Results 1 to 4 of 4

Thread: Possible virus

  1. #1
    desireek Guest

    Default Possible virus

    It seems my computer is infected by DcomRpc!exploit. Has anyone ideas how to remove this virus? I have ZoneAlarm Internet Security Suit, which seems not be able to deal with this. I think ZAL may be infected too, since it does not do any logging anymore, so I do not know what intrusions there may have been. I cannot upgrade to the latest version of ZAL Internet Sec. Suit either. PLEASE HELP!!!!!

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite
    Software Version:6.0

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Possible virus

    Hi!try to perform a full Antivirus/Antispyware scan but in SAFE MODE.1. Disable system restore;2. Reboot in SAFE MODE3. Manual run ZASS (ZA firewall will be OFF but Antivirus/Antispyware will be functional)3. Run a full ZA AV/AS scan4. Reboot in Normal Mode5. Ensable System restoreHow to start in SAFE MODE: http://www.microsoft.com/resources/d..._failsafe.mspxHow to disable windows SYSTEM RESTORE:http://support.microsoft.com/kb/310405Try to scan your system (always in SAFE MODE) with Drweb it cure it (its free):www.freedrweb.com If the above fails you may want to try Ewido online scan at: http://www.ewido.net/en/onlinescan/and also download, update and scan with superantispyware FREE:http://www.superantispyware.com/download.htmlif ALL the above fails please post your Hijackthis log here:http://www.castlecops.com/f67-Hijack...ans_Oh_My.htmlPlease read mandatory steps before posting:http://www.castlecops.com/t102301-Hi...e_Posting.htmlOnce cleaned try to install ZASS version 7.Remove version 6 following this instruction:http://www2.nohold.net/noHoldCust542...n_install.htmlRun a registry/system cleaner. ccleaner is quite good utility (http://www.ccleaner.com/download/downloadpage.aspx?f=3) Re-download the installer from here (and do NOT use any download managers):http://www.zonelabs.com/zasuitedownload/ Install with default settings, do not alter them....Once rebooted manual update the antivirus/antispyware signature ('update now' under the antivirus/antispyware tab)After the update perform a full antivirus/antispyware scan.Hope this helps,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    desireek Guest

    Default Re: Possible virus

    Fax, thank you very much. The exploit was found in a dmp-file so I was able to delete it succesfully.Again, many, many thanks.DesireeK

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Possible virus

    You're welcome...Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •