Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan agent/Gen-reader_s attacked my computer


  • Please log in to reply
5 replies to this topic

#1 neverbeenkissed

neverbeenkissed

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 22 February 2009 - 08:54 PM

Hello HJT Team,

Hopefully, this is the correct place to post. I've read through all the threads, but I am a novice, and this stuff is hard. Can anyone help. I have downloaded all the software. I made it through the superantispyware part, opened in safe mode, but now not sure how to continue. I am scared to run ComboFix without help. Please help me. God bless you.

NBK

PS. I downloaded dss.scr but it doesn't run. I have HJT that I can use...if that is helpful.

UPDATE!! I've managed to get the dds.scr to run and to produce the attach.txt file and the dds.txt file. Please let me know if anyone wants to see this posted. Only downloaded CF....still have not used.

Edited by neverbeenkissed, 23 February 2009 - 02:34 PM.


BC AdBot (Login to Remove)

 


#2 neverbeenkissed

neverbeenkissed
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 23 February 2009 - 08:02 AM

Hello,

I think I followed the rules of this forum, but no one has replied yet. What now?

NBK

#3 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:09:01 PM

Posted 23 February 2009 - 08:27 AM

Please remember that many HJT logs are posted each day--often far more than the number of volunteers able at the time to review them; logs are generally taken on a first-posted, first reviewed order, and there may be other Members ahead of you in the queue. Every effort will be made to process your log as quickly as possible.
Regards,
John
Whereof one cannot speak, thereof one should be silent.

#4 neverbeenkissed

neverbeenkissed
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 23 February 2009 - 10:43 AM

Dear forum helpers,

This is an update to my first post. Since getting infected I have done as much as I can to learn and help myself here. I have found out that I have a backdoor generator (MBAM says "Rootkit.Agent") that has the HKLM: ...system\currentcontrolset\services\restore.

I tried to run the dds. scr but for some reason windows asks me to choose a program to open with. It doesn't run, needless to say. Sorry I can't put the psuedo HJT in the post, because I don't have one.

I do have the HJT and ComboFix installed, but haven't use them to fix anything yet.

You guys are lifesavers to people like me. God bless!

NBK

#5 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:10:01 PM

Posted 23 February 2009 - 10:49 AM

Move to more appropriate forum from HJT.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#6 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:04:01 AM

Posted 24 February 2009 - 11:42 AM

Hello NBK,

Hi,

I'm afraid I have bad news for you :thumbsup:

I see you're dealing with Virut, possibly on top of somee other nasty malware. In that case, it's unfortunately a lost cause - Game over situation and a format and reinstall is the fastest and especially the safest solution.

You may want to read this why:
Virut and other File infectors - Throwing in the Towel?

So, I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc.. Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...
This because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.


Read here for instructions how to format and reinstall Windows: http://web.mit.edu/ist/products/winxp/adva...all-format.html

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users