So gmer found a weird item on the HD0 MBR, however didn't flag it as a rootkit. Since I dual boot and had messed with grub it didn't set off the fire alarms. Just to get a second opinion so to speak, I came here to check the ant-rootkit software.
After perusing a little, I came across PCHunter and decided to give it a go. In hind site it seems to be a huge mistake. The first thing I noticed on this site was no security CRC hash numbers to check the downloaded files against which is very odd, but okay.
I looked at the screen shots of the program running on BleepingComputer to get a sense of what to expect. However when I launched PCHunter I did not get any windows. Only a warning from the o/s stating that "Another program was using this file". Obviously inacurate, I used Process Explorer to shut down everything unneeded and ran a scan with Malwarebytes and scrubbed the downloaded zip file and the extraced directory of PCHunter. Now I have THIS! (see attached)
PCHunter is quote-unquote anti-malware from China. Now after a failed attempt at using/opening PCHunter I have a Chinese symbol in front of a non-existant volume, being run by a non-existant process...
Does anyone actually look at the source code for this software, or run it to make sure its not full of malware? Bleeping Computer seems like a web site rife for planting malware, the place where others go to find fixes and cleaners.
Is this web site going to start using CRC hashes anytime? Clearly it's not a be all end all for security but it might help to keep this web site from passing out malware in an attempt to clean peoples o/s's of malware.
Does anyone know of an effective way to clean this from my system other than a total sector scrub and reinstall of the o/s?