Unknown Virus root kit

Discussion in 'Malware Help (A Specialist Will Reply)' started by thatcrazyguy, Jun 8, 2008.

  1. thatcrazyguy

    thatcrazyguy Private E-2

    ran through the Read and run 2 times it keeps coming back heres my logs..


    All i know about this is that it auto runs through ms-dos when IE opens closes IE then downloads utorrent and about 10-20 trojans starts duplicating processes to suck up memory usuage..then begins adding adware to IE sucking up bandwidth.. after running the scan it removes most the stuff and the program goes dormant then i bounce through a couple websites and it activates again. these are the results after the read and run then came straight here for help..
     

    Attached Files:

    Last edited by a moderator: Jun 8, 2008
    thatcrazyguy, Jun 8, 2008
    #1
  2. thatcrazyguy

    thatcrazyguy Private E-2

    Unknown root kit

    I think I deleted the post by clicking back sry if this is a duplicate. I ran through your read and run cleaning windows xp thing 2 times.

    What ever it is it activates automatically when ie is open it opens a ms dos window runs a program then utorrent downloads automatically on my pc along with 10-20 trojans (invisible)..

    It starts making random processes They are numeric files like 73849.exe 440.exe ect.. useing 2.8mb of memmory per process continualy duplicating Trying to use all my memory..

    Also it tuns off all adware security spyware blockers That are active time protection..(deactivates AVG ad blocker, definition list for defender files went from 500/500-416/500 -and spywareblaster)..it imediatly starts creating duplicates of multible adwares eating up my band with slowing my connection till a stand still.

    after running the read and run cleaner heres log file for mgtools
     

    Attached Files:

    Last edited by a moderator: Jun 8, 2008
    thatcrazyguy, Jun 8, 2008
    #2
  3. abri

    abri MajorGeek

    Hi thatcrazyguy,
    Welcome to Major Geeks!

    Were those the same sets of logs or did you rerun any of the scans before you reposted the logs?

    abri
     
    abri, Jun 8, 2008
    #3
  4. thatcrazyguy

    thatcrazyguy Private E-2

    i think they are diffrent logs the first one being the logfile from mgtools and the second from hijak this (after looking at this i believe this was two seprate posts that become one idk how i thought i deleted the other.(excuse my poor typin been up 2 days)

    there was supose to be 2 files listed with each post i guess they stored as one i am here if you need additional information.
     
    Last edited: Jun 8, 2008
    thatcrazyguy, Jun 8, 2008
    #4
  5. thatcrazyguy

    thatcrazyguy Private E-2

    i have reset my internet security and replaced my fire wall.. it would apear this root kit is avg based cause i removed avg from my pc for antivir and it tried to acess the internet 2 avg files..
     
    thatcrazyguy, Jun 8, 2008
    #5
  6. abri

    abri MajorGeek

    Hi thatcrazyguy,
    Please use the Manage Attachments button to attach the logs you put in the new thread. That thread will be deleted. The Manage Attachments button is located below the reply box a little ways down. We don't use inline logs for a variety of reasons.
    Thanks.
    abri
     
    abri, Jun 9, 2008
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds