Rootkit problem

Discussion in 'Malware Help (A Specialist Will Reply)' started by cestech, Jan 7, 2008.

  1. cestech

    cestech Private E-2

    Does anyone know how to get rid of the PERFS.exe rootkit? I ran Super Anti-Spyware which found it and supposedly got rid of it, but I want to make sure as root kits are serious issues. I'm running Vista Ultimate x86. Nothing but SAS was able to find it, and I ran Symantec Corporate AV, Trend Micro, Spybot and Win Defender. But I know that I was bugged, and where it was from (IP Wise).
     
    cestech, Jan 7, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    That is really not a rootkit. It is really a backdoor trojan that often installs a service. If SAS already removed the file then obviously nothing else will see the file anymore. However did SAS remove the service itself.

    If you want to be sure you are clean, follow the below instructions and attach the requested logs when you finish these instructions.

    READ & RUN ME FIRST. Malware Removal Guide
     
    chaslang, Jan 7, 2008
    #2
  3. cestech

    cestech Private E-2

    Thanks for the reply Chaslang, I am pretty sure that I am clean now. No more system hangups, Process Explorer is clean, I can post to the forum without my browser locking up and nothing finds any infected files. Is Symantec Corporate still just not as good as AVG? Or will AVG also not pick up this threat?

    Also as an aside when SAS ran the full scan it picked up a rootkit and a bunch of downloader.gen's. I'm not sure if they spread throughout my network though, as one other person on the network found one downloader and thats the only other thing I've heard of this issue here so far. If you would like me to run SAVC (Symantec Corp., SAS and anything else whether its Spybot or Stinger or anything and drop the logs let me know.

    Again thank you for the fast reply.

    CES Tech
     
    cestech, Jan 7, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Do you want to be sure? Or pretty sure?

    Symantec is far from being on our recommended list for many reasons. As far as whether Symantec AntiVirus or AVG Antivirus will detect this, I'm not sure. If they don't consider it a virus then they may not. On the other hand AVG Antispyware may detect under the area general spyware area.


    Like my question above implied, if you want to be sure you are all clean, do what I recommended in message # 2.
     
    chaslang, Jan 7, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds