bundespolizei virus cannot find

November 4, 2011 at 20:49:53
Specs: Windows XP
So far I think that I have exhausted all the remedies offered by the internet as my virus just doesnt want to be found
I can only open the computer in Safe mode with command prompt (safe mode with networking opens to the lovely bundespolizei banner where you cannot open anything including taskmanager)
in the safe mode I have regedit open, and following directions from different sources I have looked at the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell and the data connected with "shell" is Explorer.exe (which is what it should be?)
Then trying to find
HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603
in the Search Assistant file there was only "(default)" and "InstallDir", no "ACMru"
the files are all C:\program files\ or C:\windows\ except for "(default)", "LangID" and "@shell32.dll, -28995" <-is this last one something of significance?

Next I tried to find the virus' registry entries that are apparently at:
AppID = "{7E72E9EC-FCBC-40A7-AA69-2D60ADA7B296}"
(Default) = "MCCKMPlayerX"
Couldn't find MCCKMPlayerX.DLL or {7E72E9EC-FCBC-40A7-AA69-2D60ADA7B296}

(Default) = ""%ProgramFiles%\pipi\PIPIPlayer.exe" "%L""
(Default) = "Play With PIPIPlayer"
inside ASFFile\shell there is only "(default)"

(Default) = ""%ProgramFiles%\pipi\PIPIPlayer.exe" "%L""
(Default) = "Play With PIPIPlayer"
inside ASXFile\shell there is only "(default)"

(Default) = ""%ProgramFiles%\pipi\PIPIPlayer.exe" "%L""
(Default) = "Play With PIPIPlayer"
inside AVIFile\shell there is only "(default)"

I then opened the System Configuration Utility and browsed through it. In the Startup tab, right down the bottom was Startup Item: "ü玉", Command:"m玉'|\ü玉", Location:"SOFTWARE\Microsoft\Windows\CurrentVersion\Run"

When I looked in:
I couldnt find it, the same for when I looked in

So, yeah, that is where I have gotten to at the moment and I am kind of frustrated/worried, so any help would be greatly appreciated.

Some Notes:
If you recommend downloading a programme on a different computer, saving it to usb then running it, please tell me how to access and run it in command prompt (my knowledge is lacking)
This virus will not let me access anything once I log in (even as admin in safemode with network) so I cannot shut down the exe in task manager, or even see task manager for that matter
I believe when the virus first appeared my sister repeatedly pressed no for its scans then it seized the computer.
(Obviously this is being posted from a different computer)

Once again Any help would be greatly appreciated - I dont want to have to clear the computer (many important photos) or pay to send it out to a technician (being a pov student :/)

See More: bundespolizei virus cannot find

Report •

November 4, 2011 at 23:35:56
it may prove to be simpler to attach the hard drive to another unit and use their virus scanner and malwarebytes or something to scan it and see if that gets you back....yes I can think of other ways, just none easy to explain when you are unable to do anything with the mouse of any use. Just make sure if you do hook it up to another computer, it has a good updated anti virus or it may spread the problem.

Report •

November 5, 2011 at 04:25:41
Okay so I need to 'slave' the infected hard drive, what protection would you recommend? norton, avast, full Malwarebytes or file hippo's download http://www.filehippo.com/download_m... At the moment the other computer I am thinking of using has only has Symantec which is useless considering it didnt pick up on the threat in the now infected computer.

Report •

November 5, 2011 at 21:58:17
might try something like this:

download the iso, & create a bootable cd


Report •
Related Solutions

Ask Question