Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

NTOSKRNL-HOOK trojan


  • Please log in to reply
2 replies to this topic

#1 alisenior03

alisenior03

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:51 PM

Posted 16 June 2010 - 01:05 PM

Hello

My laptop which runs on windows vista has got a trojan virus embedded in it which cannot be removed. I have run mcafee antivirus scanner on it which says that there is a genericrootkit.d!rootkit under the name of NTOSKRNL-HOOK. The software says it has been removed but everytime I scan it is always there. It also appears within the first 25 objects scanned out of well over 100000. I have no other viruses present according to the scan so I think this trojan is causing the problems I have, when I click a link on google it redirects me to another site. My computer also tends to crash easily which I think seems related to connection of the internet which I can no longer do. As a result I am doing this on another computer to try and find some help. Can anyone help

Thanks

Alistair

BC AdBot (Login to Remove)

 


#2 endeavorniche

endeavorniche

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 16 June 2010 - 01:26 PM

Turn off system restore then scan and remove it. Then turn restore back on. Scan to make sure it's gone.

Edited by endeavorniche, 16 June 2010 - 01:34 PM.


#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:51 AM

Posted 16 June 2010 - 08:14 PM

Hello alisenior03,

Please DO NOT turn off system restore. If you already have, please turn it back on.

Disabling System Restore as the first step when attempting to clean a system or when scanning for malware is not advisable. Unfortunately, some anti-virus vendors still recommend doing this before attempting malware removal and many folks follow that advice. This is really not a good practice when dealing with infected computer systems. Turning System Restore off and then turning it back on has some risk associated with it since that feature does not always work as intended. Further, there is always a possibility of something going wrong during the malware removal process and you end up with more problems. If an incident renders your system problematic or unbootable, you can use System Restore to return it to a previous working state. Without a restore point to fall back on, you are left with a limited means of restoring your system to a usable condition. Disabling this feature could mean having to perform a repair install (or reformat in worst case scenarios) if you're unable to fix any problems which System Restore may be able to correct. Although System Restore is not always 100% guaranteed to work all the time, it at least gives you another option before resorting to more drastic measures.

"System Restore and malware removal - what is best practice?"
"Should I purge all my restore point BEFORE removing infection?"

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to try to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users