Re: HELP!! Computer infected by some VIRUS

istatus · ‎08-01-2009

If i start the sysport "RUN" and i click on the Kernel Modeules.......it looks like it runs then i get that "Failed to start Service. Sysprot anitrootkit needs to be run with Admin privileges" Then i click OK and it under the tab its Blank...with headers of Module Name Service Name Module Base etc.

shannons · ‎01-07-2009

Moved:

Moved to own thread for better exposure.

Floating_Red · ‎05-30-2008

istatus wrote:

...Norton 2007 didn't detect anything.

Hi,

Can you please check the Security History and see if Norton 2009 has Detected anything which you may have missed. Please also check in the Unresolved Security Risks. Please let us know what you find or don't find. Thanks!

Tuesday, June 18, 2013: The THREATCON was changed to Level 1: Normal | Targeted Attack Exploits Ichitaro Vulnerability | Tuesday, June 11, 2013: Microsoft "Patch Tuesday"

istatus · ‎08-01-2009

I just checked ...Unresolved Risk....nothing.....i'm running it again......u guys have any idea what virus i have? Thx...

Floating_Red · ‎05-30-2008

istatus wrote:
I just checked ...Unresolved Risk....nothing.....i'm running it again......u guys have any idea what virus i have? Thx...

Please can you check the Full History then as well as Resolved Security Risks. Thank-you for your co-operation!

Message Edited by Floating_Red on 08-02-2009 08:46 PM

Tuesday, June 18, 2013: The THREATCON was changed to Level 1: Normal | Targeted Attack Exploits Ichitaro Vulnerability | Tuesday, June 11, 2013: Microsoft "Patch Tuesday"

delphinium · ‎11-21-2008

Istatus:

Have you turned off Auto protect in your Norton before running these tools? We need to identify your problem and we need a log or two.

If you still are unable to get SysProt to run, you can try GMER in safe mode

http://www.gmer.net/

Or Rootrepeal

http://homepages.slingshot.co.nz/~crutches/RootRepel/

Click on "Report"

Select all the boxes

Then your HD.

Then click scan

See what you can find for us.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain

Floating_Red · ‎05-30-2008

istatus,

I know that you don't what Files are a Threat, but, when we discover what Files are Threats, please could you Submit them to symantec Security Response before trying the Removal process; thanks.

Submitting Malware to symantec Security Response: https://submit.symantec.com/websubmit/retail.cgi.

Tuesday, June 18, 2013: The THREATCON was changed to Level 1: Normal | Targeted Attack Exploits Ichitaro Vulnerability | Tuesday, June 11, 2013: Microsoft "Patch Tuesday"

istatus · ‎08-01-2009

GMER is still running: But Here is the current log. I hope this helps!! My IE is soo messed up on my desktop now. I can't even sign onto this board on my desktop

Quads · ‎07-21-2008

Hi

Hmmm looks like a Vundo /Virtumode infection hooking into the browser, by the file "C:\Windows\System32\dimsjob32.dll"

OK

1. Please Download Hijackthis http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download The 3rd .exe version and run creating a log and post it.

2. Download Malwarebytes http://www.filehippo.com/download_malwarebytes_anti_malware/ and See if you can after installing update the definitions, and Run a Full Scan.

3. Download SuperAntispyware Free http://www.filehippo.com/download_superantispyware/ Install Then update the Definitions and Run a Full scan.

Both will also Create a log.

If After that any file don't want to delete, stubborn like "Vundo.H" I can use the logs to script, removal Hopefully

Quads

istatus · ‎08-01-2009

Now I have a problem. I can't download anything from IE. It just initializes and don't do anything....what can i do? I tried to run in Safe Mode but IE pages doesn't even load.