May 23rd, 2003, 03:13 AM
security risk detected
Hi, I`ve run my Norman Virus Control and it has detected about 7 security risks so far
C:\WINNT\SYSTEM32\Libparse.exe Security risk:W32\HackPV.A C:\WINNT\SYSTEM32\psexec.exe W32/HackPS.A C:\WINNT\SYSTEM32 \CONFIG\Libparse.exe W32/HackPV.A
C:\WINNT\SYSTEM32 \CONFIG\psexec.exe W32/HackPS.A
Does anybody have any idea of what this is and what to do since the AV cannot delete them?
May 23rd, 2003, 03:15 AM
I would look them up on google and maybe try http://www.symantec.com
"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chsh
Blog of X
May 23rd, 2003, 01:02 PM
psexec is part of the pstools suite from Sysinternals
Svchost32 is part of a backdoor more info can be found here
My best guess? You're screwed. Your machine is probably backdoored.
Experience is something you don't get until just after you need it.
May 23rd, 2003, 01:10 PM
dude your gettin owned (think dell guy that got arrested for pot)
May 23rd, 2003, 02:01 PM
pop into safe mode and try t delete them there...or create a bot disk from the av program and use that.
Who is more trustworthy then all of the gurus or Buddha’s?
May 23rd, 2003, 04:34 PM
I'm not sure but u may had been infected by TROJ_FLOOD.BI.DR.
check if u find a RCFG.INI file it's used to connect to an IRC server from which the attacker takes control on u.
[shadow] SHARING KNOWLEDGE[/shadow]