QUOTE(xixo_12 @ Mar 7 2010, 06:58 PM)
Thanks for the link. 
Goodness, it turnout to be a normal file.
Virus/Malware Virus /Rootkits Thread, Work In Progress
|
|
 Mar 7 2010, 08:56 PM
|
 
Senior Member
802 posts Joined: Jun 2009 From: Cheras, Kuala Lumpur  
|
Goodness, it turnout to be a normal file. |
Quote|
|
|
|
|
Mar 8 2010, 11:54 AM
|
Senior Member
7,318 posts Joined: Nov 2006 From: Pulau Sipadan 
|
glad to know
 |
|
|
Mar 19 2010, 11:38 PM
|
Junior Member
36 posts Joined: Jun 2009
|
that's a useful URL.thanks.
|
|
|
Mar 24 2010, 03:10 PM
|
Junior Member
38 posts Joined: Mar 2008
|
My AV detected trojan in C:\System Volume Information\_restore{...
And the access is denied. How can I correct this? Added on March 24, 2010, 3:53 pmI found the answer to my own questions... thank you. This post has been edited by phreakout: Mar 24 2010, 03:53 PM |
|
|
Mar 31 2010, 01:42 PM
|
Junior Member
127 posts Joined: Jan 2010
|
C:\Windows\system32\sshnas21.dll
the specific module cannot be found this error message come out when ever i turn my laptop on how to fix this?? is this virus?? |
|
|
Mar 31 2010, 04:09 PM
|
Junior Member
488 posts Joined: May 2009 From: damansara
|
My whole company infected by this worm w2.downadup.b..I used the symantec tool also unable to clean.Install the ms08-67 patches also cannot.How to get rid of the worm?..My antivirus is symantec...also used the kaspersky kido removal tool and bitdefender one oso cannot..How ah?
I am really out of ideas and my boss is soo damm pissed off. |
|
|
|
|
|
Mar 31 2010, 10:55 PM
|
 
Elite
1,089 posts Joined: Jun 2008
|
QUOTE(armadasaxon @ Mar 31 2010, 04:09 PM) My whole company infected by this worm w2.downadup.b..I used the symantec tool also unable to clean.Install the ms08-67 patches also cannot.How to get rid of the worm?..My antivirus is symantec...also used the kaspersky kido removal tool and bitdefender one oso cannot..How ah? That particular worm will infected any computer that connected to your office network..I am really out of ideas and my boss is soo damm pissed off.  My recommendation to follow the "kidokiller" instruction from Kaspersky below.. Read from the "For corporate users (to remove the Net-Worm.Win32.Kido via Administration Kit)" part... http://support.kaspersky.com/faq/?qid=208279973 If above is not working, my second recommendation is to install "kidokiller" in ALL computer in the office >> stay until after office hour >> disconnect ALL computer from network (just plug out the network cable or turn off the "switch" and "router") >> run "kidokiller" as per instructed in the link I give above.. |
|
|
Apr 11 2010, 02:14 PM
|
|
Senior Member
698 posts Joined: Jan 2003
|
So far i think the best freeware available are combofix u can get the info from google
|
|
|
Apr 11 2010, 05:43 PM
|
Senior Member
2,901 posts Joined: Jan 2007 
|
As powerful as it is, you will need to have a certain level of knowledge to use CF in order to deal with malware you have in your computer. You can definitely run it by yourself for the first run and get rid of the skunks but that alone doesn't guarantee it will totally clear off a malware and you might not even know it because you don't know how to interpret the log generated from CF at all. lol
|
|
|
Apr 12 2010, 02:45 PM
|
Senior Member
1,194 posts Joined: Nov 2006
|
do you guys know how to remove MSN worm? the 1 which sends out random msgs using ur MSN account. thx !
|
|
|
Apr 13 2010, 05:51 PM
|
|
Senior Member
802 posts Joined: Jun 2009 From: Cheras, Kuala Lumpur
|
My anti-virus detected JS:MalHead-CL (Trj) virus. I tried googling around but couldn't
find it in any virus database. I think this is a new virus. |
|
|
May 6 2010, 09:54 PM
|
|
Senior Member
1,580 posts Joined: Aug 2006
|
my avg detected an infection (hidden driver) in my system32 folder.
after i do a system check and remove it, it will automatically appear back after rebooting. and the file name will always be different but with a .SYS ext. how?  This post has been edited by toby.c13: May 6 2010, 10:26 PM |
|
|
May 7 2010, 12:11 PM
|
Junior Member
122 posts Joined: Mar 2007 From: Kota Kinabalu, Sabah
|
Delete the files at System.32 , show hidden files....
|
|
|
|
|
|
Sep 13 2010, 11:17 PM
|
Senior Member
2,811 posts Joined: Jan 2003 From: Selayang
|
Help my pc is detected by AVG free edition with the following
 QUOTE "C:\WINDOWS\system32\svchost.exe (3256):\memory_00fe0000";"Trojan horse Cryptic.AMH";"Object is inaccessible." "C:\WINDOWS\system32\svchost.exe (3256)";"Trojan horse Cryptic.AMH";"" "C:\WINDOWS\system32\services.exe (1040):\memory_00fe0000";"Trojan horse Cryptic.AMH";"Object is inaccessible." "C:\WINDOWS\system32\services.exe (1040):\memory_00950000";"Trojan horse Rootkit-Agent.EM";"Object is inaccessible." "C:\WINDOWS\system32\services.exe (1040)";"Trojan horse Rootkit-Agent.EM";"" "C:\WINDOWS\system32\drivers\cdrom.sys";"Trojan horse Rootkit-Agent.EU";"Object is white-listed (critical/system file that should not be removed)" "C:\WINDOWS\system32\dllcache\cdrom.sys";"Trojan horse Rootkit-Agent.EU";"Moved to Virus Vault" "C:\System Volume Information\_restore{45A9D499-1BFF-476E-B844-7497ABA126A5}\RP1232\A0099402.sys";"Trojan horse Rootkit-Agent.EU";"Moved to Virus Vault" "C:\Documents and Settings\kaihongt\Local Settings\Temp\NS53.tmp";"Trojan horse Cryptic.AMH";"Moved to Virus Vault" |
|
|
Sep 18 2010, 01:03 AM
|
Junior Member
58 posts Joined: Oct 2009
|
there are so many virus effecting my computer. where are actually there coming from? Really makes people in trouble!
|
|
|
Sep 18 2010, 01:04 AM
|
|
Junior Member
58 posts Joined: Oct 2009
|
QUOTE(toby.c13 @ May 6 2010, 09:54 PM) my avg detected an infection (hidden driver) in my system32 folder. so do mine. huh!after i do a system check and remove it, it will automatically appear back after rebooting. and the file name will always be different but with a .SYS ext. how? |
|
|
Sep 18 2010, 05:38 PM
|
Senior Member
1,602 posts Joined: Apr 2007 From: KL
|
my pc have a problem
it automatically call regedit.exe on startup I already disable it on msconfig but again after I shut it down the pc run regedit again on startup  |
|
|
Sep 20 2010, 03:50 PM
|
All Stars
19,324 posts Joined: Jan 2003  
|
QUOTE(akkihiko @ Sep 18 2010, 05:38 PM) my pc have a problem try scan ur pc wit antivirus first, so easier for u to figure out whether it is virus or other issues tat causing it.it automatically call regedit.exe on startup I already disable it on msconfig but again after I shut it down the pc run regedit again on startup |
|
|
Sep 22 2010, 09:56 PM
|
|
Junior Member
240 posts Joined: Jan 2003 From: Ampang
|
Even i use those remove tools delete the rest of virus,it does'nt working, feel irritating ! no choices just reformat,maybe wrong using ?
|
|
|
Sep 30 2010, 12:57 PM
|
|
Senior Member
2,096 posts Joined: May 2008
|
QUOTE(samirah2009 @ Sep 18 2010, 01:03 AM) there are so many virus effecting my computer. where are actually there coming from? Really makes people in trouble! Once you connected to the internet, you are already risk having your computer infected. Just install firewall for more secure protection. |
| Change to: |  0.0295sec
 1.63
 6 queries
 GZIP Disabled
Time is now: 24th December 2025 - 02:48 PM |
All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)
Powered by Invision Power Board © 2025 IPS, Inc.