Anti-virus scan detected rootkit...
...but when I try to remove it, it tells me "Some files cannot be healed. Access is denied".
I've already deleted the file that it was detected in (even though I scanned that file several times after and didn't detect any infections), but I doubt that got rid of it. Any suggestions on how to?
I'm using Vista with AVG Professional, BTW (and no Vista criticism cracks, please).
Last edited by Spartan198; 10-27-2008 at 11:34.
My Greek Cavalry submod for RS 1.6a: http://www.twcenter.net/forums/showthread.php?t=368881
For Calvin and TosaInu, in a better place together, modding TW without the hassle of hardcoded limits. We miss you.
Re: Anti-virus scan detected rootkit...
Can your run Vista in the other mode and run the anti-viurs?
Names, secret names
But never in my favour
But when all is said and done
It's you I love
Re: Anti-virus scan detected rootkit...
What other mode?
My Greek Cavalry submod for RS 1.6a: http://www.twcenter.net/forums/showthread.php?t=368881
For Calvin and TosaInu, in a better place together, modding TW without the hassle of hardcoded limits. We miss you.
Re: Anti-virus scan detected rootkit...
Safe mode IIRC.
Names, secret names
But never in my favour
But when all is said and done
It's you I love
Re: Anti-virus scan detected rootkit...
Safe mode most likely won't let you dislodge a rootkit. Others may have some more extensive experience with dealing with these than I do (and I've got enough), but by definition they are essentially impossible to dislodge without booting into a separate operating system, like through a Linux boot CD.
The best thing you can do is back up what you need, and repartition/reformat/reinstall your entire system from scratch. Doing anything less is dangerous, you may think you have the rootkit removed when in fact you don't, and even if you do manage to remove part or all of it, your system could be permanantly unstable.
Back up what you can. Repartition, reformat, reinstall. Do NOT just pop in a "restore" cd and go from there. You need to wipe the system clean and start fresh.
"Justice is the firm and continuous desire to render to everyone
that which is his due." - Justinian I
Re: Anti-virus scan detected rootkit...
I think there was a pluging for Adaware for rootkits.
Names, secret names
But never in my favour
But when all is said and done
It's you I love
Re: Anti-virus scan detected rootkit...
HijackThis is a good for removing rootkits.
Ja mata, TosaInu. You will forever be remembered.
Proud
Been to:
Swords Made of Letters - 1938. The war is looming in France - and Alexandre Reythier does not have much time left to protect his country. A novel set before the war.
A Painted Shield of Honour - 1313. Templar Knights in France are in grave danger. Can they be saved?
Re: Anti-virus scan detected rootkit...
Actually, I found that program while browsing "how to delete a rootkit" and installed it.Originally Posted by edyzmedieval
It did delete the rootkit, but afterward started acting really strange. The permissions window kept popping up, saying it was trying to access my system. But after clicking "yes" several times, it did nothing that I could see, so I got suspicious kind of suspicious about it and decided to uninstall and clear all traces of it.
But it did delete the rootkit, though.
My Greek Cavalry submod for RS 1.6a: http://www.twcenter.net/forums/showthread.php?t=368881
For Calvin and TosaInu, in a better place together, modding TW without the hassle of hardcoded limits. We miss you.
Re: Anti-virus scan detected rootkit...
Now, I would run some more antivirus scans because it sounds like that program you installed was trying to install something nasty on your comp there.....You wouldn't happen to remember its name do you?
"I do not know what I may appear to the world; but to myself I seem to have been only like a boy playing on the seashore, and diverting myself in now and then finding a smoother pebble or a prettier shell than ordinary, whilst the great ocean of truth lay all undiscovered before me." - Issac Newton
Re: Anti-virus scan detected rootkit...
I misread edyzmedieval's post. He was talking about a program called HijackThis, but the perp of the happenings I described was a rootkit removal program called UnHackMe.
I ran three subsequent scans that night, with daily scans since then, but the only hits I've had are a few Adware hits in a now-deleted registry entry left over from a registry cleaner program I'd downloaded from that website FinallyFast.com.
My Greek Cavalry submod for RS 1.6a: http://www.twcenter.net/forums/showthread.php?t=368881
For Calvin and TosaInu, in a better place together, modding TW without the hassle of hardcoded limits. We miss you.
Re: Anti-virus scan detected rootkit...
Perhaps you can grab yourself a copy of a trial version of Kaspersky, see if that one (if the trial version actually does include rootkit search) confirms your AVG scan?
- Tellos Athenaios
CUF tool - XIDX - PACK tool - SD tool - EVT tool - EB Install Guide - How to track down loading CTD's - EB 1.1 Maps thread
“ὁ δ᾽ ἠλίθιος ὣσπερ πρόβατον βῆ βῆ λέγων βαδίζει” – Kratinos in Dionysalexandros.
Re: Anti-virus scan detected rootkit...
Haven't had any rootkit detections since then, but I'll do that to double check. Thanks, Tellos.
My Greek Cavalry submod for RS 1.6a: http://www.twcenter.net/forums/showthread.php?t=368881
For Calvin and TosaInu, in a better place together, modding TW without the hassle of hardcoded limits. We miss you.
Re: Anti-virus scan detected rootkit...
Personally, if I were sure my windows machine had a rootkit, I'd pull the network, backup and reformat windows. A rootkit could likely be a trojan or other nasty, and you could well have all kinds of things on your machine.
Better safe than sorry. And windows kinda needs reformatting every so often anyway, to maintain performance.
~LordKhaine~
Re: Anti-virus scan detected rootkit...
Sometimes it feels like I'm talking to an empty theater....
"Justice is the firm and continuous desire to render to everyone
that which is his due." - Justinian I
Re: Anti-virus scan detected rootkit...
Nuke the site from orbit, it's the only way to be sure.Sometimes it feels like I'm talking to an empty theater....
The .Org's MTW Reference Guide Wiki - now taking comments, corrections, suggestions, and submissions
If I werent playing games Id be killing small animals at a higher rate than I am now - SFTS
Si je n'étais pas jouer à des jeux que je serais mort de petits animaux à un taux plus élevé que je suis maintenant - Louis VI The Fat
"Why do you hate the extremely limited Spartan version of freedom?" - Lemur
Re: Anti-virus scan detected rootkit...
While everyone is happy with their current condition, it's not up to us to force our suggestions on them, lads.
Posting Permissions
Reply With Quote
Bookmarks