General discussion

Locked

Virus recovery

By dwmarsh ·
I got hit by a virus. I'm not even sure what it was but somehow, it got by the virus software and the firewall. I believe that I have got most, if not all, of the problems fixed except for two. First, the virus has disabled my firewall. Whenever I try to reset it through administrator setting, it turns it off again on about 30 seconds. A not in my security centre sayd that some of the functions are veing controoled by "group policy". I am running Windows XP home. How do I go about fixing this?

Secondly, when I boot up, it tell me that "kernals64" is missing from the system32 folder.

Can someone help me fix these problems? Thanks.

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by mjd420nova In reply to Virus recovery

Tup sounds like a virus for sure. it does n't match with the loaded kernal. FDISK and veiw the hard drive partitions. Try cold boot and hit DEL after the first beep. Change boot
sequence to boot from CD. Load CD of whatever OS
you use and attempt a recover.

Collapse -

by ctrservices In reply to Virus recovery

Kernals64 was inserted into your system by a trojan. Download and run "HijackThis" and delete any Registry entry in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run which has "kernal64" in it.

Collapse -

by HAL 9000 Moderator In reply to Virus recovery

After you have installed and updated Hijack This remember to run your first scan in Safe Mode or you'll never get rid of the entire infection.

If that doesn't cure the firewall problem the most likely thing there is that the actual virus/Trojan/worm has directly attacked your firewall and it might need to be removed and reinstalled once the unit is completely clean. Most of these type of infections disable the firewall and AV software well the more common ones anyway and that is how they manage to spread about unchecked.

Col

Collapse -

by NZ_Justice In reply to Virus recovery

Hijackthis. dam ever one jumped on the hijackthis bandwaggon. I hope you guys are donnating to this guy who seems now to be the solution to all the problems.

Collapse -

by NZ_Justice In reply to

http://housecall.trendmicro.com/

do the complete scan.

http://www.pandasoftware.com/products/activescan.htm

also do the complete scan

also download spy dot seach and destroy, but not the latest one try 1.3 after dowmloaded download the updates then scan the system, try to avoid downloading updates from "cure eropuesite"

And of corse as all the above people seem to have discoverd use hijack this. NOTE hijackthis does not discrimnate between good and bad registry enterys.

Back to Desktop Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums