I MIGHT have a rootkit. Now what ?

Discussion in 'malware problems & news' started by brjoon1021, Feb 12, 2008.

Thread Status:
Not open for further replies.
  1. brjoon1021

    brjoon1021 Registered Member

    Joined:
    Aug 10, 2005
    Posts:
    143
    Hi,

    I installed the free Macafee and the free AVG rootkit finders and they found different things. Frankly I am not too sure what to do with the output either.

    What programs should I run to make sure / see if I have a rootkit ? If I do think I have one, what is the best way to get rid of it? Would an online scan by BitDefender or Kaspersky find it ?

    Thanks,

    B
     
  2. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Can you make a note of what they are detecting and post it in your next reply.
     
  3. brjoon1021

    brjoon1021 Registered Member

    Joined:
    Aug 10, 2005
    Posts:
    143

    Here is what the rootkitdetective report;

    "
    McAfee(R) Rootkit Detective 1.1 scan report
    On 12-02-2008 at 11:15:16
    OS-Version 5.1.2600
    Service Pack 2.0
    ====================================

    ~copied and removed whole report\uploaded locally....Bubba~
    View attachment rootkitdetective.txt
     
    Last edited by a moderator: Feb 13, 2008
  4. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I've had used rootkit unhooker, with good results. You must be careful, though, since I've heard you can do more damage than good if you don't know what your doing.

    Dr.Web cureIt claims it can deal with rootkits, but I've never tested it against one.
     
  6. argus tuft

    argus tuft Registered Member

    Joined:
    Sep 20, 2006
    Posts:
    280
    Location:
    Australia
    sp_rsdrv2.sys is part of Spyware Terminator, and is legit.
     
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Hello brjoon1021,

    Since Wilders no longer offers one on one cleaning services, I'm afraid we're going to have to refer you to one of the security forums that has active Spyware Cleaning services available.

    Read the following thread and choose one of the forums listed in it, join there and they should be able to assist you:

    https://www.wilderssecurity.com/showthread.php?t=42148
    ----------------------------

    As noted in our long standing Announcement concerning HJT and\or similar logs....
    Regards,
    Bubba
     
Loading...
Thread Status:
Not open for further replies.