jesternl Posted March 30, 2009 ID:68632 Share Posted March 30, 2009 I'd be more than happy to post the MBAM and HJT logs , if only they'd run for meBeen infected with something, that writes entries to the hosts file, to stop me from going anywhere virus related. It blocks running regedit and all cleaning tools, HJT, MBAM, Eweido, CCleaner, Combofix, AlcanShorty. Oddly enough, it lets me run MSconfig and task mamanger still, but that's it.When I plug in a USB stick, it writes an entry to the autorun.inf, and a file to recycler\<SID>\filename. (easily enough to stop)I've stopped mvcserv.exe from running at startup through msconfig, but I can't delete it. I've seen in one other logs (attached,) that there is a file called nidle.exe on there as well (\userdir\appdata\nidle), can't remove it either.Can't start safemode, I get a bluescreen.Only thing I could run was OTlistsit.exe (from another forum, logs are attachedAny ideas/thoughts/suggestions?OTListIt.TxtExtras.TxtOTListIt.TxtExtras.Txt Link to post Share on other sites More sharing options...
Staff miekiemoes Posted March 31, 2009 Staff ID:68919 Share Posted March 31, 2009 Hi,The niddle already reveals your main problem... which is Virut... which is bad news.In that case, it's unfortunately a lost case - Game over situation and a format and reinstall is the fastest and especially the safest solution.You may want to read this why:Virut and other File infectors - Throwing in the Towel? So, I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc.. Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...This because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.Read here for instructions how to format and reinstall Windows: http://web.mit.edu/ist/products/winxp/adva...all-format.html Link to post Share on other sites More sharing options...
Staff miekiemoes Posted April 6, 2009 Staff ID:70874 Share Posted April 6, 2009 Since there is no feedback anymore, I assume this issue is resolved ... so, this Topic is closed.If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.Everyone else please begin a New Topic. Link to post Share on other sites More sharing options...
Recommended Posts