Question about Microsoft Computers & Internet

2 Answers

I believe my registry (winxp) is infected with w32.ahmanahe.b!inf After installing Nortonanti virus 2009 and scanning and cleaning the system it keeps coming back. Norton blocks it but their teh support tells me it's in the registry. I can't identify where.

Posted by on

2 Answers

  • Level 3:

    An expert who has achieved level 3 by getting 1000 points

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

    President:

    An expert whose answer got voted for 500 times.

  • Master
  • 1,901 Answers

Hello,

Research shows that this virus will infect .exe files. Even if you would find the registry entries you probably would not be able to rid your system of it.

You can try a couple online AV programs such as http://www.avira.com

or http://free.avg.com/

However you will probably need to wipe your drive and install your OS again.

Wish the news was better. Thanks for using Fixya.

Posted on Oct 04, 2009

  • Level 3:

    An expert who has achieved level 3 by getting 1000 points

    Superstar:

    An expert that got 20 achievements.

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

  • Master
  • 2,229 Answers

If Norton scans it and tells you it's there, it should remove it.
Here's what I would do:
Go to this site:
support.f-secure.com/enu/home/ols.shtml
and scan from there.
Also a really good resource is www.bleepingcomputer.com. They have a usegroup devoted to malware and usually can com up with a solution faster than any other place I've visited.

Posted on Oct 04, 2009

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
goodluck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

2 Answers

My computer is infected with the messenger blocker virus. I am following instructions given on the symantec.com web site to resolve it. One of the steps requires editing the registry, but whenever i try to...


Try using Combofix, then update and run your virus scan. Combofix will attempt to delete and viruses it can, but it will clean the registry so you can perform some scanning and virus removals. Works Great and highly recommended. I use it all the time on client PCs.

http://www.combofix.org/download.php

Oct 19, 2009 | Microsoft Windows XP Professional

1 Answer

Removing virus


dear friend

you machine is also infected with virus

common probs , i see it almost everyday

here is soln

goto kaspersky.com

download lits trial version

uninstall all you old antivrus software

install kaspersky 2009

activate trial mode

run a full pc scan

then

goto malwarebytes.org

download antimalware

install it

update it

run a quick scan

and your ystem will be free of all virus

thanks

Apr 11, 2009 | Intel Motherboard

2 Answers

Local Disk Problem


resycled/boot.com is a worm/trojan.DNSchanger that propagates on local fixed and removable USB drives. resycled/boot.com may infect drives via autorun.inf file it created that runs a command each time the drive is accessed. Malicious files will be copied to a drives attached on infected computer
http://www.tech-archive.net/Archive/WinXP/microsoft.public.windowsxp.general/2008-11/msg00153.html
Follow this link and do what the artical says to remove and fix. Good Luck. Please rate me thanks.

Jan 16, 2009 | Computers & Internet

1 Answer

W32 Virus


Kaspersky AntiVirus is Best ....

Download Kaspersky Antivirus and your problem will be solved...

Dec 20, 2008 | Microsoft Windows XP Professional

2 Answers

How do i get rid of a W32.SillyFDC virus


The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
  1. Disable System Restore (Windows Me/XP).
  2. Update the virus definitions.
  3. Run a full system scan.
  4. Delete any values added to the registry.

For specific details on each of these steps, read the following instructions.

1. To disable System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.

Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.

Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.

For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles:

Note: When you are completely finished with the removal procedure and are satisfied that the threat has been removed, reenable System Restore by following the instructions in the aforementioned documents.

For additional information, and an alternative to disabling Windows Me System Restore, see the Microsoft Knowledge Base article: Antivirus Tools Cannot Clean Infected Files in the _Restore Folder (Article ID: Q263455).

2. To update the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:
  • Running LiveUpdate, which is the easiest way to obtain virus definitions.

    If you use Norton AntiVirus 2006, Symantec AntiVirus Corporate Edition 10.0, or newer products, LiveUpdate definitions are updated daily. These products include newer technology.

    If you use Norton AntiVirus 2005, Symantec AntiVirus Corporate Edition 9.0, or earlier products, LiveUpdate definitions are updated weekly. The exception is major outbreaks, when definitions are updated more often.


  • Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted daily. You should download the definitions from the Symantec Security Response Web site and manually install them.

The latest Intelligent Updater virus definitions can be obtained here: Intelligent Updater virus definitions. For detailed instructions read the document: How to update virus definition files using the Intelligent Updater.

3. To run a full system scan
  1. Start your Symantec antivirus program and make sure that it is configured to scan all the files.

    For Norton AntiVirus consumer products: Read the document: How to configure Norton AntiVirus to scan all files.

    For Symantec AntiVirus Enterprise products: Read the document: How to verify that a Symantec Corporate antivirus product is set to scan all files.


  2. Run a full system scan.
  3. If any files are detected, follow the instructions displayed by your antivirus program.
  4. Delete the autorun.inf file from writeable removable devices, if necessary.
Important: If you are unable to start your Symantec antivirus product or the product reports that it cannot delete a detected file, you may need to stop the risk from running in order to remove it. To do this, run the scan in Safe mode. For instructions, read the document, How to start the computer in Safe Mode. Once you have restarted in Safe mode, run the scan again.


After the files are deleted, restart the computer in Normal mode and proceed with the next section.

Warning messages may be displayed when the computer is restarted, since the threat may not be fully removed at this point. You can ignore these messages and click OK. These messages will not appear when the computer is restarted after the removal instructions have been fully completed. The messages displayed may be similar to the following:

Title: [FILE PATH]
Message body: Windows cannot find [FILE NAME]. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.

4. To delete the value from the registry
Important: Symantec strongly recommends that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified subkeys only. For instructions refer to the document: How to make a backup of the Windows registry.
  1. Click Start > Run.
  2. Type regedit
  3. Click OK.

    Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor. Security Response has developed a tool to resolve this problem. Download and run this tool, and then continue with the removal.

  4. Navigate to the following registry subkeys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\"load"

  5. In the right pane, delete any values associated with the worm.


  6. Exit the Registry Editor.

Dec 18, 2008 | Microsoft Computers & Internet

4 Answers

Needs Removal tool for w32.imaut


Hai I am thangu I could not able to clean w32.imaut and New folder.exe. Plz Give me Removal tool for the above Virus. Now i have symantec corporate edition.It is not Supporting my system. Plz Help me

Aug 05, 2008 | ScriptLogic Desktop Authority Spyware...

3 Answers

How to remove virus without installing any virus removal software..


Format your disk and Reinstall operating system or find out which all are the infected registry and remove the virus registry contents manually.
or delete (hidden file) autorun.inf from all drives if it exists.

Dec 05, 2007 | Microsoft Windows XP Professional With...

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

44 people viewed this question

Ask a Question

Usually answered in minutes!

Top Microsoft Computers & Internet Experts

micky dee

Level 3 Expert

2658 Answers

Piyal Perera
Piyal Perera

Level 3 Expert

528 Answers

Les Dickinson
Les Dickinson

Level 3 Expert

18387 Answers

Are you a Microsoft Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...