Re: Virus Adds Registry Entrys
- From: Malke <notreally@xxxxxxxxxxxxxxx>
- Date: Fri, 16 Feb 2007 09:56:07 -0800
John wrote:
I have a fully patched XPSP2 system, some virus keeps on adding c:\windows\winlogon.exe, c:\windows\smss.exe into HKLM\software\microsoft\currentversion\run. I checked the c:\windows and those files do not exists in c:\windows. I know they normally live in system32 folder, and they do exists in system32 folder.
I ran Norton Antivirus, Window Defender and they could not find anything.
This system was previous infected with dsrss.exe, ieredir.exe, smss.exe, Trojan.Qhosts, and someother ones. The computer user kept on saying "NO" to popup for Windows Update, until it was too late.
Anybody know of a virus they maybe doing this.
Your machine is still not clean. Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/page2.html#Removing_Malware
Include scanning with either Sysclean or Multi_AV, plus AVG Anti-Spyware (formerly Ewido - http://www.ewido.net/en/) and follow instructions to do all scans in Safe Mode.
When all else fails, run HijackThis and post your log in one of the specialty forums listed at the link above (not here, please).
Standard caveat: If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop (not your local version of BigStoreUSA). Please be aware that not all local shops are skilled at removing malware and even if they are, your computer may be so infested that Windows will need to be clean-installed. Have all your data backed up before you take the machine into a shop.
Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
.
- Prev by Date: Re: virus on my computer
- Next by Date: Re: Unable to instal McAfee Security Suite 2006 on ME
- Previous by thread: Re: virus on my computer
- Next by thread: Re: Virus Adds Registry Entrys
- Index(es):
Relevant Pages
|
