Posted 07 October 2009 - 03:05 PM
Posted 07 October 2009 - 04:08 PM
Posted 08 October 2009 - 10:02 AM
Hello and welcome.
It looks like there is a rootkit variant in this log. The rootkit itself is a protection module used to terminate a variety of security tools by changing the permissions on targeted programs so that they cannot run or complete scans. There are some new variants of rootkits in the wild right now that will require custom scripts to remove the infection, the process must be completed by HJT team members or above.
Failure to follow the proper removal process can and will cause serious damage to a machine. Recovery of the machine may be difficult, if not impossible.
[snip]
Posted 08 October 2009 - 11:14 AM
0 members, 0 guests, 0 anonymous users