LIVE TROJAN IN FRONT OF ME/DON'T KNOW WHAT TO DO WITH IT

Discussion in 'malware problems & news' started by Rilla927, Aug 11, 2005.

Thread Status:
Not open for further replies.
  1. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    I installed Anti Vir because I knew there was a Trojan. My firewall and wi-fi only settings were disabled literally, you could not re-enable them manually at all. So I uninstalled PC Cillian and reinstalled it. You remember it scans your computer firsr before a freash install and that's when it came up with KLOG_PPATROL.A. To make a long story short, I have been up for the last 30 Hrs straight. I just got up from a four hour nap and on my screen it says it's in the J drive system volume. I copied the whole path down on paper. It say's it's a HEURISTIC/Backdoor.Generic.This program is asking me "What shall be done with this file?"

    My options are:

    Move file to quarentine directory
    Delete File
    Wipe File
    Rename File
    Deny Access
    Allow Access

    okay those are your choices. By default it's on Deny Access. Who knows how long it's been setting on the screen.

    I sent two Hijackthis logs last night and they kept telling me there is nothing there. They said it was Pest Patrol. I told them it is a Trojan. I sent them a third log about 7:00am eastern time from Anti Vir, begging them to look at it. I tried to explain to Gavin in the email that Pest Patrol is not going to turn off my firewall or my wi-fi.

    Guy's I even found all the settings in registry how they worked around my firewall. I couldn't believe what I was looking at. I found all kinds of crap.

    PLEASE HELP!!!!!!

    Rilla927
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
  3. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    I don't understand this. Pest Patrol was uninstalled last night. It all started with my internet security being disabled. I only know of malware to do this. Pest Patrol has always worked a long with mt PC Cillian and I never had this before. Which means some type of malware disabled my security settings.

    What am I missing here.
     
  4. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Well, since this is a heuristic detection, it may well be a false positive, try some of the free online scanners in my signature for a second opinion. :)
     
  5. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    Well, there is a lot of different opinions on this. All I know is it took out my firewall and wi-fi only, and you could not enble them again. I uninstalled PC Cillian and then reinstalled and that's when it found the Trojan KLOG_PPATROL.A. It said it cleaned and deleted it. This is only four days after a reformat. Since it cleaned and deleted, I uninstalled again and put another app on and ran it and it said, Backdoor.Generic. I wiped it and restarted.

    If it really is Pest Patrol what disabled my security? Then I put another app on and it detects another, two apps being false positives, what's the odd's of that. I'd like to get to the bottom of this myself, because everyone thinks I'm nuts! I did call Trendmicro and they said they will definitely research this.

    Anyway, I did get rid of it. Since I reformatted, I didn't even get the chance to install TDS-3. I tryed installing PG on the first day and something went wrong with installation.

    I'll keep you guy's posted.

    Rilla927
     
Loading...
Thread Status:
Not open for further replies.