Solve : Mountain of problems?

1.	Solve : Mountain of problems?
Answer» Sorry gunbrown but with Virut it is a no win battle. There are a few lines in a HJT log that I LOOK for that point to Virut. Unfortunately your log has not one but multiple which means that the infection has gotten very well rooted into the entire system. Here are a few. Quote O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Katt\reader_s.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'Default user') Your thread title "Mountain of PROBLEMS" is more accurate than you might have realized... Dr Web CureIt is your best bet. Run that now. Then again tomorrow. Quote from: BC_Programmer on April 02, 2009, 01:24:29 PM I'm speshul? aww shucks. Also let's recognize macDad for being the first person to give the proper link; NONE of this "oh and do <this>" and "don't forget to <this>". It's just going in circles. Yea macDad is one of our members who "get's it." BC I'm sure you could/can read these logs just as well or better than I do. I'm just waiting for you to pick up a thread and follow it through to the end There is also this. O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) You need to uninstall anything that says NORTON, Symantec or Live Update. Two antivirus will only cause you problems. Run this tool to ensure all of Norton is gone. Norton Removal Tool (SymNRT)Quote from: BC_Programmer on April 02, 2009, 01:24:29 PM I'm speshul? aww shucks. Also let's recognize macDad for being the first person to give the proper link; none of this "oh and do <this>" and "don't forget to <this>". It's just going in circles. Thanks BC and Evil, just wanted to direct them to the right place. My knowledge of viruses, malware is pretty vague...but to get them on track is at least something that i can help with. I'm speshul? aww shucks. Yes, You Are and You Know it, Evil's a heck of a Guy too....................Well i'm not an expert or anything but i think i may have gotten rid of the virut but there are still on or two other trojans that keep popping up each time upon boot up. i say this because neither avg or any of the virut removers detect ANYMORE virut infected files and they usually do. But as i had anticipated the system files are messed up and stuff so some programs won't work. i think i might be able to work them out individually but now that i have most of the control of the pc i'll just backup the files and reformat, only problem now is that my girlfriend lost the hp cd . Anyways thank you very much for your time and help. I'm only in here once every two years or so but i love what you guys do. maybe one day i'll grow up to be like you. Quote from: gunbrown on April 03, 2009, 11:01:21 AM thank you very much for your time and help. I'm only in here once every two years or so but i love what you guys do. maybe one day i'll grow up to be like you. Grow-up is what everybody I meet tells me to do. Well I Hope You never Do it's the Worst thingthat can happen You know That shouldnt need to be a requriement unless you want to take care of all of it yourself. I would try spybot and see if that wouldnt help, since its built to do this stuff.Virut prevents any App from running.Quote from: squall_01 on April 04, 2009, 05:36:57 PM That shouldnt need to be a requriement unless you want to take care of all of it yourself. I would try spybot and see if that wouldnt help, since its built to do this stuff. I'm not sure what u're talking about squall_01. Whats does spybot do?same as SuperAntiSpyware....its another Anti-Spyware ProgI see just a thought in case it gets rid of a lot of my junk....Not trying to put you down, just saying that its an Anti-Spyware Program.I understand no hard feelings or anything of that for that matter.

Answer»

Sorry gunbrown but with Virut it is a no win battle. There are a few lines in a HJT log that I LOOK for that point to Virut. Unfortunately your log has not one but multiple which means that the infection has gotten very well rooted into the entire system.

Here are a few.

Quote

O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Katt\reader_s.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe (User 'Default user')

Your thread title "Mountain of PROBLEMS" is more accurate than you might have realized...

Dr Web CureIt is your best bet. Run that now. Then again tomorrow.

Quote from: BC_Programmer on April 02, 2009, 01:24:29 PM

I'm speshul?

aww shucks.

Also let's recognize macDad for being the first person to give the proper link; NONE of this "oh and do <this>" and "don't forget to <this>". It's just going in circles.

Yea macDad is one of our members who "get's it."

BC I'm sure you could/can read these logs just as well or better than I do. I'm just waiting for you to pick up a thread and follow it through to the end There is also this.

O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

You need to uninstall anything that says NORTON, Symantec or Live Update. Two antivirus will only cause you problems.

Run this tool to ensure all of Norton is gone. Norton Removal Tool (SymNRT)Quote from: BC_Programmer on April 02, 2009, 01:24:29 PM

I'm speshul?

aww shucks.

Also let's recognize macDad for being the first person to give the proper link; none of this "oh and do <this>" and "don't forget to <this>". It's just going in circles.

Thanks BC and Evil, just wanted to direct them to the right place.

My knowledge of viruses, malware is pretty vague...but to get them on track is at least something that i can help with. I'm speshul?

aww shucks.

Yes, You Are and You Know it,
Evil's a heck of a Guy too....................Well i'm not an expert or anything but i think i may have gotten rid of the virut but there are still on or two other trojans that keep popping up each time upon boot up. i say this because neither avg or any of the virut removers detect ANYMORE virut infected files and they usually do. But as i had anticipated the system files are messed up and stuff so some programs won't work. i think i might be able to work them out individually but now that i have most of the control of the pc i'll just backup the files and reformat, only problem now is that my girlfriend lost the hp cd .

Anyways thank you very much for your time and help. I'm only in here once every two years or so but i love what you guys do. maybe one day i'll grow up to be like you. Quote from: gunbrown on April 03, 2009, 11:01:21 AM

thank you very much for your time and help. I'm only in here once every two years or so but i love what you guys do. maybe one day i'll grow up to be like you.

Grow-up is what everybody I meet tells me to do. Well I Hope You never Do it's the Worst thingthat can happen You know That shouldnt need to be a requriement unless you want to take care of all of it yourself. I would try spybot and see if that wouldnt help, since its built to do this stuff.Virut prevents any App from running.Quote from: squall_01 on April 04, 2009, 05:36:57 PM

That shouldnt need to be a requriement unless you want to take care of all of it yourself. I would try spybot and see if that wouldnt help, since its built to do this stuff.

I'm not sure what u're talking about squall_01. Whats does spybot do?same as SuperAntiSpyware....its another Anti-Spyware ProgI see just a thought in case it gets rid of a lot of my junk....Not trying to put you down, just saying that its an Anti-Spyware Program.I understand no hard feelings or anything of that for that matter.

Solve : Mountain of problems?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment