Noob needs help! - Root kit / Virus?

Discussion in 'NOD32 version 2 Forum' started by force, Jul 21, 2007.

Thread Status:
Not open for further replies.
  1. force

    force Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1
    Hey peeps!

    We are a Honda / Yamaha motorcycle dealer based in Louisiana,We have two small servers and 18 client terminals.

    Im a total pc nub to be honest.....I can manage and understand only the basics so please understand my ignorance!


    We run NOD32 across the network,It autoupdates as do the clients,Clients are running a mix of XP pro / XP and Win 2000.

    Here is the problem.

    Our Internet connection was lost on Tuesday afternoon,After looking at it the outage appeared to come from our ISP.

    I called our ISP to be told that our connection had been removed as a LOT of spam had been sent from our IP / originating from US.

    We have basically been shut down for 3 days :(

    I have scanned ALL computers with NOD.
    The signatures are up to date
    I have ran Adaware / Spybot and Hijack this.

    I found spyware but thats it,Nothing more sinister.

    So,This morning I call the ISP,They have turned back on our connection(yay)
    An hour later they tell me the problem is WORSE.

    I rescan ALL computers,I get nothing from all of them,Last one I get to shuts down Adaware when I ran it.......


    I reviewed Hijack this again
    I check the background process's,26 process's and all seem legit
    Spybot shows nothing
    NOD32 has dissapeared!

    I re install NOD32 and then try to update NOD.
    During update,The update fails,I try again and again,Update continues to fail....

    I uninstall NOD and go to the ESET website,Download a new version perhaps.....During download the browser shuts down and IE dissapears totally,Not on the desktop,Missing from prog files,Missing from Add / remove programmes!



    Ive heard of virus / spyware before,I can normally clean up pretty much any pc,Thing is,I dont see whats wrong with this computer,No process's,No services,Nothing.

    So,My questions are:

    Does this sound like a root kit?
    If so,Whats the chances of other pcs being infected?
    This thing ran OVER Nod 32,What else can I do to stop this in the future??

    I have removed the pc from the network and replaced it....

    Any help / advice is very much appreciated!

    Mark.
     
    force, Jul 21, 2007
    #1
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    Please send a log from Autoruns with this thread's url to support[at]eset.com. We'll analyse it and let you know if there is a virus as well as what files you should submit to Eset for perusal.
     
    Marcos, Jul 21, 2007
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...