05-26-2007, 08:07 AM | #1 | |
Jack Burton
Join Date: March 21, 2001
Location: Philippines, but now Harbor City Sydney
Age: 41
Posts: 5,556
|
everytime i open my computer my antivirus picks this bugger up.
I am totally at a lost on what to do. I have ran Spybot, Adaware, and SuperAntiSpyware programs. I also ran a full antivirus scan. None of these detected anything related to this antivirus. (cleaned out lots of cookies though [img]tongue.gif[/img] ). Anyway, upon looking at the alert, it seems to be coming from a website that tries to download its virus every single time. But there must be a trigger that tries to actually let the website know to target my computer. I am compeltely stumped and googling it didnt help much except that this is a trojan virus. Also, I did Hijackthis program and posting my log here to anyone who can understand. Could it be a false detection error? log Quote:
__________________
Catch me if you can.. |
|
05-26-2007, 09:46 AM | #2 |
Xanathar Thieves Guild
Join Date: March 17, 2001
Location: Wichita, KS USA
Age: 60
Posts: 4,537
|
Assuming you pushed the Terminate button, I would say that it was denied access to your computer. You can prevent it setting the cookie by either avoiding the website, or by raising your security level to verify whether or not you want sites to automatically set cookies. It will prompt you for an action every time a site tries to set a cookie, but, in the long run, it's far better than having something nasty slipped in under the radar.
__________________
To those we have lost; May your spirits fly free. Good Music: Here. Interesting read, one of my blogs. |
05-26-2007, 10:04 AM | #3 |
Jack Burton
Join Date: March 21, 2001
Location: Philippines, but now Harbor City Sydney
Age: 41
Posts: 5,556
|
the thing is.. i never go to that website at all. This threat pops up everytime i log on to my computer.
__________________
Catch me if you can.. |
05-26-2007, 10:24 AM | #4 |
Symbol of Cyric
Join Date: September 15, 2002
Location: Peterborough, ON, CANADA
Age: 60
Posts: 1,394
|
find the file "\windows\system32\drivers\etc\hosts" on your boot drive and use notepad to add the following line:
127.0.0.1 rat1o.info It won't remove what is trying to load this address, but it will short-circuit the request until you find out what's going on. The most likely culprit is GetRight, imo.
__________________
If I say \"Eject!\" and you say \"Huh?\" - you\'ll be talking to yourself! - Maj. Bannister, <b>Steel Tiger</b> |
05-26-2007, 05:02 PM | #5 | |
40th Level Warrior
Join Date: October 29, 2001
Location: Western Wilds of Michigan
Posts: 11,752
|
Things that look suspicious to me...
Quote:
*edit* You know what's on your system... I don't. I'm suspicious of anything that calls itself "MegaUpload" or "SuperAntiSpyware"... but that's just me. If they're something you installed on purpose, then I suspect you're fine. And to restate, as I did below, don't just arbitrarily delete things. Google for them and see if they're related to something you recognize and approve of. */edit* [ 05-26-2007, 11:07 PM: Message edited by: Bungleau ]
__________________
*B* Save Early, Save Often Save Before, Save After Two-Star General, Spelling Soldiers -+-+-+ Give 'em a hug one more time. It might be the last. |
|
05-26-2007, 05:30 PM | #6 |
Harper
Join Date: October 2, 2001
Location: Aberdeen, Scotland
Age: 42
Posts: 4,774
|
Just a warning .. dont go and take the above post as the definitive answer, google for a hijackthis FAQ and confirm everything before you delete anything. In particular, the nod32 entries should be part of your antivirus (although malware can get devious, so check them out as well), and various other entries are part of things you may or may not want to get rid of.
|
05-26-2007, 06:40 PM | #7 |
Jack Burton
Join Date: March 21, 2001
Location: Philippines, but now Harbor City Sydney
Age: 41
Posts: 5,556
|
thanks guys. Actually the Rody is me and my profile. I do have a niftly program that loads up thru my desktop (just being a one file.exe file) lolz.
On another note, I do use several of the programs you found suspicious although yet I do have a feeling that its hiding in one of those program names as well. Sigh. Ill give it a shot and see how it goes by googling them one by one :-S. To Sir Krustin: why would you think it be getright? I do have getright running in my background constantly as my download tool...
__________________
Catch me if you can.. |
05-26-2007, 11:03 PM | #8 |
40th Level Warrior
Join Date: October 29, 2001
Location: Western Wilds of Michigan
Posts: 11,752
|
Thanks for clarifying, Andrewas. I had to run, and didn't have time to finish taking a look, nor to clarify what I meant to say.
What I meant to say was that for anything that you don't recognize, google for it to see what it is. Various sources may come up; liutilities and castlecop are a couple that I see frequently, and tend to trust. Don't -- DO NOT -- just arbitrarily remove anything from in the list. It's amazing what you could break... says the voice of experience. I'll go back and finish up the list from my perspective. Again, these are things that I don't recognize, which may mean diddly squat on your machine. Be your own judge.
__________________
*B* Save Early, Save Often Save Before, Save After Two-Star General, Spelling Soldiers -+-+-+ Give 'em a hug one more time. It might be the last. |
05-27-2007, 03:08 AM | #9 |
Jack Burton
Join Date: March 21, 2001
Location: Philippines, but now Harbor City Sydney
Age: 41
Posts: 5,556
|
thanks heaps guys [img]smile.gif[/img] for some reason its not popping up anymore today. I dont know why though. I havent done anything to critically change any components. Wierd. im going to wait for a few days before i do anything.. research first
__________________
Catch me if you can.. |
05-27-2007, 03:50 AM | #10 | |
Legion Symbol
Join Date: February 14, 2002
Location: Ireland
Age: 39
Posts: 7,367
|
Quote:
__________________
ZFR |
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Sneak Attack | Ravenbear | NWN Mod: Escape from Undermountain | 4 | 06-11-2006 09:12 AM |
Sneak Attack?? | Irie word of Jah | Icewind Dale | Heart of Winter | Icewind Dale II Forum | 5 | 08-12-2003 12:51 PM |
level up/sneak | T'zang T'zi | Miscellaneous Games (RPG or not) | 28 | 04-23-2003 01:11 PM |
Sneak Attacks... | White Lancer | Icewind Dale | Heart of Winter | Icewind Dale II Forum | 7 | 11-14-2002 11:06 PM |
Sneak Attack | kirdie | Icewind Dale | Heart of Winter | Icewind Dale II Forum | 6 | 09-15-2002 07:31 PM |