|
|
Focus on Virus
Virus or trojan help Oct 12 2006 06:08AM genome (jtroxas gmail com) (4 replies) Re: Virus or trojan help Oct 12 2006 05:29PM genome (jtroxas gmail com) (3 replies) Re: Virus or trojan help Oct 15 2006 09:17PM brain5ide (brain5ide gmail com) (1 replies) |
|
Privacy Statement |
> I am not entirely sure If its infected explorer.exe as the virus does not
> run in safemode and while running explorer.exe.. I have been able to extract
> files with winrar and the exe files are not deleted upon extraction.. I have
> even been able to install Outpost firewall in safemode and scan the system
> with spyware.. it detected some spyware including bagle and removed it
> then... when I restarted the system in normal mode the virus keeps
> restarting the system imidiately after the desktop is shown.. This is
> probably because the virus cannot delete outpost.exe as it is already
> running as a service before the virus loads... so virus simply restarted the
> system so I would not be able to fix anything..
> I booted again in safemode and disabled outpost.exe service and surely
> windows booted ok in nomal mode but looking in outpost installation
> directory the virus deleted outpost.exe...
> also the standard windows firewall service will not automaticaly start I had
> to start it manually all the time..
> I could not see any rouge running process in taskmanager and Ive even
> installed WintaskPro and cannot find anything out of the ordinary.. Ive
> disabled all other non microsoft services and microsoft servises I can
> disable.. to no avail..
>
> Its a shame...Evil people are getting smarter and smarter every day....
>
> Could anybody recommend an antivirus software that will Install and run in
> safemode as thats what I think is the only way I could have a fighting
> chance with this virus..
>
> Ive tried Nod32 AVG Norton Panda bitdefender... seems this virus has a
> database of almost all known antivirus and security software..
>
> Unfortunately I cannot just format and reinstall without knowing what has
> gone wrong as this virus probably have infected some in our network and
> chances are it will just return again...
I think someone recommended this thread to use the Helix LiveCD.
A couple of other sources of info
<http://www.claymania.com/removal-trojan-adware.html>
<http://www.ik-cs.com/v2/got-a-virus.htm>
John
------------------------------------------------------------------------
----
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZW
l
------------------------------------------------------------------------
----
[ reply ]