We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Root Kit Zero Access / Win32 Patched HN Trojan
Options
Comments
-
nothing, gave zero results, very odd.
open office was the free download so nothing dodgy with it.0 -
avast does run on vista!!
> . !!!! ----> .0 -
I know, but it gave all sorts of errors and windows wanted to keep verifying, had all sort of reboots and windows shutting itself down etc. I found loads had the same problem after a vista update and having not being able to use it so I gave up and unistalled it.0
-
Pretty sure the combofix deletion was a false positive, besides the rootkit only infects .sys files in the system32 directory. Did you try the targetted scans from SAS, Microsoft Malicious software, Dr Web? Have you tried with the new version of Hitmanpro?
If so and still no detections, (1) maybe this variant doesn't do the backup driver. (2) Maybe it did, but it's in one of the logs that hasn't been posted, so you could check for yourself e.g. bitdefender rescue disk leaves a log on C:\ IIRC. (3) Alternatively, it's just hiding itself too well so you might try with a Dr Web bootdisk (and can still browse). http://www.freedrweb.com/livecd
Did I give you kontiki clean yet? http://demo.kontiki.com/support/KClean.exe
Also aswCLEAR to remove Avast remnants http://files.avast.com/files/eng/aswclear.exe0 -
tried all of those and after the last combo fix nothing is showing at all.0
-
Well id say its clean. But id certainly scan with Dr Web and some main anti virus (Avira or whatever):idea:0
-
I've created a Dr Web boot disk and will have a go with that. It certainly seems more stable now.0
-
5 pages ..... backup, reinstall windows!!
> . !!!! ----> .0 -
the only reason I haven't is that in a few week's time I am moving all my data to another computer as treated the bf to a lovely new I5 laptop and I'm having his ols one so will probably do a format reinstall using my original backup discs I did when bought this infected laptop.
I just need to be able to use it safely for a few more weeks so was a bit frustrated I managed to get such a nasty root kit!
I'm still trying to determine where it came from as stopped using p2p type software and websites years ago and am so careful about what I install on here0
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 350.8K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards