Some virus has hijacked my control panel

Joined
Oct 3, 2007
Messages
13
Reaction score
0
My system was attacked by some form of malware which I removed partially coz it keeps recurring. AVG, AVIRA antivir and McAfee dont seem to even detect it. Now I cant access the control panel or any cpanel function. I get the message "This operation has been cancelled due to restrictions. Please contact the administrator" whereas am the admin. It has also disabled time and my current antivirus. Anyone who can help?
 
Last edited:
Have you tried running the Windows Malicious Software Removal Tool?

It can be downloaded here.

Run it and see if it solves the problem.

What operating system are you using? (XP, Vista, etc.)
 
Nope. Tried but it still doesnt work. The malware files are now gone but the settings it altered are still intact. I cant even view the clock. Am using Windows XP SP2
 
Actually its worsening. Ave tried to restart but found a pop up, an alert box sort of, just before the windows log in window. It has some funny message. Being an alert box, I have to press OK to continue and that re-propagated the malware all over the system again.
 
This thing is getting worse. I now cant see the run, search and help items from the start menu. I cant get to regedit or access the manage function on my computer on right clicking. Anyone know what the hell this thing is. It has a size of 312KB and duplicates itself in folders. Its making a file called open.exe on all drives and before I could do anything, it has disabled access to all local drives! I cant open any on right-clicking now! Anyone know what this thing is?
 
If you can post a HijackThis log. :thumb:
 
Well This thing is a real dangerous monster. I have had to format my primary drive. But all systems in the network have it now. Getting the hijackthis log. Will post it in a while
 
I sent a sample to Avira and they analysed it. Apparently its a malware which they named DR/Agent.VB.APH.1. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection was added to their virus definition file (VDF) starting with version 7.00.00.46. I run it on the other machines and they are all fine now. Need to remove such? I have included a complete analysis on http://beshte.com/viruswatch.php to help anyone who may have problems with the same malware. Here is the email from Avira analysis lab
**************************

Tracking number: INC00086114.



A listing of files alongside their results can be found below:

File ID Filename Size (Byte) Result
1325182 Open.exe 312 KB MALWARE


Please find a detailed report concerning each individual sample below:

Filename Result
Open.exe MALWARE

The file 'Open.exe' has been determined to be 'MALWARE'. Our analysts named the threat DR/Agent.VB.APH.1. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection is added to our virus definition file (VDF) starting with version 7.00.00.46.


Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/d...4KPJ87Fm9DbI10ZIBVdp6fPL558X&incidentid=86114
 
Back
Top