Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Agobot-ku


  • Please log in to reply
8 replies to this topic

#1 jxing62

jxing62

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:30 PM

Posted 31 October 2007 - 03:48 AM

dear experts,
the teatimer by spybot keep on warning me of the agobot-ku infection.

1. i install ad-aware , mcafee security center(Aol) , ashampoo antispyware and scan the computer for malware but nothing found.

2. even i scan with spybot S&D but nothing was found also.

3. is that mean my computer was hijacked or infected with rootkit( i also not have much knowledge with what is rootkit) that the above
security software unable to detect the infection?

thnaks in advcance.

rgds

jxing62

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:30 AM

Posted 31 October 2007 - 07:40 AM

Several other users posted about this detection possibly being a "False Positive" in the Spybot forum. I also checked a few other forums where this complaint was made and no such infection was found.

Since none of your other scans are picking up this malware, that adds credence that this detection is a FP.

However, if you want another opinion, you can download Sysclean Package and follow the instructions provided in the How to Use System Cleaner for performing a scan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 VirtueOfPanda

VirtueOfPanda

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:30 PM

Posted 31 October 2007 - 07:42 AM

Hi there jxing62,

i also not have much knowledge with what is rootkit


What is a rootkit:

A rootkit is a general description of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Techniques used to accomplish this can include concealing running processes, files or system data from the operating system. Rootkits have their origin in benign applications, but in recent years have been used increasingly by malware to help intruders maintain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Mac OS X, Linux and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules.


http://en.wikipedia.org/wiki/Rootkit

~VirtueOfPanda~
Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.

#4 jxing62

jxing62
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:30 PM

Posted 31 October 2007 - 09:12 AM

dear VirtueOfPanda and Quietman7,

thanks for the replies.

1. i agree with you that it is kinda FP.
2. for the rootkit, do you think antivirus software like mcafee, avg,norton ......... do scan for rootkits? or we need software specially made for rootkits scanner and removal. look like need to spend more money for internet security days after days.

rgds

jxing62

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:30 AM

Posted 31 October 2007 - 10:44 AM

do you think antivirus software like mcafee, avg,norton ......... do scan for rootkits?

In most cases, no but some like NOD32 are moving in that direction.

F-Secure Online Scanner. <- Be sure to follow the directions on the F-Secure page for proper Installation. (also checks for rootkits).

There are many free ARK tools but some require a certain level of expertise and investigative ability to use. These are a few of the easier ones for novice users.
Avg Anti-rootkit
Panda AntiRootkit
Sophos Anti-Rootkit
BitDefender RootkitUncover
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 jxing62

jxing62
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:30 PM

Posted 31 October 2007 - 11:15 AM

quietman7,

thanks for your advices.

lately i start to study articles in internet related to security. can you kindly clarify few questions related to computer security?

As to secure ourself when surfing internet,

1. i learn that hostsfile is handy and a good and regular updated hostsfile can block bad website?
2. then we need to install antirootkit, then antivirus then antispyware,
then what else?
3. do we need to examine the windows startup list?

4. what actually is the minimum software that essential to internet surfing? pls advice.

rgds

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:30 AM

Posted 31 October 2007 - 11:26 AM

As to secure ourself when surfing internet,

"Simple and easy ways to keep your computer safe".
"How did I get infected?, With steps so it does not happen again!".
"The Ten Most Dangerous Things Users Do Online".
"The 10 Biggest Security Risks".
"Hardening Windows Security - Part 1" and "Hardening Windows Security - Part 2".

i learn that hostsfile is handy and a good and regular updated hostsfile can
block bad website?

Hosts File FAQS
How to Use a Hosts File
Hosts File Tutorial
Blocking Unwanted Sites with a Hosts File

do we need to examine the windows startup list?

Use a startup manager like Startup Control Panel, Autoruns or Starter by CodeStuff.
If you untick an entry it will no longer run at startup. This will allow you to experiment and see how your system performs with any of them disabled. Note: some startup programs are necessary so be careful what you disable.

If you are unsure what any of the program entries are or if they are safe to disable, then do a search on Google or use the Startup Programs Database.

Your last question will be answered by reading the links provided for your first question.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 jxing62

jxing62
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:30 PM

Posted 31 October 2007 - 09:02 PM

quietman7,

many many thanks to your recommendation reading. there are always people like you who is very kind hearted and this make the things improve and life ease.

rgds



we are the world.

rgds to all.

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:30 AM

Posted 01 November 2007 - 05:54 AM

Your welcome. :thumbsup:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users