[PartyPaint]

Okay White Hat's, my Problem is some sort of malware.

-when I log into my PC, a cmd window opens and ask me to
delete system32

-now I'm confused, because I found @ Google that system32.exe
could be a malware, because I have Vista, and there is no system32.exe
I think, Vista has explorer.exe

-I scanned for Malware with Avira and HiJack.
Result: 0 Malware

-It's horrible, why would cmd autostart and ask for deleting
system32, if system32 is Virus, or is it not a virus?

It's quite a bit confusing for you, I know, but everyone who understands
my problem and solves it, get +rep from me.

thanks

[♠J0K3R♠]

Ahh this is a little batch virus i think. I will write a guide to remove asap.

Download following and scan.

(Remember not to delete you own stuff if you got anything that is considered a virus.)

[link=http://www.surfright.nl/en/downloads]Hitman Pro 3.5 [/link]

[link=http://www.malwarebytes.org/products/malwarebytes_free]Malwarebytes Anti-Malware Free[/link]

[link=http://security.symantec.com/nbrt/npe.aspx?lcid=1033]Norton Power Eraser [/link] (Has false positives if you have cracked software/homemade shortcuts etc.)

In vista try looking at these paths (you might need to enable ''show hidden files'')

C:\Users\[USERNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

C:\Users\AllUsers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Try this.

Go to Regedit.

For Local Machine-
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

For Current User-
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

Or this.

HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\WinLogon\

If none above works.

[link=http://is.gd/NItN5O]GMER - Anti-Rootkit Tool[/link]

If this doesn't solve the problem then pm me. But im 99,0% sure it will :thumbs:

[PartyPaint]

You're awesome, gave me a full Tutorial for that and the tools are very usefull too.
This little batch and some other malware I found with this tools are deleted.

+rep

[♠J0K3R♠]

You're awesome, gave me a full Tutorial for that and the tools are very usefull too.
This little batch and some other malware I found with this tools are deleted.

+rep

Thanks. And im glad to help.

[Jacob]

send a private message to me, if you still need help in about 4 hours. i'll be able to help you, oh and DONT delete the system32 file. system32 is good (im sure, i dont know vista all too well)