Focus on Virus
Virus or trojan help Oct 12 2006 06:08AM
genome (jtroxas gmail com) (4 replies)
Re: Virus or trojan help Oct 14 2006 11:33PM
Genome (jtroxas gmail com) (1 replies)
Re: Virus or trojan help Oct 17 2006 06:06PM
brain5ide (brain5ide gmail com)
Re: Virus or trojan help Oct 13 2006 05:39PM
gmx (pal_adam gmx net) (1 replies)
RE: Virus or trojan help Oct 14 2006 12:08AM
Mark Brunner (mark_brunner hotmail com)
Re: Virus or trojan help Oct 13 2006 04:01PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
Re: Virus or trojan help Oct 12 2006 05:29PM
genome (jtroxas gmail com) (3 replies)
Re: Virus or trojan help Oct 15 2006 11:08PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
Re: Virus or trojan help Oct 15 2006 09:17PM
brain5ide (brain5ide gmail com) (1 replies)
RE: Virus or trojan help Oct 17 2006 02:10AM
Miguel Valentin (valentinousn verizon net) (1 replies)
Re: Virus or trojan help Oct 18 2006 11:58AM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
Re: Virus or trojan help Oct 15 2006 05:02PM
John Mason Jr (john mason jr cox net)
genome wrote:
> I am not entirely sure If its infected explorer.exe as the virus does not
> run in safemode and while running explorer.exe.. I have been able to extract
> files with winrar and the exe files are not deleted upon extraction.. I have
> even been able to install Outpost firewall in safemode and scan the system
> with spyware.. it detected some spyware including bagle and removed it
> then... when I restarted the system in normal mode the virus keeps
> restarting the system imidiately after the desktop is shown.. This is
> probably because the virus cannot delete outpost.exe as it is already
> running as a service before the virus loads... so virus simply restarted the
> system so I would not be able to fix anything..
> I booted again in safemode and disabled outpost.exe service and surely
> windows booted ok in nomal mode but looking in outpost installation
> directory the virus deleted outpost.exe...
> also the standard windows firewall service will not automaticaly start I had
> to start it manually all the time..
> I could not see any rouge running process in taskmanager and Ive even
> installed WintaskPro and cannot find anything out of the ordinary.. Ive
> disabled all other non microsoft services and microsoft servises I can
> disable.. to no avail..
>
> Its a shame...Evil people are getting smarter and smarter every day....
>
> Could anybody recommend an antivirus software that will Install and run in
> safemode as thats what I think is the only way I could have a fighting
> chance with this virus..
>
> Ive tried Nod32 AVG Norton Panda bitdefender... seems this virus has a
> database of almost all known antivirus and security software..
>
> Unfortunately I cannot just format and reinstall without knowing what has
> gone wrong as this virus probably have infected some in our network and
> chances are it will just return again...

I think someone recommended this thread to use the Helix LiveCD.
A couple of other sources of info
<http://www.claymania.com/removal-trojan-adware.html>
<http://www.ik-cs.com/v2/got-a-virus.htm>

John

------------------------------------------------------------------------
----
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZW
l
------------------------------------------------------------------------
----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus