Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

'Rootkit' problem...


  • Please log in to reply
5 replies to this topic

#1 leatherwings

leatherwings

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 13 April 2011 - 06:59 PM

Hello all - I hope this message finds you all in good health and spirits!

Now, it appears I may have a problem with my laptop. I have AVG anti-virus free edition 2011, and I usually scan my computer every day (anti-rootkit scan and whole computer scan). It's very rare there's any problem. I've just run some scans now though, and for the first time something has shown up in the 'anti-rootkit scan' bit. One rootkit has been found, and it's in the 'not removed or healed section'. Under the heading 'Infection' it says 'Hidden directory' (whatever that means!) and under the heading 'result' it says 'object hidden'. I'm not very good with computers so please bear with me, and I'd appreciate any help at all regarding how to deal with this. The whole computer scan is still running but no infection has shown up on that yet.

Thanks,

James.

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 14 April 2011 - 02:12 AM

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 leatherwings

leatherwings
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 14 April 2011 - 09:54 AM

Thank you very much. Although I'm following those steps and I have hit a problem:

While running the gmer scan, an 'AVG (the anti-virus software I use) Identity Protection' box has flashed up, saying 'Malware detected'. I'm being given two options - one to 'Move to Vault', which will safely quarantine the infected file to Virus Vault until further decision, and the other is 'Allow', which will leave the file as it is now. Common sense is telling me to click 'Move to Vault', but then the instructions in the steps say 'Please do not act on any of the information you find in this report as many legitimate programs could be listed in it', which could refer to this kind of thing. I really don't know what to do; which one do I choose?

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 14 April 2011 - 05:17 PM

In that case I would just skip the GMER scan and move on to the next stage.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 leatherwings

leatherwings
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 15 April 2011 - 02:30 AM

Too late I'm afraid... I had to leave my laptop in 'sleep mode', and when it 'woke up' it hadn't saved my session. I didn't choose anything in the end. Is that a problem? Should I still skip the gmer stage?

Thanks for your help! :)

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 15 April 2011 - 04:58 PM

I don't think it's a problem and yes I would just skip GMER.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users