Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ntkrnl


  • This topic is locked This topic is locked
6 replies to this topic

#1 leran

leran

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:39 AM

Posted 08 August 2007 - 07:12 AM

Hello, i am having a problem with a virus or spyware, can't rly say what it is. Anyway i know that it's called Ntkrnl, i have no clue what it dose. but it seems that it sends it self to my friends tru hotmail. And i feel like everything i run is slower, can anyone help me remove this?
Games:Games:Games|and ofc MORE games.

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:39 AM

Posted 08 August 2007 - 07:35 AM

This is probably the worm you have.
http://www.sophos.com/security/analyses/w32cerviveca.html

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
--------------------------------------------------------------------------------
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 leran

leran
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:39 AM

Posted 08 August 2007 - 07:48 AM

I will try this out, thank you for replying so fast :thumbsup:, however when i log on my Computer(user) it comes up Ntkrnl security suit, i have never seen it before. I just got it from a friend that send me it from hotmail. it seems that he diden't send it, it was send by it self. Now it was stupid of me to open the file, even when i felt it coming.
Games:Games:Games|and ofc MORE games.

#4 buddy215

buddy215

  • Moderator
  • 13,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:39 AM

Posted 08 August 2007 - 08:17 AM

More info on your problem. Be sure to post the Hijack This log.

http://vil.nai.com/vil/content/v_141307.htm
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 leran

leran
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:39 AM

Posted 08 August 2007 - 09:06 AM

Hello, i have done as you said, but still i have the ntkrnl, it seems that it diden't remove it. :thumbsup:
Games:Games:Games|and ofc MORE games.

#6 leran

leran
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:39 AM

Posted 08 August 2007 - 10:02 AM

Here are some pic of the ntkrnl virus, hope this will help solving my problem.

http://img259.imageshack.us/img259/6957/virus2ll2.png

http://img341.imageshack.us/img341/7831/virusgg0.png

Edited by leran, 08 August 2007 - 10:04 AM.

Games:Games:Games|and ofc MORE games.

#7 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:39 PM

Posted 08 August 2007 - 10:14 AM

leran,

I moved your HijackThis log to the appropriate forum.
Here is the link:
leran's HJT log

NOTE:
Please, DO NOT make another post in the HijackThis Logs and Analysis forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might think someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.

Also, don't make any changes to your system, as that could change the results of the posted log, making it more difficult to properly clean your system.

Since you now have a HJT log posted, I'm going to close this topic.

At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

If, after your log has been cleaned, you still need help, please PM a Moderator and we will re-open this topic.
If you have any questions, don't hesitate to send me a PM.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users