I GOT REGISTER VIRUS...HELP PLEASE

OK. One day i searched with google game named “ragdoll masters 3.1”.
I found link to some brothersoft site and decided to look the game from there.
When i get to the site i immedially got “blue screen of death”.
It restarted my computer and when i putted it back on and programs running i saw my avast to shout about 10 of registry changes that avast stopped.
But in no-time my avast shutted down and i got my “blue screen of death” again.
Well… when i next got my omputer on and i was on my desktop i saw that avast couldnt start..None of my virus-protect programs can. I tried spybot,adaware and avast and none of them started and i checked my processes list and there was new svchost.exe.. That svchost.exe takes about 75% of my processor nad i cant stop it.
So…
-I have nothing to scan my comp.
-I can access registry but i got no idea where to go there.
-My avast, spybot or adaware won`t start
PLEASE HELP ME! :frowning:

ragdoll masters 3.1
I search some information of this file and seems like a trusted software.
Well.. when i next got my omputer on and i was on my desktop i saw that avast couldn`t start..None of my virus-protect programs can.

Maybe you can boot in safe mode and do a boot-time scan with avast.

I know its trusted but virus came from third link when i wrote "ragdoll masters3" to google..it came immedially. And i cant do boot-time scan cuz virus wont let me use avast or anything i tried to install it again but it doesnt work either.

Thing ineed is to find the registry access to erase it to use my scanners and all. ???

I hope the problem will fix with this program Combofix

READ THE INSTRUCTION BEFORE YOU USE IT>>

Virus won`t let me use combofix.exe… >:(
And if i rename it to combofix(2).exe it will start it but it start to complain that i cannot name it to combofix(2)exe or any else…

I NEED TO FIND THAT THING IN REGISTER WHAT STOPS ME FROM USING THESE ROGRAMS!!! :frowning: :frowning: :frowning: >:( >:(

Or i need program called “combofix2” and it process name must be something else that combofix so i can use it…

Anyone got ideas to find that sucker away from my register?? :-\

Any on-line scanner will work?

Kaspersky (very good detection rates)
ESET NOD32
Trendmicro housecall
F-Secure
BitDefender (free removal of the malware)

Umm… when i try example kaspersky online scanner it starts to update but i think virus prevents it to update??? because it says always that update failed…

b the way i took some screenshots… i hope they might help…

Sorry bout putting them to plunder.com but i don`t know any other place :slight_smile:
Here are links:
http://www.plunder.com/-download-147143.htm <----Failed update
http://www.plunder.com/-download-147144.htm <----Image from registry i wonder what that is???

I really thank you guys about your help and i hope you can help me trough this thing… :-[ :slight_smile:

Download DrWeb CureIT! and try a full scan in Safe Mode if possible. If it won’t run, try renaming the file.

I can`t access to safemode but thats ok

i went to that site and tried to load that program but there was some kind of “server error”.
Ill try that again later…

BUT DOES ANYONE GOT IDEAS HOW TO FIND THAT SUCKER FROM MY REGISTER???

:slight_smile:

Ok ??? Can’t you boot in Safe Mode? You’re in deep trouble…

Download it from another computer and run in yours…

Well that safemode thingy is complicated…
I can sometimes use it when im lucky but sometimes it will just skip that…

BUT REALLY!!! CAN`T SOMEONE JUST SAY WHAT SHOULD I SEEK IN REGISTRY?!?!?!?!

I am 90% sure that it`s registry virus

Yay!! I managed to scan with dr.web!! ;D ;D ;D

And it found some ACTIVE-Viruses listed here: 8) 8)
Win32.HLLM.beagle :wink:
Win32.HLLM.beagle.37697 :wink:
^^^^^^^^^^^^^^^^^^^^^^^^
[ANYBODY GOT INFO ABOUT THESE???]

~…and some INACTIVE-Viruses listed here:~ 8) 8) 8)

:stuck_out_tongue: I didn`t get so much of inactive but thats cool 8)

I will list those later…

But i think that treat is not over yet… i still cant use my scanners :cry: but computer is faster :-\ :o

…AND ME POSTING AGAIN ;D ;D

So… there are more viruses that dr.web busted 8):
Win32.HLLM.Beagles
Program.pcexec.171
Tool.prockill
Modifications on some textfiles
Arhives that contains infected files
Trojan.PWS.kone.3
Nothing more yet :stuck_out_tongue:

Run these removal tools:

http://www.sophos.com/support/disinfection/baglea.html
http://www.softpedia.com/get/Antivirus/F-Bagle.shtml

If still having problems, post a HijackThis! log.

Good programs ;D 8)
But i still got things in my registry… :frowning: :frowning:
None of now used scanner work >:(

What about the HijackThis! log?

:open_mouth: i noticed that when i press ctrl+alt+del and check processes
there is process called “flec006.exe”

Dr.web busted some kind of flec006 file but idk anymore about that
Anyone know anything about that flec?

I haven`t scanned with hijackthis yet i am unsure about that program :-[
But ill go to sleep… can you guys please get some info about those viruses i posted and that flec006.exe
THANK YOU! :smiley:

I search about the flacoo6.exe and detected as 78% dangerous.

End Process on flac006.exe and see if there is any changes.

About the Hijackthis, just download it from here then click “Do a system scan save a log” and then post the log on your next post.

I can`t use hijackthis i cannot use anything it always complains that the program is not good win32 program or something

Here is youtube vid about this:
http://www.youtube.com/watch?v=8tqeu5XNDeM

I need some registry tools or something i think ???