Problems with BKDR SandBOX.A virus and AltNet

Discussion in 'Malware Help (A Specialist Will Reply)' started by bttfdeb51, Jan 21, 2005.

  1. bttfdeb51

    bttfdeb51 Private E-2

    I have been battleing for days with my computer! I have followed the advice of the virus deletion post already on this website, but to no avail! I believe I have a virus, the Trend Micro Virus Scan states:

    BKDR SandBOX.A C:\WINDOWS\system32\Fmr0.exe
    BKDR SandBOX.A C:\WINDOWS\system32\Gib6w21Y.exe
    BKDR SandBOX.A C:\WINDOWS\system32\lrpY.exe
    BKDR SandBOX.A C:\WINDOWS\system32\JrbrC2.exe
    BKDR SandBOX.A C:\WINDOWS\system32\UmdD.exe
    BKDR SandBOX.A C:\WINDOWS\system32\Vju9053.exe

    None of these are cleanable, and after deleting them they just come back at the next scan.

    Also, I cannot for the life of me delete the Altnet Registry Key that Spybot keeps finding. I have tired it manually, I have tried to change the permissions for the keys, but I'm not sure if I'm doing it write, and no matter what, it still won't let me delete it.

    Please, your site has helped me soo much already and is the best on the web...can someone please help me!!
     
    bttfdeb51, Jan 21, 2005
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.


    After doing ALL of the above if you still have a problem:

    Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

    To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT
     
    chaslang, Jan 22, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds