Jump to content

i am infected.. help needed.. threats come back when i restart the system.


Recommended Posts

Hello arvindh.

When you ran MBAM, you did NOT have it remove what it detected !!!

see

Registry Keys Detected: 2

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AMSINT32 (Virus.Sality) -> No action taken.

HKLM\SYSTEM\CurrentControlSet\Services\amsint32 (Virus.Sality) -> No action taken.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 5

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools (PUM.Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Why is that ??

Also, be extremely aware that indication is you may have a "sality" infection !

Has this pc always had McAfee AntiVirus Plus ? and is it fully up-to-date ?

You just added MBAM & McAfee today, May 7. What antivirus program was installed before ?

eusa_hand.gifIf (a) you did NOT have an anti-virus application installed before, or (b) you didn't have an anti-virus application installed when the machine got infected, and/or © you've neglected to keep the machine fully patched at Windows Update....

The best and only thing to do in a case like this is to wipe the system in total and do a clean install of Windows.

See Malware Removal: When to Flatten and Reinstall

do a clean (new) Windows Install:

Before you do that, make sure you have at hand the Windows XP CD (or else you will have to use the pc-manufacturer factory restore procedure) and also, a fresh new copy of your antivirus that is downloaded from a clean pc and saved on transportable-media (CD-DVD or clean thumb drive).

When you are at point of re-installing o.s., I'd recommend you have the pc disconnected from internet until after the o.s. is installed, plus the antivirus is fully setup and running.

See Windows XP Clean Installation - Partitioning and Formatting using Windows XP CD by Ramesh Srinivasan, MS-MVP

Also Clean Install Windows by Michael Stevens, MS-MVP

I would urge you to follow the directions very carefully.

You will loose your documents so if you have some to save, offload them to a separate offline media. And later on insure you do a full scan of them by running your antivirus.

NOTE: If XP CD is from a pc manufacturer, and they bundled an AV like McAfee or Norton/Symantec trial versions, immediately de-install those, sice they will be outdated & of no use. Install your antvirus immediately after.

Other security references at Microsoft

4 steps to protect your computer

How to boost your malware defense and protect your PC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.