NTkrnl Secure Suite....How do you remove?

dougo13 · May 30, 2007

Currently I'm running in safe mode with networking (to access the net) but I see nothing on the site for removing this thing. Unlike a lot of people though, I'd like to not only know that but also how the creators of this got around the virus protection I already had on the machine (AVG Anti Spyware, AVG Anti-Virus Plus Firewall). I just made a HJT log which I'll enclose.

Thanks

TimW · May 30, 2007

You are strongly advised to do the following immediately:

1. Disconnect infected computer from the INTERNET and from any networked computers until the computer can be cleaned.

2. Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.

3. From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.

Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

We need you to follow the instructions in the Read and Run First sticky ....exactly!! That applies esp. to installing and renaming HJT!!

Use a different computer to download to and then install on your computer:
Counterspy
ShowNew
GetRun

Attach those logs as well as a new HJT (properly installed and renamed).

Log in or Sign up

NTkrnl Secure Suite....How do you remove?

dougo13 Private E-2

Attached Files:

hijackthis.log

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member