Hi,
Newbie again with the same question that has been ignored… by you and others!!!
I previously posted and my question never appeared.
If this same question does not appear then It is obvious that secrecy, in all forums exist and I will need to go higher.
I am already being invaded through Avast web mail scanner with numerous worm attempts. since this happened. some get through. but traced and deleted.
" THE MAIN POINT— Iwas hit by WIN 32:Sunilla.E [Trj] .
I have done 3 complete re-installs , 3 fdisks, 3 formats etc .etc.
I cannot grt info from any ‘engine’ or forum, (wilders, spyware warrior and even yours. , on this troj.
I am running TDS-3. processguard, SWguard, AVAST, KERIO etc.
Why oh why won’t anybody talk about this???
respect.
JUST FOR REFERENCE:-
" Rocks are the essence of life, there is not one computer that can run without them"
Can you point where is your first question, I mean, the link for the thread?
Which are the infected file name and path? Are you sure that avast! detect a trojan with this name?
If you have any info on 'Win 32-Sunilla… pls advise and just point me onwards.
As I said, 3 re-installs formats and Fdisks later, I am getting hit by all the worms under the sun.
Avast is protecting me but I have never been hit so hard.
Please bear in mind I am a newbie but not a ‘thickie’
respect.
I did not save the latest 'hit in the chest as I have had so many I just delete. But I do have one in my 'deleted items folder in outlook express, however, as a newbie I do not know how to attach below.
I do know how to forward this email if you tell me the email address to forward to.
Thinks your comp is surely compromised. Sunilla was the queen of the Amazons. Run the WINAMP and you run the RATS server from either newsgroups or software distribution sites. Couldn’t you check if this is the SPARK trojan. Download the scanner here: http://www3.ca.com/ and scan for a trojan downloader.
I previously posted and my question never appeared.
If the question/new topic didn't appear something failed, we aren't afraid to answer questions and there is certainly no secrecy.
I can’t possibly see any way that after an fdisk and format that it is still on your system let alone after 3 formats. You are getting reinfected, how id the issue?
A virus on your computer doesn’t necessarily generate incoming infected email (thankfully the email scanner appears to be taking care of them), outgoing perhaps. What is more likely is a friend colleage or corespondent who has your email address in their addressbook is infected and everyone in the addressbook is getting hit.
What detected WIN 32:Sunilla.E (I can’t find it in the avast! Virus Database.) I can’t find anything on google about it other than this thread and one other forum reference?
I could not find anything on the Sunilla thing either. I am quite a searcher, but what I can come up with is in comparison. Sunilla is either a term with a Finnish sound to it (search hits many) or it has to do with a hepatitis virus named Sunilla, but in that case you have to visit a doctor not a computer forum, at least not ours. If he cannot come up with something more specific or a file, we are out in the dark here. What could be a possibility is a software conflict or the other thing is remote Fu rootkit downloader. Maybe he must download flister from here: http://www.invisiblethings.org/tools.html and run that against his comp, in very rare cases something may stayed behind on his harddisk. But all these things are pure speculation, because of lack of data to go by. I wished everyone that post here read the sticky, that would make our lives a lot easier,
Without knowing what detected it, we are groping around in the dark, I had though about using RootkitRevealer, but I think we need more information.
One thing for sure, I don’t care if it were a rootkit or even an undetected/unknown virus it wouldn’t have survived fdisk and format. The only way would be infected again if his source when he installs windows and programs is infected or his security or browsing habits are causing him the be re-infected (I just don’t know).
What OS are you using? is it up to date?
What was the filename, where was it found
example (C:\windows\system32\infected-filename.xxx)?
If that is true, the moderators must have taken care that he stayed within the same thread. Some forums also have a possibility to “kick a subject” after say three or four days without an answer from anyone. Some forums work with houserules and are rather strict. E.g. you are not supposed to put postings in a wrong thread. The Dutch forum ASO is very strict with these houserules. They have a sayong “We all grew up with the houserules, who has not” (Wie is er niet groot geworden met de huisregels"). Some areas are just for stickies and closed after that, some are just for qualified helpers, etc.
My original posting did eventually ‘appear’ as you can see. Amazing.
David , my OP sys is WinXP Pro SP2 all updated, fully AV and otherwise protected as I have said in previous posts.
I take offence at POLONU’s comments. It is ok for you so called tech wizards to sit in your ivory towers but there is no reason for you to suggest through your so called use of clever language, forieign or otherwise, that ths is a flippant posting and that I should not be here.!!
David . Thanks again. It seems that this Trojan cannot be found. I wish you well David.
As for me Polonus will be happy because his negativity has become positive for both of us.
I will leave avast if I get treated as a newbie this way then I need a new Antivirus with support without cynics.
It was just a reaction to something Nicolas wrote, and nothing personal. Just telling my personal experience with other forums or how people can kick a subject to achieve something for the ones that seek help. These were some general “musings” of mine. I took these comments out in the open, it was nothing personal. If else I would have written a "personal"message. But I haven’t heard still what the Sunilla virus is, where I can find the definition or the signature. And a wizard is a person not living in an ivory tower, but a person who has made all the mistakes he could in a very small area, from these experiences wizards are built. Not by negativity or arrogance.
I think only alwil guys have the knowledge to help you out chipbutty , so wait for their response.Just ignore any “suggestions” from Polonus(altough i don’t think that was his intention) you are and always will be welcome here!Welcome to the forum and i hope your issue will be resolved soon!
If that is true, the moderators must have taken care that he stayed within the same thread
Hi Polonus,
Chipbutty complained on being ignored, but his post was number four. Hence, I looked up his previous posts. Eddy had already politely replied and obviously no assistance was needed: the problem was apparently solved by Chipbutty himself.
Nevertheless we are dealing with a suspicious virus name. A virus of that name affects human beings (primates in general), not computers.
Yes Eddy did reply but I did not get any info on the query.
If the answer to all our infections is to re-install to solve our problems then so be it. There would be no need for forums. Or cynics that reside in them.
IGOR,…As I said I am a NEWBIE, I do not know about the path where it was and if I knew where to look I would have.
All I got was a Screen flash small dialogue box saying 'warning system infectected with WIN 32: Sunilla.E [Trj] and is shutting down.
And there it was GONE.
If ALWIL can find snything then great, after all if it wasn’t for NEWBIES spotting and reporting these nuances…then some human beings would never be able to help each other.
“A problem aired is a problem shared”
Before you smart asses have another go at me, I know the saying above is the wrong way round, but it makes sense both ways.
I posted with genuine intent and remain true to the truth.