Originally posted by _DM_
WTF viruses found inside my computer? Wtf is this ****?!
Virus? wtf do these do ?
-IRC Trojan found at C:\windows\system32\kernel32.exe
-Backdoor.Y3KRat.16 found at C:\WINDOWS\SYSTEM32\MSSCMC32.EXE
-W32.HLLP.Handy
How the hell can i do a system restore?
Do i need a firewall?
I got norton alrdy. But not check scan all files (ENTIRE COMPUTER)
WTF DO I DO?! This is getting me scared man. I cant afford to get a nother computer! What do i do?!
Info on the trojan can be found here:
http://www.computing.net/windowsxp/wwwboard/forum/52105.html
"KERNEL32.EXE is a Back door Trojan and just by deleting the file will not get rid of it because of WinXPs "System Restore" and the Trojan can be in your Backup files...
Do this before you run your Updated Virus Scanner:
Disable "System Restore". How to do This:
1. Right click the My Computer icon on the Desktop and click on Properties.
2. Click on the System Restore tab.
3. Put a check mark next to 'Turn off System Restore on All Drives'.
4. Click the 'OK' button.
5. You will be prompted to restart the computer. Click Yes.
Next::
Find and stop the KERNEL32.EXE process using Windows Task Manager. How to do this:
Press: Ctrl + Alt + Del.
Select the "Processes" Tab.
Find the KERNEL32.EXE process, Select it and click on "End Process".
Next:
Run an Updated Virus Scanner Utility. If that does not pick it up, Use another Virus Scanner.
After you containd this Trojan, don't forget to turn on your "System Restore" if you do use it.
To re-enable "System Restore", follow the steps above, (1 to 5), and on step 3, remove the check mark next to 'Turn off System Restore on All Drives'"
Info on the Backdoor file here:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.y3krat.16.html
Info on W32.HLLP.Handy here:
http://securityresponse.symantec.com/avcenter/venc/data/w32.hllp.handy.html
A couple of free online scanners:
Panda and
Trend Micro