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP227\A0142212.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP229\A0142520.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP229\A0142596.exe->(UPXW) - Trojan:Win32/OptixPager -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP229\A0142597.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP229\A0142598.exe->(UPXW) - Trojan:Win32/OptixPager -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP232\A0144019.exe->(UPXW) - Trojan:Win32/OptixPager -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP233\A0145301.exe->(UPXW) - Trojan:Win32/OptixPager -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP233\A0145607.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP233\A0145615.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP233\A0145639.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP233\A0145648.exe - Win32/HLLP.Hantaner.dam#2 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP178\A0130687.exe - TrojanDownloader:Win32/Swizzor.C -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP178\A0130690.exe - TrojanDownloader:Win32/Swizzor.C -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP178\A0130693.exe - TrojanDownloader:Win32/Swizzor.C -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP192\A0133855.exe - Backdoor:IRC/SdBot -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP193\A0133894.exe - Backdoor:Win32/SubSeven.2_2 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP195\A0134605.EXE - Win32/HLLP.Hantaner.dam#2 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP195\A0134621.exe - TrojanDownloader:Win32/Swizzor.C -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP195\A0134726.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP195\A0134734.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP195\A0135740.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP195\A0135741.exe->(UPXW) - Backdoor:Win32/Optix.Pro.1_3 -> Infected

 

im fairly sure the file is C:\System Volume Information\_restore{1DDEA163-70D7-47D0-8523-724086BBD845}\RP233\A0145648.exe - Win32/HLLP.Hantaner.dam#2 -> Infected

 

ps should i have done the scan with autoclean on

 

And thanks for helping me guys :beer:

Link to post
Share on other sites

OMG Aluno!! :woot: you been hangin in the wrong neighborhood!! :mrgreen:

 

 

Were you able to clean all that up?? or are ya just reformating and reinstalling windows?? ;) v

Link to post
Share on other sites
volt may be more correct in his assessment than you may think. I suspect that by the time you get done cleaning up all that mess, Windows may protest mightily by refusing to cooperate with you or anything you may tell it to do. If that, in fact, happens, you may be faced with the prospect of starting over via format c: and re-installing the Operating System. :huh: There's no need to panic though, formatting isn't the terror you might think it is.....(I've certainly done enough of it myself :mrgreen: ) -kd5-
Link to post
Share on other sites

Well most of that is in the restore folder,,and nothing can be cleaned up in there with it active.

 

And he can't get it shutdown?? ;) v

Link to post
Share on other sites

Didn't even notice the Restore part, never use it myself, have it disabled, think it's a waste of space & resources.......but that's beside the point :P

 

volt did you happen to read my edited post above? :rolleyes: -kd5-

Link to post
Share on other sites

OMG Aluno!! :woot: you been hangin in the wrong neighborhood!! :mrgreen:

 

 

Were you able to clean all that up?? or are ya just reformating and reinstalling windows?? ;) v

you guys are elegant. My only thought was "Damn.!"

 

 

back up important files ASAP.

Link to post
Share on other sites

 

volt did you happen to read my edited post above? :rolleyes: -kd5-

I just did,,and reinstalling XP ain't near as bad as some may think. ;) v
Link to post
Share on other sites

If all of those infected files are in Aluno's Restore folder.......and yet the virus has replicated into his System preventing him from accessing any .exe files, then there would be only one choice if it were up to me, and that would be to start over.

 

How can he be sure that anything he might want to salvage from his existing configuration wouldn't be corrupted, even if it isn't infected?

 

I wouldn't want to take the chance..... :( -kd5-

Link to post
Share on other sites

personally I wouldn't take the chance either. it's already screwed with all his .exe extensions so chances are even if he can get the infected files from within the restore folder (which it sounds to me like he can't get into it at all), the rest of windows may refuse to operate correctly. I agree with kd.

 

I would format and do a clean install. Better safe than sorry. Chances are almost anything he would try to save to cd might be corrupted, in which case he'd just reinfect his clean install. why take chances?

Link to post
Share on other sites

Yea its a little harsh innit but tell me

 

if i did format my C drive it would erase all the information on my disk

 

What if i tried just reinstalling windows over my current OS

 

i have a 60gb hard drive and theres lots of valuable information on it so can anyone suggest a little guidance, OH WISE MASTERS :(

Link to post
Share on other sites

its just too easy to start again from fresh.

And it gives Aluno and the computer a 2nd chance to avoid the very thing(s) that caused this predicament in the first place.

 

 

Trial and error.....that's how I learned most of what I know. ;) -kd5-

Link to post
Share on other sites

What if i tried just reinstalling windows over my current OS

 

 

NO! Re-installing Windows over the current configuration will not get rid of the virus. :(

 

And Yes, formatting will erase all data (for all intents & purposes, anyway) from the hard drive.......including the viruses you have picked up.

 

It will be like starting over. Sometimes, that can be a good thing... ;) -kd5-

Link to post
Share on other sites

So what you guys are saying is that i am screwed beyond belief

 

You'd Never guess ive been running Norton systemworks 2003 including Anti-virus 2003 since the week it came out

 

I really want to try and salvage something

Is there any way i can do something in DOS like delete the system restore file :huh:

Link to post
Share on other sites

Even that won't guarantee you'll get rid of the entire problem. I'm afraid you're gonna have to bite the bullet and just reformat your hard drive.

 

I know it's not a pleasant thought, but neither is that virus you've got either.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...