General.Root infection

Belezebub · #1 01-28-07, 15:48

I have been having some problems with a rootkit.
McAfee, during a manual scan found and alerted me that it found
General.Rootkit among other variants.
It removed all, or so I thought.
When I run a McAfee scan now there is no mention of a root kit.
However, everyday I see an alert that McAfee has stopped a buffer overflow.
I have run both Spybot S&D and Adaware. Each have been updated. Nothing has been found by either.
I have gone so far as to install the AVG Anti-Rootkit Beta.
Which has found a rootkit.
" c: WINDOWS\system32:huy32.sys - Hidden driver file"
However I have neglected to have AVG Anti-Rootkit Beta remove the
infection not knowing what it will do to my system.
Any help would be appreciated.

bjgarrick · #2 01-28-07, 17:53

Welcome to MajorGeeks.com, please follow our standard cleaning procedures:

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

Downloading, Installing, and Running HijackThis

Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around..

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:

CounterSpy
AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
Bitdefender - from step 6
Panda Scan - from step 6
runkeys.txt - the log from GetRunKey.bat
newfiles.txt - the log from ShowNew.bat
HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
<windows root>\system32\hal.dll	johnnyb78	Hardware	2	01-03-07 20:24
USB Root Hubs	Rob M.	Hardware	2	08-29-06 00:45
Root Kit Reveal	Mac S	Malware Removal	1	08-20-06 19:32
Root kit files	tester36	Malware Removal	7	03-18-06 20:07
IBC Root Beer Ad	Major Attitude	Interesting Website Links	1	05-27-04 19:38