Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unable to eliminate Virus

Status
Not open for further replies.
smile11

smile11

Vendor
May 25, 2003
24
CA
I did a full scan on my system and it showed one file as being infected.
Here are the details:

Item: ntservice.exe
Virus Name: Hacktool

The repair wizard came up and it was unable to repair this file. So, I tried to quarantine it and that failed. then, I tried to delete it and I got a message stating that "You have not eliminated all viruses"

I ran the scan again and the same thing happened all over again.
I'm not sure what to do next? How do I get this virus off of my system??

Please help.

Thanks in advance.
 
Sort by date Sort by votes
Hi there. Thanks that was very helpful. I ran the tool and it said there are no worms in my system. I then ran a full system scan and it came up clean.

I then signed into the Internet and boom:

Then, I got 2 more warning messages:
here's the first:
Object name: c\windows\system32\inetsrv\ssvs32.bat
Virus name: Backdoor.IRC.Flood

Here's the second:
Object name: c\windows\system32\inetsrv\ntnwsys.ocx
Virus name: IRC Trojan

For both is said unable to repair the file and access to file denied.

Why was this not detected when i ran a full system scan 2 minutes prior???

How do I get rid of these of has Norton already done that for me??

thanks again
 
Upvote 0 Downvote
What has me wondering.. if you were running Norton and kept it up to date, how in hell did you get infected in the first place??

Murray
 
Upvote 0 Downvote
Norton is far from full proof. A hacker can easily plant viruses, without the software detecting it... Not only that, but I've seen users infect systems with norton running in the background. Check out this article...


I use Hauri's ViRobot antivirus, it detects stuff norton can't, especially boot sector and memory resident viruses. The only downside is you have to wait a couple days after you buy it, to get the email to download it.

I need to register a new domain. MCSEsGoBackToDrivingForklifts.com

Matt
 
Upvote 0 Downvote
My operating system is Windows XP pro.

I don't know how I got it and when I ran the worm check it said there was no worm??

This is what I want to know, when you get a message that pops up from Norton telling you that you have a virus and that you do not have access to the file and it was unable to repair it.......does that mean it has detected and gotten rid of this Virus for you??
 
Upvote 0 Downvote
No it does not, it means Norton tried to fix it and failed. If the file is still there, it means Norton could not quarantine it either. If you really want to just fix this problem, I'm telling you, try the Hauri Antivirus, it really is a superior virus cleaner.

Matt J.
 
Upvote 0 Downvote
I went in and checked out the website for the HAuri Anti virus and it looks pretty impressive. I could not find the cost anywhere?? Can you have this as well as Norton or can you only have one on your pc?

In the meantime, how can I get rid of these viruses? Anything I can do or do I have to wait for the Hauri?

Thanks so much!
 
Upvote 0 Downvote
Delete your temporary internet files. This eliminated the virus if it is conneted to a url . Usually if Norton detects a virus that it can not repair or quarentine it is usually not on your computer, but there is a link to the virus through your temporary internet files. This should resolve your problem. If your are ever in doubt of your anti virus protection you can allways scan from Symantecs
Click on check for scurity risks at bottom of page.And do virus scan.
If your anti virus is ever compromised the virus usually will not allow for a full scan from Symantec if the virus is attacking your firewall and or anti virus software.
Good Luck
 
Upvote 0 Downvote
Sounds Like mattjurado (MIS) Works for Hauri Antivirus. NAV does scan memory and boot sector infectors. There can be many infection vectors to your machine. Especialy if you are not running a firewall. The original infector may have targeted you and is still spaming your machine.

Try
for starters.
 
Upvote 0 Downvote
Damn I should have rememberd this one. NAV may have items in Quarintine. It sees them and reports them but cant remove them. Go into Quarintine and delete any files there.
 
Upvote 0 Downvote
Thank you bullet and omegaman!

I deleted the temperary internet files as well as history. I also went into quarantine and deleted the files that were there.

I went into Symantec and went into security risks and did a virus scan and it came out clean.

I hope that's the end of that! if anything else progresses, I will let you know.

You were all a great help. I love this website!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
177
Oorde
Oorde
andyv2011
  • Locked
  • Question
Looking at Virus Actions
Replies
0
Views
77
andyv2011
andyv2011
Tiffc0922
  • Locked
  • Question
Virus / Malware Scans on Local PCs
Replies
5
Views
121
goombawaho
goombawaho
kharrison70
  • Locked
  • Question
Meskisift Visaal Studie Virus? 6
Replies
6
Views
122
goombawaho
goombawaho
CCX008
  • Locked
  • Question
Barowwsoe2save , how can I remove this stubborn virus !! 3
Replies
10
Views
160
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top