Virus/worm ID

  • Thread starter Thread starter RKH
  • Start date Start date
R

RKH

I'm running XP and have acquired some sort of malicious program with the
following symptoms:

-disabled my system restore points
-won't allow me to do a disk check on the hard drive
-won't allow me to open malwarebytes to run a scan

I checked for conficker on the test page, but was able to view all the
pictures, which is an indication that conficker is not present.

Anyone have any ideas what this is and how to remove it? Any help is
appreciated.
 
From: "RKH" <[email protected]>

| I'm running XP and have acquired some sort of malicious program with the
| following symptoms:

| -disabled my system restore points
| -won't allow me to do a disk check on the hard drive
| -won't allow me to open malwarebytes to run a scan

| I checked for conficker on the test page, but was able to view all the
| pictures, which is an indication that conficker is not present.

| Anyone have any ideas what this is and how to remove it? Any help is
| appreciated.



Download Gmer
http://www.gmer.net/

Close ALL programs and scan your system.
 
You sir, are a steely-eyed missile man. That worked beautifully. Thank you
very kindly. I'm grateful for helpful folks such as yourself who take the
time to help out those of us who are less informed about such things, and
who help stem the tide against the jag-offs who expend the enegy creating
such programs just to screw people. Thanks again.
 
From: "RKH" <[email protected]>

| You sir, are a steely-eyed missile man. That worked beautifully. Thank you
| very kindly. I'm grateful for helpful folks such as yourself who take the
| time to help out those of us who are less informed about such things, and
| who help stem the tide against the jag-offs who expend the enegy creating
| such programs just to screw people. Thanks again.


You are most welcome.

Do you have a copy of the Gmer log file where you can post and excerpt of what Gmer found
?
 
From: "RKH" <[email protected]>

| Yes, I've attached it here. It's pretty much Greek to me, but I was able to
| discern enough from the website to know what to delete. Thanks again, I'm
| seeing no residual effects so far.


Yep, what I thought. A TDSserv variant. In this case a UAC TDSserv.
 
Back
Top