Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Help! Windows Victim Of Hacktool.rootkit

  • Please log in to reply
1 reply to this topic

#1 puterdope


  • Members
  • 2 posts
  • Local time:02:54 PM

Posted 20 September 2008 - 05:09 PM

Please help me if you can--and remember my name is puterdope--so keep it as simple as you can. Today I noticed I was getting a spyware ad popup whenever I started my computer and my Norton Security indicated that it was blocking a Hacktool.Rootkit. I ran the Norton scan and it removed a number of threats, but I still got the spyware ad popup when I restarted the computer. I wanted to get rid of it, but Norton kept saying there were no new threats. So on one of the help sites they recommended that I download avg and use it instead of Norton. So I downloaded it and ran it. It recognized and took care of a number of threats, so I thought I was out of the woods and shut down the computer. The next time I turned it on, however, the computer started to load but after the usual welcome page, the background picture on the desktop came up but nothing else. I have tried to restart it several times--same thing. I tried to get into safe mode but the screen just comes up blank. Does anyone know what's happened and how I can get Windows to come up on the desktop? I would appreciate any help you can give me, but I'm not very computer savy, so please keep it as simple as you can. Thanks.

Mod. edit: Moved from XP forum to Am I Infected. ~ OB

Edited by Orange Blossom, 20 September 2008 - 05:23 PM.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,773 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:54 PM

Posted 20 September 2008 - 06:46 PM

If you cannot boot up in Normal or Safe mode, you may be able to use a Windows XP bootable Floppy Disk to boot from a diskette instead of your hard drive. If your hard drive's boot sector or Windows' basic boot files have been corrupted, this disk will circumvent the problem and boot you into Windows. If you don't have an emergency boot floppy, you may be able to use one created on another PC running Windows XP but there's no guarantee that it will boot your machine.

"Resolving Boot Issues with a Boot Floppy Disk".
"How to obtain Windows XP Setup boot disks" and select the download that's appropriate for your Operating System. The Setup boot disks are available so that you can run the Setup program on computers that cannot use a bootable CD-ROM.

Another option is to create a Bootable CD:
Bootable CD FAQs
How To Boot your Computer from a Bootable CD or DVD
How to Create a Bootable Windows XP Setup Disk on a Preinstalled/Preloaded Windows System
Creating A Windows XP Recovery Console CD Image

You can try doing a "Repair Install with Recovery Console". The Recovery Console is a Windows utility that provides a DOS-like command line from which you can run some repair programs. If you have a Microsoft Windows CD-ROM, you can get to the Recovery Console by booting from that CD and pressing any key when you told to 'Press any key to boot from CD'. At the 'Welcome to Setup' screen, press r for Repair.

"Langa Letter: XP's No-Reformat, Nondestructive Total-Rebuild Option"
"How to perform a Repair/Reinstall" (with screenshots).
"How to install and use the Windows XP Recovery Console"

If you don't have your XP CD you can download an ISO of the Recovery Console files:
Recovery Console ISO file
XP Recovery Console zip file

Burn it as an image to a disk to get a bootable CD which will startup the Recovery Console for troubleshooting and fixing purposes. This is especially useful for those with OEM systems with factory restore partitions or disks but no original installation CD. If you are not sure how to burn an image, please read How to write a CD/DVD image or ISO.

Note: Using more than one anti-virus program is not advisable. The primary concern with using more than one anti-virus program is due to conflicts that can arise when they are running in real-time mode simultaneously. However, even when one of them is disabled for use as a stand-alone scanner, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

Each anti-virus will often interpret the activity of the other as a virus and there is a greater chance of them alerting you to a "False Positive". If one finds a virus and then the other also finds the same virus, both programs will be competing over exclusive rights on dealing with that virus. Each anti-virus will attempt to remove the offending file and quarantine it. If one finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a virus has been found when that is not the case.

Anti-virus scanners use virus definitions to check for viruses and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, most anti-virus programs encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. However, some anti-virus vendors do not encrypt their definitions and will trigger false alarms if used while another resident anti-virus program is active.

To avoid these problems, use only one anti-virus solution. Deciding which one to remove is your choice. Be aware that you may lose your subscription to that anti-virus program's virus definitions once you uninstall that software.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users