Tech Support Forum banner
Cancel

Virus Help

2111 Views 1 Reply 2 Participants Last post by  TheBruce1
T
Okay Im New To This And Need Some Help.
I Started My Computer Up Tonight And I Got A Alert From Nod 32 Saying That A Virus has Been Detected It Said The Threat Was:
A Variable From Win/Injection.HP Trojan
Just Now i Tried To Open Nod 32 And It says: Submission Of Suspicious Files:
Win32/Genetik trojan
File c:\snfq.exe is infected with probably a variant of Win32/Genetik trojan. The file can be deleted. It is strongly recommended that you back up any crucial data before you proceed.
:S
Help Me Please

Here Are All The Logged Things:
Time Module Object Name Threat Action User Information
4/30/2009 21:46:29 PM Kernel file c:\lsass.exe probably a variant of Win32/Genetik trojan
4/30/2009 21:46:28 PM Kernel file C:\DOCUME~1\LIAMVI~1\LOCALS~1\Temp\434790072.exe probably a variant of Win32/TrojanDownloader.Small.CYF trojan
4/30/2009 21:46:27 PM Kernel file C:\snfq.exe probably a variant of Win32/Genetik trojan
4/30/2009 21:46:24 PM Kernel file c:\snfq.exe probably a variant of Win32/Genetik trojan
4/30/2009 21:30:28 PM IMON file http://67.202.68.90/maqf32.exe probably a variant of Win32/Genetik trojan NT AUTHORITY\SYSTEM
4/30/2009 21:19:22 PM AMON file C:\DOCUME~1\LIAMVI~1\LOCALS~1\Temp\BITF3.tmp a variant of Win32/Injector.HP trojan quarantined - deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe. The file was moved to quarantine. You may close this window.
4/30/2009 21:18:05 PM IMON file http://xuri.info/codec/files/codeclc.exe a variant of Win32/Injector.HP trojan NT AUTHORITY\SYSTEM
4/30/2009 19:17:43 PM AMON file C:\DOCUME~1\LIAMVI~1\LOCALS~1\Temp\BIT19C.tmp a variant of Win32/Injector.LK trojan quarantined - deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe. The file was moved to quarantine. You may close this window.
4/30/2009 19:16:30 PM IMON file http://xuri.info/codec/files/Codec_v.1015.0.exe a variant of Win32/Injector.LK trojan NT AUTHORITY\SYSTEM
4/30/2009 18:42:10 PM AMON file C:\DOCUME~1\LIAMVI~1\LOCALS~1\Temp\BIT175.tmp a variant of Win32/Injector.HP trojan quarantined - deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe. The file was moved to quarantine. You may close this window.
4/30/2009 18:41:48 PM IMON file http://xuri.info/codec/files/codecic.exe a variant of Win32/Injector.HP trojan NT AUTHORITY\SYSTEM
4/30/2009 18:39:03 PM AMON file C:\DOCUME~1\LIAMVI~1\LOCALS~1\Temp\BIT16E.tmp a variant of Win32/Injector.HP trojan quarantined - deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe. The file was moved to quarantine. You may close this window.
4/30/2009 18:38:35 PM IMON file http://xuri.info/codec/files/codeclc.exe a variant of Win32/Injector.HP trojan NT AUTHORITY\SYSTEM
4/26/2009 15:43:08 PM IMON file http://www.oxid.it/downloads/cain20.exe probably a variant of Win32/TrojanDropper.Agent trojan VITTY2006\liam vitty


So Thanks.
Save
Like
Status
Not open for further replies.
1 - 2 of 2 Posts
T
Hello and welcome to TSF

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Having problems with spyware and pop-ups? First Steps
Click to expand...
link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50...-posting-for-malware-removal-help-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please start a new thread in our Virus/Trojan/Spyware forum along with the required logs

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.
See less See more
Save
Like
1 - 2 of 2 Posts
Status
Not open for further replies.
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top