Not what you were looking for? Ask our experts!
Reply
Contributor
istatus
Posts: 61
Registered: ‎08-01-2009

Re: HELP!! Computer infected by some VIRUS

 

If i start the sysport "RUN" and i click on the Kernel Modeules.......it looks like it runs then i get that "Failed to start Service. Sysprot anitrootkit needs to be run with Admin privileges" Then i click OK and it under the tab its Blank...with headers of Module Name Service Name Module Base etc.

shannons
Posts: 11,880
Topics: 50
Kudos: 115
Solutions: 8
Registered: ‎01-07-2009

Re: HELP!! Computer infected by some VIRUS

Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: HELP!! Computer infected by some VIRUS


istatus wrote:

 

 

...Norton 2007 didn't detect anything.


Hi,

 

Can you please check the Security History and see if Norton 2009 has Detected anything which you may have missed.  Please also check in the Unresolved Security Risks.  Please let us know what you find or don't find.  Thanks!

 

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Contributor
istatus
Posts: 61
Registered: ‎08-01-2009

Re: HELP!! Computer infected by some VIRUS

I just checked ...Unresolved Risk....nothing.....i'm running it again......u guys have any idea what virus i have? Thx...
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: HELP!! Computer infected by some VIRUS

[ Edited ]

istatus wrote:
I just checked ...Unresolved Risk....nothing.....i'm running it again......u guys have any idea what virus i have? Thx...

 

Please can you check the Full History then as well as Resolved Security Risks.  Thank-you for your co-operation!

 

Message Edited by Floating_Red on 08-02-2009 08:46 PM
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
delphinium
Posts: 9,862
Kudos: 2,964
Solutions: 293
Registered: ‎11-21-2008

Re: HELP!! Computer infected by some VIRUS

Istatus:

 

Have you turned off Auto protect in your Norton before running these tools?  We need to identify your problem and we need a log or two.

 

If you still are unable to get SysProt to run, you can try GMER in safe mode

 

http://www.gmer.net/ 

 

Or Rootrepeal

 

http://homepages.slingshot.co.nz/~crutches/RootRepel/

Click on "Report"

Select all the boxes

Then your HD.

Then click scan

 

See what you can find for us.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: HELP!! Computer infected by some VIRUS

istatus,

 

I know that you don't what Files are a Threat, but, when we discover what Files are Threats, please could you Submit them to symantec Security Response before trying the Removal process; thanks.

 

 

Submitting Malware to symantec Security Response: https://submit.symantec.com/websubmit/retail.cgi.

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Contributor
istatus
Posts: 61
Registered: ‎08-01-2009

Re: HELP!! Computer infected by some VIRUS

GMER is still running: But Here is the current log.  I hope this helps!! My IE is soo messed up on my desktop now.  I can't even sign onto this board on my desktop

Bot Obliterator
Quads
Posts: 16,528
Registered: ‎07-21-2008

Re: HELP!! Computer infected by some VIRUS

Hi

 

Hmmm looks like a Vundo /Virtumode infection hooking into the browser, by the file "C:\Windows\System32\dimsjob32.dll"

 

 

OK

 

1. Please Download Hijackthis http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download  The 3rd .exe version and run creating a log and post it.

 

2. Download Malwarebytes http://www.filehippo.com/download_malwarebytes_anti_malware/  and See if you can after installing update the definitions, and Run a Full Scan.

 

3. Download SuperAntispyware Free http://www.filehippo.com/download_superantispyware/   Install Then update the Definitions and Run a Full scan.

 

Both will also Create a log.

 

If  After that any file don't want to delete, stubborn like "Vundo.H" I can use the logs to script, removal Hopefully  

 

Quads 

Contributor
istatus
Posts: 61
Registered: ‎08-01-2009

Re: HELP!! Computer infected by some VIRUS

 

Now I have a problem.  I can't download anything from IE.  It just initializes and don't do anything....what can i do? I tried to run in Safe Mode but IE pages doesn't even load.