Virus bhe help

Wake up two days ago, went to the PC only to find it logged off and anti virus shut down…
Did a restart but the anti virus (NOD 32 at that time) won’t open. And then I got this weird message -

http://img98.imageshack.us/img98/1093/wtfei7.jpg

After a few seconds this end of the world shutdown appeared… telling me I have 60 seconds to save my stuff cuze there’s gonna be a shutdown and then a restart…
Well… It just kept on coming after I restarted and restarted… Went online and read a few stuff about it… Used the shutdown -a thingy which did stop it at first… but now it won’t do it anymore. Called Microsoft and they gave me this antivirus - Avast! which was awesome at first! Deleting tons of viruses I had on my system… I was sure that that virus was gone… My PC was open and online for more then 22 hours straight without no weird message’s… Well… Yesterday’s night it happened again… I keep getting this virus notification from the anti virus -

Sign of "Win32:Warezov-KX[Warm]" has been found in "C\:WINDOWS\System32\sysshtic.exe
this thing is all over my log viewer at Avast!

WHAT THE HELL IS THIS?! I’ve read that this is a blaster virus? Something like that?

Anyway… Avast! just won’t delete it… can ya guys help?

Removing malware from your system is not the solution, it is only part of it and you have to do it the correct way.

Setting up proper security is also part of the solution as well as keeping your software up-to-date.

See the link in my signature for instructions.

Aight gonna do this! tnx dud

Dude I did everything! Downloaded the programs… Updated them… The disabled system restore… Went to safe mode, did the scanning, came back did the Schedule boot-time scan but it didn’t delete 'em!

WTF?! What else man?

What was the avast error message?
If you want to delete it anyway, better will be using KillBox (http://www.killbox.net/help.html) or Unlocker (http://ccollomb.free.fr/unlocker/).

Didn’t say any Error message… I made it delete everything but system files,and then made him ask me to delete them… Did all this before the scan, but there was no Erorr… he simply didn’t find it…

Well deleting it does sound good, but it’s not the answer! I read that this thing is covering up other files… And system files… Sure I can delete a system file and then get it back with - Windows repair but I need to clean the virus completely! need an update or something…

And I’m no mofoing llama!

You will probably have to format and re-install windows, llama.

This was how i got rid, but it takes time, and knowledge of registry and system settings etc…

http://forum.avast.com/index.php?topic=24199.0

Hell NO! Not formating!

I’m not saying to you to delete system files but to send to Chest infected files on system folders.
Besides, if if is an infected file that you can’t delete by any reason, then use KillBox (it will make a backup of the file).

I’m not sure where that file is…

Come onnn gotta get rid of it!

Schedule a boot time scanning and try to delete the file when detected. If deleting it fails, take note of the name and path of this file.
You’re saying that the file comes back and avast detect it but can’t delete it, when detected, take note of this info…
After that, use KillBox to delete it.

I do know where it is… But I read that this virus is a Blaster virus… meaning it can be in a couple of plcaes… anyway the path is - Sign of “Win32:Warezov-KX[Wrm]” has been found in “C:\WINDOWS\System32\sysshtic.dll”

BTW - This stupid ass virus turned off my Windows Updates… bha!

Please, take a look here: http://forum.kaspersky.com/index.php?showtopic=22865

LOL dude… Can’t you see my comments there?! I’m using both forums for answers…

:slight_smile: Hi :

  If "the thing" is covering up other files, then you MAY have
  a "rootkit" !? The best place to explore this possibility &
  get help would be the volunteer Rootkit Experts at :

  http://www.castlecops.com/f233-Rootkit_Revelations.html

  For detecting & quarantining "worms" I recommend 2
  possible program(s) NOT on Eddy's link, namely :
 1) FREE ver of "SUPERantispyware" from :
 www.superantispyware.com ;
 2) Ewido ( also FREE ) from :
 www.filehippo.com/download_ewido/?1208 .

yap… I am using both… tnx for that anyway… The only reason I believe I still have the that virus is becuase I can’t active my Windows update…