TechSpot

Hacktool.rootkit victim Please help me

By manhunt04
Jun 26, 2009
Topic Status:
Not open for further replies.
  1. I really need your help. I have hacktool.rootkit virus in my pc. I don't know how to do the advice you told "Prot". I Have here my log file from hijackthis. I hope you can help me before my pc gets lost on this virus. Thankyou.
  2. ChrisDown

    ChrisDown TS Rookie Posts: 125

    Wrong forum, this needs to be moved to Malware.

    I can see from your log that you are currently infected with Antivirus 2009 (a rogue antivirus). Please follow these 8 steps, and we can assist further.

    Thanks. :)
  3. manhunt04

    manhunt04 TS Rookie Topic Starter

    Solved! Please see my logs.

    Sorry for the wrong forum and Thanks! this is my 1st time in tech support. You people are very helpful. I've done all the eight steps. it took me almost 8hrs to do all because it takes hours in scanning. My problem with hacktool.rootkit was already gone. please see my logs so I will know if there are anymore probs in my pc. I'm just 15yrs oLd. I love comp. troubleshooting. Thanks again!

    NOTE: In my logs. please do not mind the date for I did not set it in the latest.
  4. ChrisDown

    ChrisDown TS Rookie Posts: 125

    I still see malware.

    Code:
    F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe calc.ifo beforemain
    The above is definitely malware. The below, I am not so sure of. Do you have any reason to be running something from INCA Internet?

    Code:
    O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
    First thing to do is run ComboFix. Download ComboFix from here, and save it to the Desktop. Now open notepad and paste the following into a document.

    Code:
    Killall::
    
    Snapshot::
    
    File::
    C:\WINDOWS\system32\calc.ifo
    Save this file onto your desktop too, as cfscript.txt. Then, drag it onto the cat icon, as shown below.

    [​IMG]

    Do not click on the ComboFix window whilst it runs, as it may stall. Once ComboFix is done, please upload the log.

    Thanks. :)
  5. manhunt04

    manhunt04 TS Rookie Topic Starter

    Combo Fix Log Result

    I do not know what INCA internet means. So i don't know if I was subscribed to that. Anyway I've done the combo fix. here is the log result. ThankYou very much.
  6. ChrisDown

    ChrisDown TS Rookie Posts: 125

    It would appear that you are currently running illegal software on your PC. Please remove the software so that we may continue to help.
  7. manhunt04

    manhunt04 TS Rookie Topic Starter

    what do you mean?

    Illegal softwares?.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.