MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 01-28-07, 15:48
Belezebub's Avatar
Belezebub Belezebub is offline
Private E-2
 
Join Date: Jan 2007
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy General.Root infection

I have been having some problems with a rootkit.
McAfee, during a manual scan found and alerted me that it found
General.Rootkit among other variants.
It removed all, or so I thought.
When I run a McAfee scan now there is no mention of a root kit.
However, everyday I see an alert that McAfee has stopped a buffer overflow.
I have run both Spybot S&D and Adaware. Each have been updated. Nothing has been found by either.
I have gone so far as to install the AVG Anti-Rootkit Beta.
Which has found a rootkit.
" c: WINDOWS\system32:huy32.sys - Hidden driver file"
However I have neglected to have AVG Anti-Rootkit Beta remove the
infection not knowing what it will do to my system.
Any help would be appreciated.
Reply With Quote
Sponsored links
  #2  
Old 01-28-07, 17:53
bjgarrick's Avatar
bjgarrick bjgarrick is offline
MajorGeeks Admin - Malware Expert
 
Join Date: Oct 2004
Location: Southern Alabama
Posts: 16,069
Thanks: 0
Thanked 224 Times in 221 Posts
Default Re: General.Root infection

Welcome to MajorGeeks.com, please follow our standard cleaning procedures:

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
  • Make sure you check version numbers and get all updates.
Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

Downloading, Installing, and Running HijackThis
  • Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around..
When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
  • CounterSpy
  • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
  • Bitdefender - from step 6
  • Panda Scan - from step 6
  • runkeys.txt - the log from GetRunKey.bat
  • newfiles.txt - the log from ShowNew.bat
  • HijackThis
NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
<windows root>\system32\hal.dll johnnyb78 Hardware 2 01-03-07 20:24
USB Root Hubs Rob M. Hardware 2 08-29-06 00:45
Root Kit Reveal Mac S Malware Removal 1 08-20-06 19:32
Root kit files tester36 Malware Removal 7 03-18-06 20:07


All times are GMT -5. The time now is 23:37.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger