Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: A puzzling virus

  1. #11
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    He's probably referring to an A/V software that just comes with it such as Norton or McAfee (correct?). If not, then I dunno what he means by a pre-installed A/V system that comes with SP2.
    Space For Rent.. =]

  2. #12
    Senior Member
    Join Date
    Oct 2003
    Posts
    394
    I got same problem few times and here is soultions:

    1) I am agry with Ghost_25inf
    2) Run repair/install of you xp agane
    here is some info about how to do it
    http://www.webtree.ca/windowsxp/repair_xp.htm
    http://www.michaelstevenstech.com/XPrepairinstall.htm
    // too far away outside of limit

  3. #13
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Points to note: AVG.. (also NAV, and CA-VET) won't delete Malware that is inside archives or executable archives..

    This is a common theme with people complaining that X AV couldn't remove the virus or cant or what ever.. The people aren't able to, don't want or don't know how to read the antivirus logs to find out what is happening..
    The detection logs tell you reams about the infection.. and in this fellows situation.. the virus was probably inside file an archive.. and therefore could not be removed..

    Most people when they see the Virus found message start to panic, and when the the AV prog gives the .. "Virus can't be removed" message that trips them completly..
    Had a friend who found an "Update"for a game he was playing, and enjoyed his gameing so much, that when the AV could Not CLEAN the Virus from the Patch, tried i3 other AV programs, until he got one the said it cleaned it.. ** cough *** well the patch was a keylogger, the anti virus prog was just a load of spyware.. I don't know which was harder to remove.. the Trojan or the family of spyware..

    The warning that our friend encountered could have been one of several parts of the SP2 actions.. one of the components is suppposed to identify attempts for virus like programs to run, not to mention the firewall blocking suspect outbound.. .. so i appologise for questioning that statement earlier..
    So yes there is a AntiVirus Thingy in SP2.. not my idea of an antivirus prog.. and likly that it warned too late.. we probably will never know..

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  4. #14
    Senior Member
    Join Date
    Jan 2004
    Location
    Hawaii
    Posts
    350

    Post Sophos Virus Definition

    When Windows XP just "logs off" it usually has something to do with the registry...often activation, though that doesn't seem to be the case here.
    Troj/Krepper-G is Trojan which changes browser settings, downloads and installs/runs new software and modifies the HOSTS file to redirect internet searches.
    The Trojan copies itself to the Windows\inetdata folder as services.exe and creates the following registry entries so as to auto-start on user logon or system start.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\xp_system = c:\windows\inetndata\services.exe

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\xp_system = c:\windows\inetndata\services.exe

    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\run = "C:\\WINDOWS\\inetdata\\services.exe"

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\(5321E378-FFAD-4999-8C62-03CA8155F0B3)

    HKCU\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions = "yes"
    that's from: http://www.sophos.com/virusinfo/anal...jkrepperg.html
    Geek isn't just a four-letter word; it's a six-figure income.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •