Contracted Remon.sys (hacktool.rootkit) from AIM, Help please

Status
Not open for further replies.
A

arccabri

I recently received a virus from a link sent by a buddy. Immediately after clicking on it, norton popped up saying I have a hacktool.rootkit virus, remon.sys. I've looked through the stickies on this page, ive tried the removing hacktool.rootkit method posted but none of the specific files mentioned by that thread was found. When I run Housecall scan online, I get no problems and now, it seems that I am unwillingly passing on the link to others through aim aswell. Hopefully someone can help me. Attached is my HJT log. Thanks
 

Attachments

  • 12.26.05.txt
    8.9 KB · Views: 11
Thanks for the quick response spike, I looked at that tread and non of the suspect processes or files show up when I run in safe mode. If there is any additional information needed, I will be happy to oblige.
 
Ive followed the directions on the How to...Rootkit post in the forums and it doesnt seem to apply to my specific circumstance as none of the files, javapanel/taskcenter/xpjava, or processes show up. Any additional support will be appreciated. Thanks
 
yeah, the first time i got it checked by TM, there were some questionable files but none relating to this rootkit virus, i then used the fix utility on the scans and then followed the rootkit removal process. While the rootkit is still there, my next TM housecall scan came up clean.
 
So basically that thread will take care of a good majority of nasties? My fiancee's laptop got the remon.sys (hacktool.rootkit) as well. So I will try that and see if it works, for I had the same problem as arccabri on her laptop.
 
Status
Not open for further replies.

Similar threads

Kitcat
Solved Help please!!!
2
Replies
26
Views
8K
Broni
Broni
S
Inactive Please help: Search results redirected by malware
Replies
7
Views
3K
Seanj
S
P
  • Locked
Inactive [A] C:\WINDOWS\assembly\GAC_64\Desktop.ini virus, please help
Replies
22
Views
24K
Broni
Broni

Latest posts

Back