Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Serious Help....
#1
I know this should be in the computer forum, but this is read more frequently.

I have a virus(es) my computer. Ones that a virus scan will only quarantine and only prevent it form doing further damage. I have deleted partitions, re-formatted my hard drive twice, and it is still detected. I'm thinking it is a master boot record virus and is in my system files. I'm also afraid it will corrupt my registry. I've completely wiped out my computer and it is still on it. It's causing some of my driver files not to work and is constantly popping up messages like my registry should be checked, cleaned, etc. before it becomes unstable. It'll say like go to http://www.pcmed.com or http://www.regrepair.com to repair. I constantly get those messages. My cable company has even called me saying thay I have a virus on my computer and that it is hitting their systems pretty hard and if I didn't get it cleaned it, then my broadband woul be turned off.

Does ZMG or QQ have an answer for this? Do I need a startup antivirus disk and to try another re-format and reinstallation of windows to cure this? Any help would be greatly appreciated.
#2
I'll make this an announcment to try to get someone's attention quicker. Sorry I can't help.
#3
Thanx a lot Beef!
#4
I just ran a virus scan and the viruses are coming from:

C:\System Volume Information\_restore{9335DFDB-9D4A-480E-8A30-57AC345847EB}\RP9\A0012235.sys

There is about 7 files like that. The virus names are Trojan.Cachecachekit

They were all quarantined except for the one that was a rdriv.sys file. Sounds like a driver system file. QQ, could that possibly be why my mass storage HD wouldn't work? Hope this helps.
#5
Here is two of the pics of the error messages:

[Image: http://img82.imageshack.us/img82/5908/er...ge12py.gif]

[Image: http://img82.imageshack.us/img82/1346/er...ge26fc.gif]
#6
Sorry for the delay. I don't check near as often since I started working... now, did you say what OS you were using? I'm guessing it's 2000 or XP.
First thing to do is ignore the messages. The messages you're getting appear to be taking advantage of a service that automatically starts when Windows is installed. I think this is turned off when you install the latest service packs. However, to do this manually, go to Start - Run and type services.msc and hit enter. Scroll down the list until you find "messenger". Double click on it and click the Stop button. Then select Disabled from the pulldown list, Apply and Ok. That should stop the messages. It has nothing to do with MSN Messenger by the way.

As for the virus... it may not be a virus at all., but I wouldn't rule it out. After stopping the messenger service, I would say download adaware from download.com. If you need help with it, I believe there is more information in the spyware section of the computer forum. Also, go to the hijackthis forum in the computer section and follow the instructions to post your hijackthis log. Hopefully we can tell more about the situation after seeing that log file. Because it sounds to me like something is starting when the computer starts that may be using your bandwidth.

Other than that, for now, just make sure your virus protection is up to date and install any critical updates for Windows (http://www.windowsupdate.com). If it's XP, the Service pack will turn on their built in firewall which will let you know when something is trying to access something it shouldn't. I hope this helps.
#7
I just read you messages agaiin.. as for the virus in the System volume Information, it actually shouldn't be that big of a deal.. UNLESS you have to restore your system from one of those points.

These files are system files, so you really don't have permission to alter them on the surface, which is why the virus program can't delete it.

Now, there are a couple of ways to get rid of this. You can turn off system restore, reboot, then turn system restore back on. That should clear all the old files. But, if your computer isn't in the best shape, you run the risk of losing the ability to back up to a previous working state.. if one exists of course. You can turn it off by right clicking My Computer, selecting Properties, then the System Restore tab. You'll have to select the Turn off System Restore on all Drives tab then click OK.

I believe opening My Computer, right clicking on C:, selecting Properties, then hitting the Disk cleanup button will give you the same option. You will have to click the more options tab at the top then select Cleanup under system restore at the bottom. This also gives you the same problem as above. You'll lose all your restore points.

There should be a better way to do it though. I believe you can boot to safe mode, then change the properties on the System Info folder by right clicking it, or going to Folder Options or something like that. I'm not exactly sure at the moment.

Well, I hope this helps even more. If not, I'll try to check back to help out some more. good luck.
#8
Yep, I just read your post and that's exactly what I done. You should be working for Symantec because they tell you to do the same thing. 8)

I had to delete a few files in my registry also. Thanks a lot again. I'll log it as soon as I can.
#9
One more thing, where can I find the hijackthis log? It looks like that and the linux forums have been removed??
#10
Have you gotten this fixed?

Forum Jump:

Users browsing this thread: 3 Guest(s)