I've searched the forums, I've ran the scan in Safe Mode, I've disabled System Restore and all that and I still can't get rid of this virus. When I run a full system scan it doesn't find it.
Unresolved Threats: Backdoor.Trojan Type: Anomaly Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus Status: Remove Failed ----------- 4 Files globalroot\systemroot\system32\gxvxctqsltyklmwpuxbqjiwwfftllrvupyidu.dll - Failed globalroot\systemroot\system32\gxvxctqsltyklmwpuxbqjiwwfftllrvupyidu.dll - No action taken globalroot\systemroot\system32\gxvxctqsltyklmwpuxbqjiwwfftllrvupyidu.dll - No action taken globalroot\systemroot\system32\gxvxctqsltyklmwpuxbqjiwwfftllrvupyidu.dll - No action taken 1 Browser Cache
Did you only run a quick scan. I noticed that the scan time is short. Perhaps you can try running a full system scan in safe mode when plugged out from the internet.
You can also try using Malwarebytes Anti-Malware's free version.
yea that was a full system scan, I tried the link you gave me and it didn’t work. I tried to look it up on google and go there, and it didn’t do anything, just said Done in the bottom lefthand corner.
We do have a guru who performs magic with rootkit infections, which is what you apparently have. It's the gxvxc variant. The removal is time consuming, and requires that you follow instructions very carefully.
We require a GMER scan, scan ONLY, do not attempt to fix, so that we can identify all of the files in your system that need to be removed. Post the log using the attachments link below the post button.
If the malware won't let it run, you will be able to do so in safe mode.
Please provide details on your operating system and service packs, and what version of Norton are you using. Antivirus or Internet Security, and the version number under Help & Support, about.
There is almost nothing of the GMER log available. Were all of the sections of the scan checked. We need all of it, not just the part that says "rootkit"
He still has the rootkit because we haven't done anything to remove it yet. The identification of the files and entries are important.
Monk3y:
Thanks very much for the log. Quads will work on it today and provide the documentation and the tools to remove it. Please do not do anything else with it for the time being.
Sorry about that, I confused this this thread with another and thought that Monk3y had already run GMER :-) Sorry about that ;-)
Monk3y:
Sorry if I gave you a fright there or sounded a bit short, as I said above, I confused your thread with another 8-) oops! Anyway, thanks for posting the GMER log; Quads is the community Rootkit-remover - nad he's really good at it!! When he gets around to your problem, he'll have your pc looking (well, working) as if it were spankin' new!!
I also recently have had a problem where I’d be searching for something on Yahoo or Google and when I click on the link it takes me to some other website that resimbles another search engine. I t just recently started happening, any idea what it could be?