Virus - testmy.net resource / tool
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Home
Download Test
Test Your Download Speed
Test Download AND Upload
Upload Test
Test Your Upload Speed
Test Upload AND Download
Community Forum
Community Forum Home
» Log-In
» Register
Internal Search
Google Powered Search
Computer & Net Guides
ISP Discussion
Forum Sitemap
Member List
Forum Stats
Forum Help and Info
Calendar & Birthdays
Database Stats
Host Stats
Member Stats
Share Score
Misc Tools
Conversion Calc.
Speed Chart
Conversion Table
Create a Test
Share Score
Automatic Test
Forum Archive
RSS and Blog Feeds
Score Database
trace/ping/whois/DNS
Wallpapers
Tweak Guide
!! Forum Search !!
!! Google Search !!
TMN Detailed Sitemap
News
News Home
Join
Theme
See Theme List
America the Beautiful
Blacken
Dark Blood Red
Blue
Blue Black Box
Blue Gray
Brown
Christmas
Dark Blue
ekaf
GL Series (default)
Gray Shades
Original Feel
Green
Greenhouse
Greenhouse Gray
Halloween Theme
Orange
Purple Darkness
Red/pink
Red 'n Black
TurkeyDay!
» Neuron (Default)
Neuron Black
Rise (New!)
Click to read why...
News
: Have you seen the guides section? It's an always growing section with tons of cool guides for subjects you might not even know about, check it out... it's a good read
December 01, 2008, 10:27:42 PM
testmy.net Broadband
|
Main Forum
|
PC Security
|
Antivirus & Firewalls
| Topic:
Virus
Recommended Tests
Test PC
Performance:
Click here to run a free Performance Scan
Test PC
Stability:
Click here to run a free Registry Scan
Note: The links above are sponsored links
0 Members and 1 Guest are viewing this topic.
« previous
next »
Topic Tools
Search this topic
Pages
1
Author
Topic: Virus (Read 3496 times)
†¤ CoW ¤†
Sr. Member
Offline
Posts: 179
Cow! ^^
Virus
«
on:
January 20, 2007, 07:20:55 PM »
Ok... this is odd...
Whenever I open an IE browser window, Norton realtime scanner detects a "Downloader" under the filename spmrgaat.exe in the C:/WINDOWS/system32 folder. Each time, it just automatically quarantines it. I have to manually delete it from the quarantine. I've tried using Kaspersky to find the source of this, but it says my computer is clean...
Can anyone help me? Thanks.
Logged
God, why did you make me retarded?
mudmanc4
Global Moderator
TMN Sr. Veteran
Offline
Gender:
Posts: 4507
✠
Re: Virus
«
Reply #1 on:
January 20, 2007, 07:31:21 PM »
Try booting in safe mode and deleting, if that doesnt work , un-install all browsers and re-install, this virus has a hidden re-installer
Also associated w/ xpupdate.exe
Logged
Yea, it's a Mac
In confusion there is profit
dlewis23
Global Moderator
TMN Seasoned Veteran
Online
Gender:
Posts: 9769
HEY! ill put it down when im good and ready.
Re: Virus
«
Reply #2 on:
January 20, 2007, 07:40:48 PM »
so a virus scan in safemode.
Logged
Voltageman
Sophist Member
TMN Friend
Offline
Gender:
Posts: 791
Re: Virus
«
Reply #3 on:
January 20, 2007, 08:02:46 PM »
Yup, what they said..
you can use this tool to manually delete it as well...
Select delete on reboot, and it will rid it from your system.
Kill_Box.zip
(87.41 KB - downloaded 83 times.)
Logged
"Loyalty to the country always. Loyalty to the government when it deserves it.."
--Mark Twain
mudmanc4
Global Moderator
TMN Sr. Veteran
Offline
Gender:
Posts: 4507
✠
Re: Virus
«
Reply #4 on:
January 20, 2007, 08:46:37 PM »
Quote from: Voltageman on January 20, 2007, 08:02:46 PM
Yup, what they said..
you can use this tool to manually delete it as well...
Select delete on reboot, and it will rid it from your system.
Just curious, is this prog, virus specific?
Logged
Yea, it's a Mac
In confusion there is profit
jags4560
Jr. Member
Offline
Gender:
Posts: 39
Re: Virus
«
Reply #5 on:
January 21, 2007, 02:36:04 AM »
Nope. It can be used to delete any in-use file.
Logged
I'm not anti-social, I'm just not real friendly
†¤ CoW ¤†
Sr. Member
Offline
Posts: 179
Cow! ^^
Re: Virus
«
Reply #6 on:
February 23, 2007, 12:00:22 AM »
Hmm... Killbox didn't work >.< It's still there...
However, with the Norton Spyware Scan that comes with Yahoo! Toolbar, I detected something called "Trojan.Ghost" in 2 files, in the same folder of my registry. I've tried removing it through the spyware scanner, but it just keeps on coming back... I'm thinking that they're both the same thing, and that one might be causing the other.
Also, the location of this registry entry doesn't seem to exist, or maybe I just can't find it when I try to look for it through the registry editor...
What should I do?
Logged
God, why did you make me retarded?
tommie gorman
Sophist Member
TMN Seasoned Veteran
Online
Gender:
Posts: 10207
"OLD GLORY"
Re: Virus
«
Reply #7 on:
February 23, 2007, 12:15:51 AM »
Quote from: †¤ CoW ¤† on February 23, 2007, 12:00:22 AM
Hmm... Killbox didn't work >.< It's still there...
However, with the Norton Spyware Scan that comes with Yahoo! Toolbar, I detected something called "Trojan.Ghost" in 2 files, in the same folder of my registry. I've tried removing it through the spyware scanner, but it just keeps on coming back... I'm thinking that they're both the same thing, and that one might be causing the other.
Also, the location of this registry entry doesn't seem to exist, or maybe I just can't find it when I try to look for it through the registry editor...
What should I do?
Did you scan in safe mode?
Logged
IF YOU DON'T STAND BEHIND OUR TROOPS, PLEASE, FEEL FREE TO STAND IN FRONT OF THEM !!!
"an old country hick from america"
Sprint EVDO Rev. A * AMD 64 3500+ 2.2 GHz cpu Ram 2GB/XP Home * TCP Optimizer
†¤ CoW ¤†
Sr. Member
Offline
Posts: 179
Cow! ^^
Re: Virus
«
Reply #8 on:
March 12, 2007, 09:24:03 PM »
I tried scanning in safe mode. However, the results are the same. It doesnt detect a threat on my system.
Logged
God, why did you make me retarded?
kamil234
News Anchor
Expert
Offline
Gender:
Posts: 1043
Re: Virus
«
Reply #9 on:
March 12, 2007, 09:30:20 PM »
try safe mode with networking, than use a online scanner which uses multiple AV's, it should tell you where the source is.
plus, when youre in safe mode the file shouldnt be in memory so you can delete it by hand
Logged
SOCOM 3 CLAN ^^
DJ VaGGo
Trance <~> Energy
Global Moderator
TMN Veteran
Offline
Gender:
Posts: 2202
Earthlink 10000/512
Re: Virus
«
Reply #10 on:
March 12, 2007, 09:30:24 PM »
Go back to safe mode...but instead of scanning..do a search for files and folders and search for all the names that are used by the virus
Logged
My CPU:
http://valid.x86-secret.com/show_oc?id=192303
kamil234
News Anchor
Expert
Offline
Gender:
Posts: 1043
Re: Virus
«
Reply #11 on:
March 12, 2007, 09:32:16 PM »
Quote from: DjVaGGo on March 12, 2007, 09:30:24 PM
Go back to safe mode...but instead of scanning..do a search for files and folders and search for all the names that are used by the virus
that's waht i do if file can't found by AV's.
make sure you tick the "hidden files" box also.
Logged
SOCOM 3 CLAN ^^
DJ VaGGo
Trance <~> Energy
Global Moderator
TMN Veteran
Offline
Gender:
Posts: 2202
Earthlink 10000/512
Re: Virus
«
Reply #12 on:
March 12, 2007, 09:34:44 PM »
Quote from: kamil234 on March 12, 2007, 09:32:16 PM
that's waht i do if file can't found by AV's.
make sure you tick the "hidden files" box also.
Yup
Logged
My CPU:
http://valid.x86-secret.com/show_oc?id=192303
†¤ CoW ¤†
Sr. Member
Offline
Posts: 179
Cow! ^^
Re: Virus
«
Reply #13 on:
March 24, 2007, 09:27:29 PM »
Nevermind, got it fixed with windows update malicious software detection tool >.<
Apparently it was something called "Trojan.Alureon.A" >.< It's gone now..
