Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Rootkit Found

22 Jun 2010   #11
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Rather than attempting to break it down for you, it would be easier if you read about Rootkits at Rootkit - Wikipedia, the free encyclopedia. Lately, we've seen a lot of rootkits accompanying rogues. For example, Defense Center andProtection Center are bundled with the Pragma TDSS Rootkit. There are any number of ways that infections occur, whether it be a drive-by, installing an infected program from a P2P site, falling for a phish, clicking on a file "sent by a friend' (whose computer is infected).


My System SpecsSystem Spec
.
22 Jun 2010   #12
codyw

Windows 7 Ultimate x64 with SP1
 
 

I don't think it's a rogue - at least I hope not. Once Kaspersky is done updating to the latest databases, I am doing a complete scan to see if it finds anything. All I can say about Norton is, I'm very surprised and very shocked that it did what it did considering the have been on the market for such a long time.
My System SpecsSystem Spec
22 Jun 2010   #13
codyw

Windows 7 Ultimate x64 with SP1
 
 

Kaspersky is still scanning the system but I told Kaspersky to scan the infected area and it didn't find anything infected. I tried uploading the folder contents to VirusTotal and it came back with an error because it could not connect to some URL.
My System SpecsSystem Spec
.

22 Jun 2010   #14
Corrine

Windows 7 & Windows Vista Ultimate
 
 

You don't upload the folder to Virus Total, just the file that was detected. You could also try Jotti -- Jotti's malware scan
My System SpecsSystem Spec
23 Jun 2010   #15
codyw

Windows 7 Ultimate x64 with SP1
 
 

Kaspersky didn't find anything infected!
My System SpecsSystem Spec
23 Jun 2010   #16
Capt.Jack Sparrow

Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit
 
 

Quote   Quote: Originally Posted by codyw View Post
Kaspersky didn't find anything infected!
Hello !!

I think it's good that your not infected !!
My System SpecsSystem Spec
23 Jun 2010   #17
codyw

Windows 7 Ultimate x64 with SP1
 
 

The only thing I can't understand is I didn't tell Hitman Pro to get rid of the infection. Not unless Kaspersky found it but didn't alert me of it. Who knows...
My System SpecsSystem Spec
23 Jun 2010   #18
Capt.Jack Sparrow

Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit
 
 

Quote   Quote: Originally Posted by codyw View Post
The only thing I can't understand is I didn't tell Hitman Pro to get rid of the infection. Not unless Kaspersky found it but didn't alert me of it. Who knows...
As we mentioned before it was just a false positive. Maybe that driver might have a behavior of a RootKit which it not a bad thing because the publisher is Microsoft. Report this to Hitman Pro Forum or E-mail them at support@hitmanpro.com

Here is a review about it My Review on Hitman Pro 3.5 the Cloud Based Malware Scanner » Raymond.CC Blog

- Captain
My System SpecsSystem Spec
23 Jun 2010   #19
Adrian

 

Quote   Quote: Originally Posted by codyw View Post
The only thing I can't understand is I didn't tell Hitman Pro to get rid of the infection. Not unless Kaspersky found it but didn't alert me of it. Who knows...
Good morning Codyw, how many A/V programs do you have on your system?
My System SpecsSystem Spec
23 Jun 2010   #20
malexous

Arch Linux 64-bit
 
 

In the cloud, Hitman Pro scans with G Data (BitDefender + Avast! engines), Emsisoft (Emsisoft + IKARUS engines), ESET, Prevx, and Dr. Web (unofficial).

The false positive is from one of these, usually Prevx these days. You can check in Hitman Pro which engine(s) have detected the threat (or false positive in this case).

The best thing would be to report the false positive to the vendor(s) that detected it but if you were to email Hitman Pro they would fix it on their end.
My System SpecsSystem Spec
Reply

 Rootkit Found




Thread Tools




Similar help and support threads
Thread Forum
ZEROACCESS rootkit symptoms found, and missing some Services
Hi guys, I have run malwarebytes and rkill. The results are the following: * ALERT: ZEROACCESS rootkit symptoms found! * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\ * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\L\ *...
System Security
operating system not found and no drivers were found eror
as usual I turned off my laptop and after a while a turned on again to use my laptop but it couldn't reach operating system and showed error : " OPERATING SYSTEM NOT FOUND" ! I tried all instructions to solve the problem and finally run by windows start up CD to re-install new windows. this...
Installation & Setup
Require (Rootkit.TDSS.TDL4) Rootkit Removal & Cleanup walkthrough
I would really appreciate some help from someone with experience with this matter. Introduction: Origin: False sense of security by AVG (updated), Windows kept updated, Browser settings, firewall, and self system maintainence. Presentation: Installed a 2nd HDD (Exclusively for daily...
System Security
Avast Found Rootkit - TrustedInstaller.exe
I have a 2 day old install has had limited Internet contact to only install updates and AV/Firewall/Malware software. Avast prompted me with a Rootkit Found message pointing to C:\Windows\servicing\TrustedInstaller.exe. I ran Avast and Emsisoft Anti-Malware on the file in that location showing it...
System Security
Rootkit found -- avast! 5
Hello! avast! 5 found a Rootkit: :( C:\Windows\system32\drivers\ccdcmb.sys and C:\Windows\system32\drivers\ccdcmbo.sys Please help me what do I do?? and.... Is avast 5 really compatible with Windows 7? Some say they get the "Blue-screen Error" :)
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 14:38.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App