Results 1 to 6 of 6

Thread: Cannot remove detected virus "globalroot\systemroot\system32"

  1. #1
    msalevy Guest

    Default Cannot remove detected virus "globalroot\systemroot\system32"

    Virus scans results report "Memory: was found in \\?\globalroot\systemroot|system32\msivxmxgoxmngea ldljecqmyktpsmdnxynqns.dll"
    Treatment is "delete on reboot. After reboot the scan runs with, obviously, the same result. System appears to be working, although I tried to run Spybot, and it would not open.

    I'm a bit of a novice, can anyone tell me what is going on.

    Thanks

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,288

    Default Re: Cannot remove detected virus "globalroot\systemroot\system32"

    Hi!firstremove spybot and then proceed to clean your system as indicated here:http://forum.zonelabs.org/zonelabs/b....id=3787#M3787Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    msalevy Guest

    Default Re: Cannot remove detected virus "globalroot\systemroot\system32"

    I ran the deep scan and found another unrelated piece of malware - Win32.backdoor.IRCbot.td.
    ZA seemed to be able to delete this post scan.
    The globalroot issue remains.I have tried using IE, Firefox and Chrome to acess the websites
    SAS and MBAM and
    could not get there to even begin a
    download for either one.


    Any other ideas??
    Thanks

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,288

    Default Re: Cannot remove detected virus "globalroot\systemroot\system32"

    You are still heavily infected.Use a boot CD... follow the next links, like DrWeb.Or get expert support.. last link in my previous message.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    msalevy Guest

    Default Re: Cannot remove detected virus "globalroot\systemroot\system32"

    Was able to download and run combofix.
    Had to rename the .exe file to get it to run.
    It detected "rootkit activity" and deleted 3 .dll files in the \windows\system32 directory.
    so far this seems to have fixed this issue.
    ZA virus scan runs clean as does deep clean spyware scan. I can acess the aformentioned sites
    Thanks

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,288

    Default Re: Cannot remove detected virus "globalroot\systemroot\system32"

    Good!then download, install and update before scanning MBAM and superantispyware.Perform a complete scanning... it will take sometime.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •