Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible infection [System32\Config]

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Possible infection [System32\Config]

Unread postby iZver » November 1st, 2009, 2:07 pm


My problem:
I believe something's wrong with my computer. To be more precise, I believe I've got a rootkit. Obviously formatting came first to my mind. And I intend to do it, if I must. But I want to know if I really am infected.

I've, by pure luck, discovered something's xxxxxx with my windows folder. What happened is, I extracted something with winRAR, and I saw the default location was sys32. Which is weird, because I don't extract stuff to there. So I went to check for recent changes in my sys32 folder, and I'll be damned, I found, sys32\config folder, that was changed just recently.

I googled it, and found some articles saying it is an infection. Anyway I read on, and by pure chance find your awesome forum :) . I go to check again for recent changes, and I find that the virus is xxxxxx with my drivers\etc folder, and some other folders. So I decide to ask you for help.

Well, I don't want to brag, but I do have some moderately advanced knowledge of desktop, so I understand a bit more than many others.

I really hope you help me. But until you respond, I'll keep my passwords away from this computer. Obviously mail and some other basic passwords are gone, but I don't rly care about that. I don't have anything important there. :mrgreen:

What should I do?
I got 2 screens, of my sys32 and of config folder. Here are the thumbnails:

What do you need? I believe you need hijackthis logs. But what else?

Cheers, and thanks for the reply!

Edit: Edited to remove obscene language. If you want help from this site, clean up what comes out of your mouth! We don't tolerate such behavior here. If your language skills are so limited that you cannot express yourself without resorting to expletives, then we suggest you go elsewhere!
Last edited by NonSuch on November 1st, 2009, 4:49 pm, edited 1 time in total.
Reason: Edited to remove expletives.
Active Member
Posts: 2
Joined: November 1st, 2009, 1:46 pm
Register to Remove

Re: Possible infection [System32\Config]

Unread postby NonSuch » November 1st, 2009, 4:51 pm

In order for us to help you it is necessary that you provide us with a HijackThis log. Please follow the guideline at the link below to start a new topic and post your HijackThis log by pasting it into your post. Do not utilize attachments.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<
User avatar
Posts: 27779
Joined: February 23rd, 2005, 7:08 am
Location: California

  • Similar Topics
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!

Who is online

Users browsing this forum: pgmigg and 73 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware