We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Yet another virus problem!
Comments
-
This is the log from the scan
KASPERSKY ONLINE SCANNER 7 REPORT Monday, October 27, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, October 27, 2008 10:18:01
Records in database: 1350517
Scan settingsScan using the following databaseextendedScan archivesyesScan mail databasesyesScan areaMy ComputerA:\
C:\
\
E:\
F:\
G:\
H:\ Scan statisticsFiles scanned75751Threat name1Infected objects1Suspicious objects0Duration of the scan01:40:56
File nameThreat nameThreats countC:\Program Files\MAX-DECT PHONE\pskill.exeInfected: not-a-virus:RiskTool.Win32.PsKill.k1The selected area was scanned.0 -
siamese0109 wrote: »Have windows defender and i think the router has a firewall anyway. I tend to use my laptop more than the desktop so not over sure what's on that! I know I've got the scan suggested running at the minute and when I was shutting other virus software down before I started I also found something called mcAfee guardian which I didn't know was on it! They're probably all conflicting with each other! But.............as I said we've not had a problem with it before
A router firewall and a software firewall are 2 VERY diferent firewalls. You NEED a software one. The routers will only stop certain attacks, NOT malicious software from connecting to the net
Also, whoever mentioned using FIREFOX with the NOSCRIPT plug in were bang on the money:idea:0 -
As you can see the scanner found the following;
C:\Program Files\MAX-DECT PHONE\pskill.exe
Can you upload the following file to jotti?
Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows
Please click this link-->Jotti
When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.
C:\Program Files\MAX-DECT PHONE\pskill.exe
Please post back the results of the scan in your next post.
Did you decide against running Combofix?0 -
I misread what you'd posted and thought Kaspersky was instead of Combofix!
Can't do anything at mo as Hubby has gone for a nap cos he's on nights tonight so I'll do it when he goes to work. Is it worth me still running Combofix and if so should I do it before or after I've used Jotti?
Thanks for the help so far. Just as an aside I went onto my log-in on the same computer and my desk-top is as it should be - not sure if that's useful information or not
0 -
A router firewall and a software firewall are 2 VERY diferent firewalls. You NEED a software one. The routers will only stop certain attacks, NOT malicious software from connecting to the net
Also, whoever mentioned using FIREFOX with the NOSCRIPT plug in were bang on the money
Isn't the Windows firewall a software one? I'm getting a bit confused here! The desktop runs on XP and the firewall in that is set up. Are you saying I need something else as well? 0 -
You can do Jotti first or second.
Windows Firewall is not as good as a 3rd party version. Stay as you are at the moment, once we are sure you are clean then we can suggest other firewalls.0 -
Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
document.getElementById('javascriptwarning').innerHTML='';File to upload & scan:
Service
Service load: 0% 100% File: pskill.exe Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 4549d94b655ad6332b08efb258d1b6bf Packers detected: -
window.google_render_ad(); Scanner results
Scan taken on 27 Oct 2008 19:15:15 (GMT) A-Squared Found nothing
AntiVir Found APPL/Tool.PsKill.2
ArcaVir Found Riskware.Risktool.Pskill.K
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found Malware.Generic
Dr.Web Found Tool.ProcessKill.7
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found not-a-virus:RiskTool.Win32.PsKill.k (6, 2, 611)
G DATA Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found not-a-virus:RiskTool.Win32.PsKill.k
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found Riskware.Tool.PsKill
Powered by
Disclaimer
This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.
Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.
Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.
Virus definitions are updated every hour. There is a 10Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.
Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all.
Sponsored by HotelScraper.com. window.google_render_ad(); Statistics
Last file scanned at least one scanner reported something about: 2.exe (MD5: 645c298b5c73d29efe3bc45256aab1f1, size: 609280 bytes), detected by:
Scanner Malware name A-Squared X AntiVir TR/Proxy.Agent.CL ArcaVir X Avast X AVG Antivirus Win32/Grum.B BitDefender GenPack:Backdoor.Hupigon.AAIB ClamAV X CPsecure BackDoor.W32.Hupigon.cuw Dr.Web X F-Prot Antivirus W32/Hupigon.H.gen!Eldorado F-Secure Anti-Virus Backdoor.Win32.Hupigon.eefm G DATA GenPack:Backdoor.Hupigon.AAIB Ikarus Backdoor.Win32.Hupigon Kaspersky Anti-Virus Backdoor.Win32.Hupigon.eefm NOD32 a variant of Win32/Hupigon Norman Virus Control W32/Hupigon.gen266 Panda Antivirus X Sophos Antivirus W32/Grum-I VirusBuster X VBA32 Trojan-PSW.Pinch.1 (paranoid heuristics)
You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
We are not affiliated with any third parties that conduct tests using this service.
Frequently asked questions - Feedback - Privacy policy
Page generated by JTPL
© 2004-2008 Jotti [EMAIL="jotti@jotti.org"]jotti@jotti.org[/EMAIL]
I haven't run Combofix yet - I haven't got an XP disc as the software was loaded when we got the desktop so I can't set up Recovery Console. Is it safe to run without doing that - sounds a bit scary!!0 -
If you use Windows XP and do not have the Windows CD, ComboFix includes a method of installing the Windows Recovery console by downloading a file from Microsoft. To install the Windows Recovery Console when you do not have the Windows XP CD, please follow these instructions:
Click on the following link to go to Microsoft's Web site:
http://support.microsoft.com/kb/310994
At that page, scroll down and click on the appropriate download for your version of Windows XP (Home or Professional) and the service pack level that you have installed. When you click on the link to download the file, make sure you save it directly to your desktop. If you are using Windows XP Service Pack 3 (SP3), then select the Service Pack 2 download. If you are using Windows XP Media Center, then you should select the Windows XP Pro Service Pack 2 download. If you are unsure what version of Windows you have and what Service Pack is installed, you can follow these instructions to gain that information.- Click on the Start button.
Click on the Run menu option.
In the Open: field type the following: sysdm.cpl and then click on the OK button. - A screen will appear showing information about your installation. Under the System: category you should see your Windows version and the installed Service Pack. When you are done determining this information continue with Step 2.
- Once the Microsoft file has finished downloading, you should drag it on top of the ComboFix icon and let your mouse button go. This is shown in the following image.
- ComboFix will now automatically install the Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Windows Recovery Console option when you start your computer unless requested to by a helper.
Ex forum ambassador
Long term forum member0 - Click on the Start button.
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.4K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards