We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Root Kit Zero Access / Win32 Patched HN Trojan

Options
2456789

Comments

  • Silver-Cat
    Silver-Cat Posts: 242 Forumite
    Trying hit man now.
    All the ones I tried that shut down now give an error message when I try to run them.
    Oops same just happened to hit man. It got hit. Arghhhhhh
  • dacouch
    dacouch Posts: 21,636 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    When you open malware, right click on it and select "Run as administrator"

    I followed the bleepingcomputer instructions when I had a problem and it eventually got rid of it
  • Silver-Cat
    Silver-Cat Posts: 242 Forumite
    everything is now diverting to a website called stopzilla!
    I can't open any anti virus . malware now.
    they all ran once then closed
  • RussJK
    RussJK Posts: 2,359 Forumite
    Perhaps if you list what you've tried, and what the outcome was. Have you tried in safe mode yet?
  • Silver-Cat
    Silver-Cat Posts: 242 Forumite
    hiya yes I have tried safe mode.
    I immediately kill the processes with rkill which gives the below as stopped:
    \\.\globalroot\Device\svchost.exe\svchost.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Windows\System32\grpconv.exe

    I have tried:
    hitman pro. ran once, was closed within a few seconds, now when run says windows cannot access the specified device, path or file. you may not have the appropriate permissions to access the file

    malware bytes - exactly same result as hitman pro
    hijack this exactly the same result as hitman pro

    windows defender - finds trojan dropper, quaranteed and the removed. now finds nothing.

    most google searches are diverting me to something called stopzilla especially if I use the word virus in the search
  • RussJK
    RussJK Posts: 2,359 Forumite
    Oh okay, that's different. As Dacouch said, try right clicking on the files and do 'Run as Administrator'. Also can try CTRL SHIFT ESCAPE (to bring up the task manager, alternatively CTRL ALT DELETE), then choosing File > Run Task.

    Did you use the LEFT CONTROL method with Hitmanpro?
  • RussJK
    RussJK Posts: 2,359 Forumite
    Try the Gdata one. It's already named similarly to a vital Windows file, so might be able to run.

    Alternatively Try installing Malwarebytes with this instead: http://www.users.on.net/~russ/minstall.scr to install it
    and if needed, this one to run it once installed http://www.users.on.net/~russ/mrun.scr
  • RussJK
    RussJK Posts: 2,359 Forumite
    Also please stop trying Windows Defender. I've never seen it be useful.
  • Silver-Cat
    Silver-Cat Posts: 242 Forumite
    It ives the same message when I select to run as administrator.
    Somethings messed up somewhere.
    Internet is very very slow.
  • RussJK
    RussJK Posts: 2,359 Forumite
    Alternative Trend link: http://www.users.on.net/~russ/svchost.exe
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.8K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.8K Work, Benefits & Business
  • 598.7K Mortgages, Homes & Bills
  • 176.8K Life & Family
  • 257.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture