hi all I got a solution for that combofix is the one which could delete it from the root directly if any one face this problem please suggest them that combo fix tool :-)
On Mon, Dec 5, 2011 at 8:00 PM, kura narin <[email protected]> wrote: > > Hi please find the Attachments of the Logs I created and help me to get > rid of that virus > > > On Sat, Dec 3, 2011 at 5:13 PM, kura narin <[email protected]> wrote: > >> yeah thank you for your response as soon as i get the logs i will send >> them to all and I am also trying for a solution >> I have observed that he is changing code of HTML pages and leaving the >> Title as the Search command which we enter changing the Redirect location >> in the Frame set tags of HTML pages >> >> >> On Sat, Dec 3, 2011 at 4:39 PM, Jonathan Lieberman >> <[email protected]>wrote: >> >>> just randomly found this thread through a google search.... I just got >>> the same bit of nasty malware. new computer, hadn't loaded any virus >>> protection and malware protection till a few days after I bought it... >>> looks like it's something new that's going around because I've seen a >>> few other new posts about it. Will update if I find something to >>> remove it. >>> >>> On Dec 2, 9:35 pm, Srinivas Naik <[email protected]> wrote: >>> > Hi Narin, >>> > >>> > Follow below instructions >>> > 1. Copy and Paste below 3 lines in file "*malcop.cmd*" >>> > >>> > echo Collecting Startup and Process list... >>> > wmic startup get caption,command,location /format:list > >>> startup_log.txt >>> > wmic process get >>> > >>> Name,Description,CommandLine,ProcessId,ParentProcessId,ExecutablePath,ThreadCount,Handle,HandleCount >>> > /format:list > process_log.txt >>> > echo Files Startup_log.txt and Process_log.txt Created...... >>> > >>> > 2. Attach the files generated startup_log.txt and process_log.txt to >>> this >>> > thread >>> > >>> > Lets analyze the malware and sort out the issue. >>> > >>> > Dont Worry ..... Trust MalCop :) >>> > >>> > Cheers, >>> > 0xN41K >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > On Fri, Dec 2, 2011 at 6:15 PM, narin <[email protected]> wrote: >>> > > Hi All >>> > > I have a big problem with my office computer >>> > > my all browsers got effected with some virus i think so >>> > > when ever I am trying to Open any website in search engine >>> > > i am getting connected to the kozanekozasearchsystem.com website and >>> > > getting redirected to the >>> > > random website or random blogs, >>> > > When i Used firebug just whats happening i observed that virus >>> > > introducing some code >>> > > with title as our typed text and >>> > > in the Frameset Redirecting to the that website >>> > > and to go to the desired website of mine i need to click enter on the >>> > > Address bar again. >>> > > Please help me >>> > >>> > > Thank you >>> > > Narin >>> > >>> > > -- >>> > > You received this message because you are subscribed to the Google >>> Groups >>> > > "nforceit" group. >>> > > To post to this group, send an email to [email protected]. >>> > > To unsubscribe from this group, send email to >>> > > [email protected]. >>> > > For more options, visit this group at >>> > >http://groups.google.com/group/nforceit?hl=en-GB. >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "nforceit" group. >>> To post to this group, send an email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/nforceit?hl=en-GB. >>> >>> >> >> >> -- >> Thanks and Regards, >> >> K.N.NARIN. >> >> Oracle Certified Professional,Java SE 6 programmer(SCJP 6) >> >> Ankit Fadia Certified Ethical Hacker(AFCEH 5.0) >> >> http://lifetechnology-narin.blogspot.com/ >> >> >> >> > > > -- > Thanks and Regards, > > K.N.NARIN. > > Oracle Certified Professional,Java SE 6 programmer(SCJP 6) > > Ankit Fadia Certified Ethical Hacker(AFCEH 5.0) > > http://lifetechnology-narin.blogspot.com/ > > > > -- Thanks and Regards, K.N.NARIN. Oracle Certified Professional,Java SE 6 programmer(SCJP 6) Ankit Fadia Certified Ethical Hacker(AFCEH 5.0) http://lifetechnology-narin.blogspot.com/ -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
