No regedit

Reply

Join Date: Dec 2007
Posts: 4
Reputation: gviswa18 is an unknown quantity at this point 
Solved Threads: 0
gviswa18 gviswa18 is offline Offline
Newbie Poster

Re: cmd,task manager, regedit, gpedit not working !!!

 
0
  #1
Dec 5th, 2007
Sir i am too having the same problem.. ill follow your ur instructions and post the report..... thanks.....
Reply With Quote Quick reply to this message  
Join Date: Dec 2007
Posts: 4
Reputation: gviswa18 is an unknown quantity at this point 
Solved Threads: 0
gviswa18 gviswa18 is offline Offline
Newbie Poster

Re: cmd,task manager, regedit, gpedit not working !!!

 
0
  #2
Dec 5th, 2007
sir pls update that link to sdfix....... it is broken
Reply With Quote Quick reply to this message  
Join Date: Dec 2007
Posts: 4
Reputation: gviswa18 is an unknown quantity at this point 
Solved Threads: 0
gviswa18 gviswa18 is offline Offline
Newbie Poster

Re: cmd,task manager, regedit, gpedit not working !!!

 
0
  #3
Dec 5th, 2007
sir this is the report.txt file......
pls read this...........




SDFix: Version 1.116

Run by Administrator on Wed 12/05/2007 at 07:14 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: D:\DOCUME~1\ADMINI~1\Desktop\SDFix\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

D:\WINDOWS\system\svchost.exe - Deleted
D:\WINDOWS\system32\setting.ini - Deleted




Removing Temp Files...

ADS Check:

D:\WINDOWS
No streams found.

D:\WINDOWS\system32
No streams found.

D:\WINDOWS\system32\svchost.exe
No streams found.

D:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 19:21:56
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:enabledxpsp2res.dll,-22019"
"D:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="D:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:Enabled:Yahoo! Messenger"
"D:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="D:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:Enabled:Yahoo! FT Server"
"D:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"="D:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe:Enabled:javaw"
"D:\\Program Files\\BitLord\\BitLord.exe"="D:\\Program Files\\BitLord\\BitLord.exe:Enabled:BitLord"
"D:\\Program Files\\Google\\Google Talk\\googletalk.exe"="D:\\Program Files\\Google\\Google Talk\\googletalk.exe:Enabled:Google Talk"
"D:\\Program Files\\Orbitdownloader\\orbitdm.exe"="D:\\Program Files\\Orbitdownloader\\orbitdm.exe:Enabled:Orbit"
"D:\\Program Files\\Orbitdownloader\\orbitnet.exe"="D:\\Program Files\\Orbitdownloader\\orbitnet.exe:Enabled:Orbit"
"D:\\Program Files\\Internet Explorer\\iexplore.exe"="D:\\Program Files\\Internet Explorer\\iexplore.exe:Enabled:Internet Explorer"
"D:\\Program Files\\Microsoft Games\\Age of Empires II\\empires2.exe"="D:\\Program Files\\Microsoft Games\\Age of Empires II\\empires2.exeisabled:Age of Empires II"
"D:\\Program Files\\Rediff Bol\\RediffMessenger.exe"="D:\\Program Files\\Rediff Bol\\RediffMessenger.exe:Enabled:Rediff Bol 8.0 "
"D:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="D:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:Enabled:AOL Loader"
"D:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="D:\\Program Files\\VideoLAN\\VLC\\vlc.exe:Enabled:VLC media player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:enabledxpsp2res.dll,-22019"

Remaining Files:
---------------

File Backups: - D:\DOCUME~1\ADMINI~1\Desktop\SDFix\SDFix\backups\backups.zip

Files with Hidden Attributes:

Fri 9 Nov 2007 2,668 A..H. --- "D:\Program Files\SuperGOO\MetaImage.dll"
Sun 27 Apr 2008 106,496 A.SHR --- "D:\WINDOWS\system\_sv_CMD_\_U_.exe"
Wed 28 Nov 2007 0 A..H. --- "D:\WINDOWS\SoftwareDistribution\Download\0d4a7c846fe5e74c3056c3e240c1ffeb\BITB.tmp"
Sat 22 Sep 2007 0 A..H. --- "D:\WINDOWS\SoftwareDistribution\Download\dcfb65ff18fcfdf3d0086d241818e7bc\BIT3B.tmp"
Sat 22 Sep 2007 0 A.SH. --- "D:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 23 Sep 2007 0 A..H. --- "D:\WINDOWS\SoftwareDistribution\Download\080070f6461c8001578e5e4cd4bb024b\download\BITB.tmp"

Finished!





finallly, pls suggest me any good spyware and antivirus?
Reply With Quote Quick reply to this message  
Join Date: Dec 2007
Posts: 4
Reputation: gviswa18 is an unknown quantity at this point 
Solved Threads: 0
gviswa18 gviswa18 is offline Offline
Newbie Poster

Re: cmd,task manager, regedit, gpedit not working !!!

 
0
  #4
Dec 5th, 2007
Sir thank you very much for ur advice........

Ill post other symptoms i faced before doin ur fix ......

1. when i opened my usb drive.... it did not open saying that user has no permission.....

2. i used folders pane and opened the drive..... i found that there was another folder created within the existing folder using the same name..... but it was not a folder.......it was a exe file with folder icon.....

After the fix
1. I am able to open the drive now. but i am still getting a warning from my spyware doctor anti spyware that a malicious action action has been blocked......

The msg reads
Malicious action blocked

Spyware Doctor has blocked an appln INFO.exe that is trying to access a file.....

Path: D:\windows\system\svchost.exe....

pls help me solve this
Reply With Quote Quick reply to this message  
Join Date: Feb 2004
Posts: 10,489
Reputation: crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold 
Solved Threads: 805
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: No regedit

 
0
  #5
Dec 5th, 2007
I have moved your posts to your own thread. Please do not piggy back other members posts in the hijackthis forum .
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo AV/Firewall Spywareblaster
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum


Views: 2541 | Replies: 4
Thread Tools Search this Thread



Tag cloud for Viruses, Spyware and other Nasties
access adobe alert analysis apple attack avg banks bar bing botnet botnets center child-protection children chip-and-pin code combofix commercial connect control crypto ddos dialler disk domains dumbass email europe exploit explorer fake firefox fraud google government gumblar hack hacking halloween hijack hosting hosts ibm ie8 internet iphone kneber links logfiles login malware mcafee mega-d mozilla nasties news norton panel pc phishing police pop porn pro problem redirect regedit report research rogueantivirus rootkit rsa safety samhain search security sites software spam spyware survey symantec system trojan unwanted update virus viruses vista volume vulnerability warning win windows windowsxp worm xp_antispyware_2010 yahoo zeus
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2010 DaniWeb® LLC