Sign In
Register
Help
Hello,
First time poster here. I have been seeing a message that pops up on my computer screen the last few days. I'm not sure what it means. Can someone enlighten me please? I would appreciate your assistance.
The message reads...
"Malicious code found in file C:SystemVol...A0112056.Oys.Infection:Rootkit.Win32.Agent.IvqAction:failed"
What is this? Is this anything real serious? Any suggestions on how to treat this?
Thank you for your help!
Page 1 of 1
Message coming up on my computer..
MultiQuote
#2
SpiritWind 
- Expert
-
- Group: Members
- Posts: 1,925
- Joined: 19-August 06
Posted 29 June 2009 - 12:46 PM
:D Hi :
The "Message" implies ( it would have been very helpful IF you had mentioned the "Name"
of the security program giving that "message" ) there is a very dangerous "rootkit" in the
"System Restore" section of your computer . Specifically, WHAT are the Names ( and
possibly their Version Number(s) ) of the security program(s) on your computer . In the
recent Past, have you had a security program 'alert" you to having a "rootkit" on your
computer ? IF Yes, which One ? And what did you do !? What Operating System are you
using and What browser(s), like Internet Explorer, are you using ?
At this point, I recommend you use the FREE "RootkitRevealer", available from
technet.microsoft.com/en-us/sysinternals/bb897445.aspx ; PRIOR to using this
program, you should delete ALL Temporary Internet Files AND follow this "Guideline"
from their Support Forum :
"Start RKR, wait about 10 seconds, click Scan, then leave computer untouched until it completes. An idle machine will minimise the possibility of false positive reports caused by changes to the system during the scan. Background processes may still make intermittent changes, but resulting discrepancies tend to be obvious from their registry or filesystem branch; on a re-scan many may not recur. "
IF it finds anything, Post its "Log" .
The "Message" implies ( it would have been very helpful IF you had mentioned the "Name"
of the security program giving that "message" ) there is a very dangerous "rootkit" in the
"System Restore" section of your computer . Specifically, WHAT are the Names ( and
possibly their Version Number(s) ) of the security program(s) on your computer . In the
recent Past, have you had a security program 'alert" you to having a "rootkit" on your
computer ? IF Yes, which One ? And what did you do !? What Operating System are you
using and What browser(s), like Internet Explorer, are you using ?
At this point, I recommend you use the FREE "RootkitRevealer", available from
technet.microsoft.com/en-us/sysinternals/bb897445.aspx ; PRIOR to using this
program, you should delete ALL Temporary Internet Files AND follow this "Guideline"
from their Support Forum :
"Start RKR, wait about 10 seconds, click Scan, then leave computer untouched until it completes. An idle machine will minimise the possibility of false positive reports caused by changes to the system during the scan. Background processes may still make intermittent changes, but resulting discrepancies tend to be obvious from their registry or filesystem branch; on a re-scan many may not recur. "
IF it finds anything, Post its "Log" .
#4
bunkman
- Newbie
-
- Group: Members
- Posts: 4
- Joined: 30-November 08
Posted 29 June 2009 - 05:48 PM
Hello SpiritWind,
Sorry about the lack of details. I was in a hurry at the time, as I was going to be meeting a client shorly after posting my message.
Answers to your questions..My operating system is Windows XP Media Center Edition (Service Pack 3). I am using Windows Explorer 7. The security service is provided by my cable provider, and it is under the F Secure name. www.f-secure.com/en_US/
The message has been popping up periodically over the last week. It doesn't come up very often. I only see it after my computer has been sitting idle for a while. Now that I'm thinking of this, I'm not so sure it isn't going into Standby mode after an alloted period of time. (I'm going to monitor this after I'm done with my online session). When I've seen this in the past, I've scanned my computer for viruses. The software detects the virus, and I delete them. To be honest with you, I'm not positive that it is the same virus that we're discussing here.
Regardless, my system seems to be operating OK. But my concern is that there might be something lurking behind the scenes.
I will try the FREE "RootkitRevealer" that you suggested.
I'm not extremely computer literate. What exactly is a rootkit? If you don't mind answering this. After I wrote it, I realized that I could easily just google the term.
Thanks in advance!
Sorry about the lack of details. I was in a hurry at the time, as I was going to be meeting a client shorly after posting my message.
Answers to your questions..My operating system is Windows XP Media Center Edition (Service Pack 3). I am using Windows Explorer 7. The security service is provided by my cable provider, and it is under the F Secure name. www.f-secure.com/en_US/
The message has been popping up periodically over the last week. It doesn't come up very often. I only see it after my computer has been sitting idle for a while. Now that I'm thinking of this, I'm not so sure it isn't going into Standby mode after an alloted period of time. (I'm going to monitor this after I'm done with my online session). When I've seen this in the past, I've scanned my computer for viruses. The software detects the virus, and I delete them. To be honest with you, I'm not positive that it is the same virus that we're discussing here.
Regardless, my system seems to be operating OK. But my concern is that there might be something lurking behind the scenes.
I will try the FREE "RootkitRevealer" that you suggested.
I'm not extremely computer literate. What exactly is a rootkit? If you don't mind answering this. After I wrote it, I realized that I could easily just google the term.
Thanks in advance!
#5
SpiritWind
- Expert
-
- Group: Members
- Posts: 1,925
- Joined: 19-August 06
Posted 30 June 2009 - 09:16 AM
:D Hi :
Since your cable provider is providing the "security", then I know you do NOT have the
Best that is available; at a minimum, you should use the FREE Version(s) of Both
"SUPERAntiSpyware" ( www.superantispyware.com ) and "Malwarebytes
Anti-Malware "( [http://www.malwarebytes.org/mbam.org] ) ; running their "Complete/
Full" Scans would go a long way towards ridding your computer of "malware" and IF
either finds a "rootkit", would most likely mean the use of "RootkitRevealer" would NOT
be necessary ( But would be an additional safety "Precaution" ) .
Since your cable provider is providing the "security", then I know you do NOT have the
Best that is available; at a minimum, you should use the FREE Version(s) of Both
"SUPERAntiSpyware" ( www.superantispyware.com ) and "Malwarebytes
Anti-Malware "( [http://www.malwarebytes.org/mbam.org] ) ; running their "Complete/
Full" Scans would go a long way towards ridding your computer of "malware" and IF
either finds a "rootkit", would most likely mean the use of "RootkitRevealer" would NOT
be necessary ( But would be an additional safety "Precaution" ) .
Page 1 of 1
