Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Fixed]Virus

[Fixed] Hijackthis! Logs - [Fixed]Virus posted in the Security & Safety forums; Hi PCHF, sorry for posting in here but each time i go to post in HJT my browser justs shuts down.I have tried to run HJT each time I do ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 5 1 2 3 4 5 >
  #1  
Old 07-16-2007
cartandpeg's Avatar
Moderator
  
Join Date: Nov 2005
Location: Victoria,Australia
Posts: 845
cartandpeg - See this Members User comments on their Profile page cartandpeg - See this Members User comments on their Profile page
Default [Fixed]Virus
Hi PCHF,
sorry for posting in here but each time i go to post in HJT my browser justs shuts down.I have tried to run HJT each time I do it just getsrid of the icons and my desk top and the reloads them,i have trievarious ways,redownloaded etc,even when it does try and load and i quiclky press scan and save log it will try to do a scan and then just closes down the box the scan is running in.

Attached is a superantispyware log,the origanal complaint was that when loading browser it take page sratight to Virus Help Zone | Your Anti Virus Resource

there is no report for AVg as it found nothing.

Thankyou

Cart
Attached Files
File Type: log SUPERAntiSpyware Scan Log - 07-16-2007 - 15-54-18.log (521 Bytes, 2 views)


  #2  
Old 07-16-2007
DarkLord7854's Avatar
The cake is a lie..
My PC
 
Join Date: Sep 2005
Location: Florida
Posts: 1,402
PC Experience: Of Epic Proportions.
DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page
Default
Oy,

Well, here's your problem:

Worm.Alcra Variant
C:\WINDOWS\SYSTEM32\TASKKILL.COM
Check your process list and see if it's there, I'd end it, search for it, make sure system restore is disabled, and then delete it, reboot, and check if it's there


__________________
Don't forget to rate posts if you find them helpful
I only provide Technical Support/Help on personal, or Staff requests.
  #3  
Old 07-16-2007
chiaz's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Singapore
Posts: 2,573
PC Experience: PC Guru
chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page
Default
Check your process list and see if it's there, I'd end it, search for it, make sure system restore is disabled, and then delete it, reboot, and check if it's there
Right.

Cart, I'm pretty puzzled. I believe you had also encountered this situation before, that is, you not being able to read/run anything HJT-related? But Alcra won't do that, and frankly, I have never heard of any malware program that goes to that extreme to 'protect' itself.

This *may* be a rootkit, I need you to download AVG Antirootkit from here
  • Install it, and follow the prompts to restart your computer.
  • Run the program and select Perform in-depth search.
  • When it has finished, click Save result to file
  • Post the contents of the results in your reply.

P.S. Does HJT run in Safe Mode?


Last edited by chiaz; 07-16-2007 at 10:32 AM.
  #4  
Old 07-16-2007
DarkLord7854's Avatar
The cake is a lie..
My PC
 
Join Date: Sep 2005
Location: Florida
Posts: 1,402
PC Experience: Of Epic Proportions.
DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page DarkLord7854 - See this Members User comments on their Profile page
Default
It's lovely all the sorts of things one can pickup from the nets ain't it? Sigh.

Does Housecall pick up rootkits btw? It's one of my favs as I never keep any AV/Spyware programs on my comp


__________________
Don't forget to rate posts if you find them helpful
I only provide Technical Support/Help on personal, or Staff requests.
  #5  
Old 07-16-2007
chiaz's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Singapore
Posts: 2,573
PC Experience: PC Guru
chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page
Default
All anti-virus would claim to pick up rootkits, but I believe that their detecting and removing capabilities would not be as good. Even now, many if not all of the specialized anti-rootkit tools cannot totally remove an infection altogether.
  #6  
Old 07-16-2007
cartandpeg's Avatar
Moderator
  
Join Date: Nov 2005
Location: Victoria,Australia
Posts: 845
cartandpeg - See this Members User comments on their Profile page cartandpeg - See this Members User comments on their Profile page
Default
ok thanks DarkLord,processlist,where would I look for that.

I looked throughsystem 32 for it but was not showing in there

Thankyou

Cart

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 1 of 5 1 2 3 4 5 >

Bookmarks

« can i get this checked | Hello »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 05:48 PM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
New York Hotels
New York Hotel search.

Western Union Money Transfer
Debt Help
Debt help information and advice from Moneyexpert.