Guest Fonti Posted May 26, 2008 Posted May 26, 2008 My PC is infected with a virus. It is popping up with "Your system is probably infected with latest version of Spyware.cyberlog.X. When I checked with Process explorer; it showed that one process is running "C:\WINDOWS\system32\advpackf.exe" which has written many entries in Regedit. I have killed the process and deleted all the entries in registry editor, I could find. Strange thing is when I search on C:\WINDOWS\system32\ for the file advpackf.exe even after unhiding all the files. It fails to show up, however if I run the C:\WINDOWS\system32\advpackf.exe from the Run menu, it again starts all the popups and tries to change the start up page of browser. After this virus, I am unable to start Notepad.exe, after starting Notepad immediately exits by itself. Please advice. -- SS Quote
Guest David H. Lipman Posted May 26, 2008 Posted May 26, 2008 From: "Fonti" <Fonti@discussions.microsoft.com> | My PC is infected with a virus. It is popping up with "Your system is | probably infected with latest version of Spyware.cyberlog.X. | | When I checked with Process explorer; it showed that one process is running | "C:\WINDOWS\system32\advpackf.exe" which has written many entries in Regedit. | | I have killed the process and deleted all the entries in registry editor, I | could find. | | Strange thing is when I search on C:\WINDOWS\system32\ for the file | advpackf.exe even after unhiding all the files. It fails to show up, however | if I run the C:\WINDOWS\system32\advpackf.exe from the Run menu, it again | starts all the popups and tries to change the start up page of browser. | | After this virus, I am unable to start Notepad.exe, after starting Notepad | immediately exits by itself. | | Please advice. 1. Download and execute HiJack This! (HJT) http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe 2. Disable Notepad's word wrap: In Notepad.exe; Format --> uncheck; "Word wrap" 3. Download/run Deckard's System Scanner: http://www.techsupportforum.com/sectools/Deckard/dss.exe 4. Save the scan results (Main.txt and Extra.txt) 5. And then post the contents of Main.txt and Extra.txt in your post in one of the below expert forums... { Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! } Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner Logs. NOTE: Registration is REQUIRED in any of the below before posting a log Suggested primary: http://www.thespykiller.co.uk/index.php?board=3.0 Suggested secondary: http://www.bleepingcomputer.com/forums/forum22.html http://castlecops.com/forum67.html http://www.malwarebytes.org/forums/index.php?showforum=7 Suggested tertiary: http://www.dslreports.com/forum/cleanup http://www.cybertechhelp.com/forums/forumdisplay.php?f=25 http://www.atribune.org/forums/index.php?showforum=9 http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html http://gladiator-antivirus.com/forum/index.php?showforum=170 http://forum.networktechs.com/forumdisplay.php?f=130 http://forums.maddoktor2.com/index.php?showforum=17 http://www.spywarewarrior.com/viewforum.php?f=5 http://forums.spywareinfo.com/index.php?showforum=18 http://forums.techguy.org/f54-s.html http://forums.tomcoyote.org/index.php?showforum=27 http://forums.subratam.org/index.php?showforum=7 http://www.5starsupport.com/ipboard/index.php?showforum=18 http://aumha.net/viewforum.php?f=30 http://makephpbb.com/phpbb/viewforum.php?f=2 http://forums.techguy.org/54-security/ http://forums.security-central.us/forumdisplay.php?f=13 -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.