Yesterday, I downloaded a program call vista drive from joejoe.org. It's suppose to emulate vista's ability to display the amount of space used in a drive. However, I soon realized that the sum of all the files in the folder is 200 kb less folder itself. My suspicion grew when I saw that the icon used for the program was in the downloaded folder, but I can't see it or modify it(yes, I did allow show hidden files or folders). Other people online also report viruses or spyware being attacked to some versions of the software. I think the most probable answer that I might have had a rootkit infection... Does anyone have any suggestions on how best to remove it?
-
Search for my most recent thread in "Software" and you will find that I too was infected with a rootkit, and although I managed to remove the virus, my system was still infected. I tried to remove it, but in the end I had to reformat. Read up about it on google; microsoft offers a detection tool, but nothing more. There really aren't any free rootkit removers unfortunately.
-
I read your thread, but I think mine is a bit different from yours. My system is not showing any symptoms yet. I want to download a few rootkit scanners before I reformat (I did that last month and it cost me 6hr!). So far, I installed the f-secure one. Going to get the windows one tonight. Are there any other software/solutions? Thanks in advance.
-
http://research.microsoft.com/rootkit/
I've been able to go to Microsoft's rootkit web page, but can't seem to find a download link. This that software released yet? Also, are there any other software I should try? -
I installed the f-secure one, but can't quite get the other one working. Anyways, I am now now running the following programs to check for problems:
F-Secure Backlight
Zone Alarm Security Suite (bit level scanning)
Avast! Anti virus U3 edition (from my flash card)
Spyware Doctor
Ad-Aware Personal Edition
Spybot S&D
TuneUp 2006 (registry part)
System Mechanic (registry and spyware part)
Registry Mechanic
If none of those programs come up with anything, does that mean my computer is free of any possible rootkit/spyware or is it not definitive?
Thanks in advance. -
Use Microsoft's rootkit detector. Read Zellio's posts in my thread, it might get you to decide whether to spend the time to fix your OS installation or just format and reinstall and save your time.
-
If you have not yet, just reformat. Even if you find the rootkit, it will be tough to fully remove and you will never know if you have truly gotten everything. A compromised system can never again be trusted. Think of it as a good opportunity to make fresh backups and have a clean install.
-
Possible Rootkit Infection?
Discussion in 'Windows OS and Software' started by User_Name, Jan 3, 2007.