Rootkit

Posted: 03-10-2008, 07:53 AM

H
Today i scanned my system and got the following notification
"The On-Demand Scan found alterations to code or data which ma
indicate that a rootkit is attempting to hide files, registry keys
processes or other items. If this scan fails to find anything then th
computer should be scanned with McAfee PreScan or booted into Safe Mod
and this scan run again

What is the problem and what should i do now
Please guide me
Thank

--
ssplal

Rootkit


Responses to "Rootkit"

Jeff Smith [MSFT]
Guest
Posts: n/a
 
RE: Rootkit
Posted: 03-10-2008, 01:34 PM
It sounds like your antivirus program has found evidence of a serious kind of
virus. You may be able to fix it by following the instructions that came
with your virus scanner. However, it's not always possible to recover an
infected computer. The safest course of action is to back up all your
documents and re-install Windows.

I'd strongly suggest that you not use that computer for internet banking or
other "secure" stuff.


"ssplal" wrote:
>
> Hi
> Today i scanned my system and got the following notification.
> "The On-Demand Scan found alterations to code or data which may
> indicate that a rootkit is attempting to hide files, registry keys,
> processes or other items. If this scan fails to find anything then the
> computer should be scanned with McAfee PreScan or booted into Safe Mode
> and this scan run again"
>
> What is the problem and what should i do now?
> Please guide me.
> Thanks
>
>
> --
> ssplal
>
Malke
Guest
Posts: n/a
 
Re: Rootkit
Posted: 03-10-2008, 01:57 PM
ssplal wrote:
>
> Hi
> Today i scanned my system and got the following notification.
> "The On-Demand Scan found alterations to code or data which may
> indicate that a rootkit is attempting to hide files, registry keys,
> processes or other items. If this scan fails to find anything then the
> computer should be scanned with McAfee PreScan or booted into Safe Mode
> and this scan run again"
McAfee isn't very good (and I'm being polite about it by saying only that).
It would be wise to scan with another antivirus/malware product to get a
"second opinion" first before you panic. I'd use David Lipman's Multi_AV:

http://www.elephantboycomputers.com/...moving_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions

If McAfee reported a particular file as the rootkit, you can also send it to
Virus Total for identification.

http://www.virustotal.com/

If your alternate scan comes up clean, I'd consider replacing McAfee with a
betteer security solution such as NOD32, Kaspersky, or even Avast if you
want something free.

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
Installing RootKit Revealer v1.71 on Vista Premium?? JJ Windows Vista Security 1 01-29-2008 04:07 PM
SecuROM = rootkit? Tessiero Windows Vista Games 12 11-29-2007 09:20 PM
Vista rootkit issue - all legit. software Bob Windows Vista Security 6 10-04-2007 11:03 PM
How do I get rid of a rootkit T5 Windows Vista Security 8 05-13-2007 10:17 PM
New Vista installation - rootkit found! Walter Docherty Windows Vista Security 4 02-02-2007 02:31 PM