[NetfreakBombay]

Quote:

Originally Posted by RAC

1) if i use external hard disk, is it safe or can the virus infect the portable HD as well?
2) should I write DVD's instead?
3) do DVD's also get infected with trojans

Backing on external HDD or DVD will work fine.

Whatever virus is there in PC, will probably find its way to External HDD or DVD as well. But that is not a problem. Take the backup.

When you do a fresh install, install AVG and let it update itself.

Now connect external HDD and run full scan on PC.

That will clean up viruses from External HDD properly. And you can copy your files back to PC.

[SLK]

yup, whatever you do - backup first.

[RAC]

@toiingg - Hi. Here are the screen shots of the current status.
Do you see anything wrong.

I am still getting a few pop ups b AVG on some minor virus threats.
I did a McAfee check on C drive and it found a virus but was unable to clean, delete or move it!!!! Will try running a new scan by AVG again.

I have a feeling that AVG has cleared most of the virus. However I am not expert and this is just a feeling.

Most Important: thanks to all for the advice.

[SLK]

I can't see anything wrong in this. Msconfig is not good enough to show everything.

If you want to try and repair and not reinstall then...
1) Download this Autoruns [It's Microsoft]
2) Run the file Autoruns.exe
3) Goto options menu and select >> "Hide signed Microsoft entries" and "Verify Code Signatures"
4) Click Refresh (i.e. scan again)
5) Goto file menu and save and send me the saved file and I can see then - smsubscriptions-at-gmail.com

Msconfig won't help AFAIK.

[ECM]

RAC
In the 1st pic which you have posted just now,see the 8th file rundll....this is a virus,it has been renamed due to its coding.Dont trust AVG free a.v,it has a habit to show min.of 4-5 virus when you scan it for the 1st time,try this.
Download Spybot-search & Destroy,update it and scan your p.c,it is not a.v but antispyware but try it and I am 100% sure that you will able to clean your system,post your comments after doing scan.Good luck to you.

[SLK]

Quote:

Originally Posted by ECM

RAC
In the 1st pic which you have posted just now,see the 8th file rundll....this is a virus,it has been renamed due to its coding.

Right! it is a virus, you can try to uncheck it in safe mode.

To enter safe mode press F8 before windows starts [before the first windows xp loading screen]

If still doesn't help, try the software ECM mentioned or send me the autoruns saved file.

[RAC]

Thank you so much guys. I really appreciate you taking time to help me solve this.

@ECM - I will try that in the evening once I go back home.

@SLK - please lay it down step wise on how to uncheck this virus:

1) Enter safe mode by pressing F8 before Windows starts
2) what do I do next?

Ps: I think AVG has cleaned up my McAfee also. I am not able to update it :-(

[SLK]

Quote:

Originally Posted by RAC

1) Enter safe mode by pressing F8 before Windows starts
2) what do I do next?

3) login as you do [assuming you have admin rights]
4) run - msconfig
5) uncheck that 8th item by clicking
6) you also might want to run a scan in safe mode - its more effective
6) restart
7) if msconfig shows a pop up - tell it not to show again.

Hope this ends it, but if not then try spybot or send me the autoruns file.

[RAC]

Quote:

Originally Posted by SLK

3)
5) uncheck that 8th item by clicking
Hope this ends it, but if not then try spybot or send me the autoruns file.

Hi
I need some more guidance on how to do this:

1) how do I un-check, since I do not see any check box?
2) what is the autoruns file.

Please be patient with my basic questions.

[SLK]

1) you can't see it in your screenshot as the scrollbar is slightly towards the right. The checkbox is always there, just scroll left.
2) This just shows what all programs are bound to start with the windows startup [in detail]

[ECM]

Never commit such mistake again...one needs only one a.v at a time and not more than one else real time scanning will interact and something strange may happen ex.see bold letters below!best is uninstall both avs right now and do what I suggested spybot s&D,install it-update it and scan it,see the results which will generated in 30-40 mins depending upon your Drive,do the needful after seeing scan results,I see no need to format HDD-atleast I personally may never format my HDD for small problem like this.Good luck and Happy Diwali to all of you in advance.

Quote:

Originally Posted by RAC

Thank you so much guys. I really appreciate you taking time to help me solve this.

@ECM - I will try that in the evening once I go back home.

@SLK - please lay it down step wise on how to uncheck this virus:

1) Enter safe mode by pressing F8 before Windows starts
2) what do I do next?

Ps: I think AVG has cleaned up my McAfee also. I am not able to update it :-(

[HappyWheels]

@RAC,

Do not bother about RunDll32, it is a valid file for the C-Media (sound) card. Now, unless you do not have a C-Media sound card, this is not a virus. A Google gave this info and I believe it.

As mentioned before, can you please get hold of HijackThis ( |MG| Trend Micro HijackThis 2.02 ). It is a lightweight file and is not a installed. Meaning, you just run it without installing.

Run the file after download and after accepting the license, you will get a console with option. Click on "Do a System scan and save log file".

Once the scan is done, copy the content of the log file and paste it in the space provided @ HijackThis Logfileauswertung and click on 'Analyse this' button at the bottom.

This will give you a graphical representation of what is good and what is bad and who might be the bad guy.

This will put an end to all assumptions and give us some concrete directions to head towards.

[SLK]

ok, just to clear the confusion, that rundll32 is for C-media sound if you have one. So that might not be the answer.

[RAC]

Besides the rundll32, even though nothing suspicious is visible anymore, I am sure that my machine is still not 100% clean.
i plan to run the anti-spyware as mentioned by ECM and HappyWheels (one by one of course) to ensure that the system is 100% cleaned up.

[Aston.Martin]

Try Malwarebytes' Anti-Malware, it worked for me you can download it here Malwarebytes Anti-Malware v1 29 Multilingual WinAll Incl Keygen-CRD [h33t][MAMBO04] : Software > Windows - Other - Mininova