Focus on Virus
Virus or trojan help Oct 12 2006 06:08AM
genome (jtroxas gmail com) (4 replies)
Re: Virus or trojan help Oct 14 2006 11:33PM
Genome (jtroxas gmail com) (1 replies)
Re: Virus or trojan help Oct 17 2006 06:06PM
brain5ide (brain5ide gmail com)
Re: Virus or trojan help Oct 13 2006 05:39PM
gmx (pal_adam gmx net) (1 replies)
RE: Virus or trojan help Oct 14 2006 12:08AM
Mark Brunner (mark_brunner hotmail com)
Re: Virus or trojan help Oct 13 2006 04:01PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
Re: Virus or trojan help Oct 12 2006 05:29PM
genome (jtroxas gmail com) (3 replies)
I am not entirely sure If its infected explorer.exe as the virus does not
run in safemode and while running explorer.exe.. I have been able to extract
files with winrar and the exe files are not deleted upon extraction.. I have
even been able to install Outpost firewall in safemode and scan the system
with spyware.. it detected some spyware including bagle and removed it
then... when I restarted the system in normal mode the virus keeps
restarting the system imidiately after the desktop is shown.. This is
probably because the virus cannot delete outpost.exe as it is already
running as a service before the virus loads... so virus simply restarted the
system so I would not be able to fix anything..
I booted again in safemode and disabled outpost.exe service and surely
windows booted ok in nomal mode but looking in outpost installation
directory the virus deleted outpost.exe...
also the standard windows firewall service will not automaticaly start I had
to start it manually all the time..
I could not see any rouge running process in taskmanager and Ive even
installed WintaskPro and cannot find anything out of the ordinary.. Ive
disabled all other non microsoft services and microsoft servises I can
disable.. to no avail..

Its a shame...Evil people are getting smarter and smarter every day....

Could anybody recommend an antivirus software that will Install and run in
safemode as thats what I think is the only way I could have a fighting
chance with this virus..

Ive tried Nod32 AVG Norton Panda bitdefender... seems this virus has a
database of almost all known antivirus and security software..

Unfortunately I cannot just format and reinstall without knowing what has
gone wrong as this virus probably have infected some in our network and
chances are it will just return again...

"genome" <jtroxas (at) gmail (dot) com [email concealed]> wrote in message
news:egna8c$8g3$1 (at) sea.gmane.org. (dot) . [email concealed]
> hello..
> I am infected with a virus or a trojan that will not allow me to execute
> and install any antivirus software or even install any windows updates
> offline or online... It simply deletes certain exe files when extracted to
> the hard disk.. and the software installation gives an error saying it
> cannot find the file...
>
> I tried booting in safemode from xp and extract the files manualy but the
> antivirus wont install because its safemode so I boot xp normaly and
> browse to the extraction directory only to find right in front of my eyes
> the exe being deleted by the unknown virus.. tried different antivirus and
> they all wont install... but other software that is not an antivirus will
> install... I tried using an online scanner from bitdefender but it did not
> detect any..
> I tried closing all running process in task manager and services running
> still no avail..
>
> anyone knows what virus or trojan that acts like this..can anyone please
> inform me of its name so I may come to the right way of tracking a
> solution..
>
> thanks...
>
>
>
> ------------------------------------------------------------------------
----
> ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
> It's as simple as placing additional SQL commands into a Web Form input
> box giving hackers complete access to all your backend systems!
>
> https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZW
l
> ------------------------------------------------------------------------
----
>
>
>

------------------------------------------------------------------------
----
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZW
l
------------------------------------------------------------------------
----

[ reply ]
Re: Virus or trojan help Oct 15 2006 11:08PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
Re: Virus or trojan help Oct 15 2006 09:17PM
brain5ide (brain5ide gmail com) (1 replies)
RE: Virus or trojan help Oct 17 2006 02:10AM
Miguel Valentin (valentinousn verizon net) (1 replies)
Re: Virus or trojan help Oct 18 2006 11:58AM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
Re: Virus or trojan help Oct 15 2006 05:02PM
John Mason Jr (john mason jr cox net)


 

Privacy Statement
Copyright 2010, SecurityFocus