|
| |||||||
| Register | FAQ | The Twelve Commandments | Members List | Calendar | Arcade | Find the Best VPN | Today's Posts | Search |
| Tips & Tricks For help with file formats, viruses, security, etc. This section is not for questions about problems with Gnutella program clients, downloading, connecting, etc. |
| | LinkBack | Thread Tools | Display Modes |
March 30th, 2005
| ||||
| ||||
 Rootkit Rootkit? Ever heard of that ? Until recently I didn't. The story begins at my girlfriends computer where one of her kids recieved a mail from a friend with a attachment. Avast antivirus immediate sounded the alarmbell and removed it, but the virus is present again at every startup. Its called msdirectx.sys and is beeing placed in the username folder. It spreads trough mail, sending itself to every adress in the adressbook. Aparently it is a keylogger that phones home. So far I found it prevents you from opening : - Regedit - Taskmanager - Hijackthis It had shutdown ZoneAlarm and prevents it from a manual start, it prevents a Antivirus update. There seem to be a few variations. Some manual cleaning was described here but the variation I found had none of the described register entries. Further Googeling brought me here (there are some interesting links on that page). Perhaps for the paranoids (  peers) it is good to run:RootkitRevealer and F-Secure BlackLight I certainly have these programs in my PC good health list from now on So far I haven't been able to kill the virus, but I have another go at it coming weekend, I keep you updated Last edited by RaaF; March 30th, 2005 at 10:59 AM.  |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Warning | Unregistered | Open Discussion topics | 4 | November 16th, 2007 01:59 AM |
| Warning! | Busted | Rants | 2 | December 4th, 2001 10:05 PM |
| Warning | Unregistered | Open Discussion topics | 2 | November 20th, 2001 01:47 PM |
Threaded Mode