Thanks for all of your help, everyone. =)
Logged
God, why did you make me retarded?
Pages
1
testmy.net Broadband
|
Main Forum
|
PC Security
|
Antivirus & Firewalls
| Topic:
Virus
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Main Forum
-----------------------------
=> General Discussion
=> New Members
=> PC Security
===> Antivirus & Firewalls
===> Spyware & Malware
===> Viruses & Scams
===> Security Threats
=> Show off your scores!
=> Make it Faster...
=> HELP!
===> HELP! With Other Stuff
===> HELP! With Tests
===> HELP! With Forum
===> Programming and Website Help
=====> HTML
=====> PHP
=====> PERL
=====> Server Help
===> Networking and Hardware
===> Overclocking
===> Linux Help
=> News
===> testmy.net News and Updates
=> Online Gaming Discussion
===> Requests
===> America's Army
===> Battlefield
===> Call Of Duty 4
===> Counter-Strike 1.6
===> Counter-Strike : Source
===> Day of Defeat : Source
===> Diablo
===> F.E.A.R
===> Ghost Recon
===> Halo 2
===> Lineage 2
===> Quake
===> Rainbow Six 3
===> World of Warcraft
===> Tribes 2
===> Unreal Tournament
=> Graphics, Sigs and Pictures
===> Test Board
=> Guides
=> Got any ideas to make testmy.net better?
=> Off Topic Discussion
===> Politics & More
-----------------------------
Provider Discussion and Reviews
-----------------------------
=> Add a Provider
=> All Dial-up
=> North American Providers (Including Canada)
===> Canadian Providers
=====> teksavvy.com Canada
=====> xplornet.com Canada
=====> Persona Internet
=====> Rogers Communications
=====> Shaw Communications
=====> Sympatico (Bell Canada)
===> Adelphia Communications
===> ALLTEL Communications
===> AOL
===> AT&T
=====> SBC Global
=====> BellSouth
===> Cable One
===> Cavalier Telephone cavtel.net
===> cebridge.net
===> CenturyTel
===> Charter Communications
===> Clearwire
===> Comcast Cable Communications
===> Country Cablevision
===> Covad communications
===> Cox Communications
===> DMAX Puerto Rico
===> EarthLink
===> EMBARQ
===> Frontier Online
===> HughesNet (DIRECWAY)
=====> DW4000 Information
=====> DW6000 Information
=====> DW7000 Information
===> Insight Broadband
===> Mediacom Communications
===> Midcontinent Communications
===> mycingular.net
===> Namesco/NDO (ndo.com)
===> onelinkpr.net Puerto Rico
===> Optimum Online
===> Qwest Communications
===> RCN
===> RoadRunner (Time Warner Cable)
===> seidata.com
===> sigecom.net
===> SkyWay USA
===> Speakeasy
===> Sprint Nextel Corporation
===> Starband
===> Suddenlink
===> SureWest Communications
=====> SureWest Communications FIOS
===> SusCom - Susquehanna Communications
===> TDS - Telephone and Data Systems, Inc
===> Transedge.com
===> Verizon Online
===> Verizon Online FIOS
===> Wave Broadband
===> Wide Open West
===> Wildblue Communications, Inc
=> World Providers (Non-North American)
===> African Providers
===> Asian and Middle Eastern Providers
=====> Asian Providers
=====> Centennial
=====> Digitel
=====> PLDT myDSL
=====> Sify Broadband
=====> Streamyx
=====> Smart Bro (Wi-fi)
===> Australian Providers
=====> Digiplus
=====> Optusnet
=====> Telstra Bigpond
===> UK and European Providers
=====> Bredbandsbolaget
=======> Bredbandsbolaget Fiber
=======> Bredbandsbolaget ADSL, VDSL
=====> Virgin.net (old NTL)
=====> Tiscali
===> Central/South American Providers
-----------------------------
Miscellaneous
-----------------------------
=> Archives
===> Announcements
=> Public Polls
===> Not on index
Print
Advanced search
Loading...
testmy.net's forum is proudly
Powered by SMF
|
SMF © 2006-2007, Simple Machines LLC
© 1999-2008 testmy.net -
Contact
-
Legal
-
Facts & FAQs
Page Loading Stats: This forum Page created in 0.122 seconds with 52 queries.
Author
Print
Advanced search
