#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2010
    Posts
    1
    Rep Power
    0

    URGENT-Comp infected by malware & RECYCLER virus--please help


    Although i'm a bit experienced comp user & have faced anti-virus problems earlier---i cannot solve this one
    My computer got infected by RECYCLER virus and other etc virus, through pen drive. I have AVAST and earlier whenever i inserted in the pc it had deleted the virus from pen drive but this time it could not.

    firstly i saw
    <1> then whenever i opened the computer an error message "regsvr.exe not found" came on screen
    <2> regedit was not functioning
    <3> Avast was continuously showing that some or the other exe file in my D and E hard drive was infected--so i put these in the quarantine (note my main drive is C)

    drawing from my previous experiences
    <1> I ran Malwarebytes Anti-Malware--the log file is as under
    ---------------------------------------------------------------
    Malwarebytes' Anti-Malware 1.39
    Database version: 2421
    Windows 5.1.2600 Service Pack 2

    5/19/2010 10:54:13 PM
    mbam-log-2010-05-19 (22-54-13).txt

    Scan type: Quick Scan
    Objects scanned: 98364
    Time elapsed: 9 minute(s), 37 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 1
    Registry Data Items Infected: 6
    Folders Infected: 0
    Files Infected: 2

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msn messsenger (Backdoor.Bot) -> Quarantined

    and deleted successfully.

    Registry Data Items Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools

    (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

    (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad:

    (Explorer.exe regsvr.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) ->

    Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) ->

    Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad:

    (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\regsvr.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\WINDOWS\regsvr.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    --------------------------------------------------------
    [DID I COMMIT A MISTAKE BY DELETING THESE FILES OR SHOULD I HAVE QUARANTINED THEM]

    Now i am seeing
    <1>regedit is running
    <2>BUT many programs are non functional like firefox, chrome etc., jpg files, EXCEL
    it is giving error "Windows cannot access the specified path or file. You may not have the appropriate permission to access"

    By the way I aslo ran spyware doctor--it gave a list but could not remove them as it is A FREE VERSION
    The list is worm.autoit(6), worm.sality(24), trojan.generic(1) , keylogger(1)

    please help me--what should i do-- i have important data i need for my exams

    Comments on this post

    • jzd disagrees : FYI: skipped your post because you said URGENT.
  2. #2
  3. They're coming to take me away

    Join Date
    Jan 2005
    Location
    Florida
    Posts
    5,105
    Rep Power
    5049
    Follow ALL of the instructions in the Sticky at the top of the Antivirus forum.
    "I don't need to get a life. I'm a gamer. I have lots of lives!"
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    Tampa, FL, USA
    Posts
    7
    Rep Power
    0
    Originally Posted by asaf55
    Although i'm a bit experienced comp user & have faced anti-virus problems earlier---i cannot solve this one
    My computer got infected by RECYCLER virus and other etc virus, through pen drive. I have AVAST and earlier whenever i inserted in the pc it had deleted the virus from pen drive but this time it could not.
    Really I found KasperSky anti virus best, I using it. you try this for resolve this problem as well. Hope you'll get solution.

IMN logo majestic logo threadwatch logo seochat tools logo