rootkit problem?

Discussion in 'malware problems & news' started by dell boy, May 28, 2009.

Thread Status:
Not open for further replies.
  1. dell boy

    dell boy Registered Member

    Joined:
    Apr 13, 2009
    Posts:
    240
    Location:
    uk, england
    i dont really have too much undertanding of rootkits, only that they provide a safe haven for malware.
    my mums computer was burdened with malware when i accidently clicked "reinstall quarantine" when uninstalling norton antivirus which was in use for over 2 years. it seems as though i cleaned it up good but just doing routine scans with GMER antirootkit and it says warning system modification possibly made by rootkits, i say yes.
    then it does a long ass scan and finds 1 red item called;
    C:\Documents and Settings\*****\Desktop\***'n'*****\Mozilla firefox\firefox.exe (*** hidden ***)
    as a RED process, this seems legit as im running firefox but i think there is a high probability that this computer has some sort of rootkit since approx 25 different malwares accumulated over the last 2 years were suddenly put upon the computer.
    now im using mcafee which isnt too cracky but heh.
    i can post the scan log if someone would be kind enough to look through it.
    EDIT: i dont really know how to save a log so i can take screenshots if needed
     
  2. dell boy

    dell boy Registered Member

    Joined:
    Apr 13, 2009
    Posts:
    240
    Location:
    uk, england
    sorry to bump but i just need someone who knows about gmer and can tell me if this is an FP, i have just scrapped mcafee and got avast which apparently uses gmer technology and nothing came up on boot scan except a few script infections, does this hidden process of firefox sound dangerous or not, if anyone who knows whats what could tell me whether to get rid of this red process or leave it would be great
    thanks in advance.
     
  3. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Ok. Run MBAM , also Avira AntiVir and use ESET SysInspector.

    P:thumb:
     
  4. dell boy

    dell boy Registered Member

    Joined:
    Apr 13, 2009
    Posts:
    240
    Location:
    uk, england
    have used mbam and am using avast on it, which is supposedly good at detecting active rootkits based on the GMER technology so i feel ok but should i try other anti-rootkits like sophos, icesword or anyother you recommend i try, do they all detect similarly or does one have a significantly better detection rate.
    thanks in advance PROROOTECT
     
  5. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
Loading...
Thread Status:
Not open for further replies.