PDA

View Full Version : Root Kits



missmoseyposey
2005-10-28, 15:36
:confused: Hello First of all I am so happy to have found you and I am hoping that someone here can help me. I am in such a state over all that I am going through right now. To begin with, I have spysweeper installed on my computer and they have told me that i have a potentially dangerous root kit on my computer. and they have not been able...thus far...to delete it from my system. The symptoms that i am experience are: when i start up windows,,,it will show everything on my desktop and then the screen will like blink and then windows will be up again showing desktop stuff again. when i go to download different things...a box pops up and says dont know which version of windows you have need updated one. I have installed service pak two on my systems. also, not the mention the fact that my son and i have had to reinstall windows xp twice in the past two months and completely reformat my hard drive because windows said that my files were compromised. Sorry for all this blabbering...but am very nervous. and also, I am not an expert...so sometimes dont always know how to understand alot of this...also a box pops up when i go to msn premium and says tuscows dll not found? or something like that. anyone? any help? would be sincerely apreciated. thank you for your consideration

Moved from RunAlyzer Forum. - tashi

tashi
2005-10-28, 20:33
Hello missmoseyposey.

If there is any chance you have a RootKit on your system you need to have a hjt log analysed.
Unfortunately by the very nature of a rootkit they are often not easy to find.

Service Pack2 should only be installed when a computer is known to be completely clean from infection and if it was not it may explain your Windows problem.

We are not set up to work hjt logs presently.

You may post a Spybot-S&D log here and someone will take a look to see what does show on the system in question.

If you are running an older version of Spybot-S&D.

Spybot-S&D 1.4 Final has been released.
Uninstalling Previous Spybot-S&D (http://www.safer-networking.org/en/faq/27.html)

Spybot-S&D Version 1.4 Download (http://www.spybot.info/en/download/index.html)

Tutorial (http://www.spybot.info/en/tutorial/index.html)

Spybot-S&D
Open SpyBot, check for and get any updates available, close all browsers, check for problems and fix everything found. Then on the toolbar menu select mode and switch to advanced mode, on the left lower down select tools, and view report, ensure all the options are selected near the bottom except (Spybot version 1.4)

uncheck[ ] Include a list of services in report.
Uncheck[ ] Include uninstall list in report.

Now select (near the top) view report.
Press export in the save in box choose a place such as your my documents folder, then in your next post near the bottom select the "browse" button; navigate to and attach that report.

If you have any problems attaching the Spybot log please go ahead and copy paste the log.

As to posting a hjt log you could go here:
http://www.atribune.org/forums/index.php
HijackThis and Malware Removal
Be sure to read the pinned topic titled "Before You Post"

Several anti spyware experts are members of that site.

Hope that helps and hang in there, you are not alone. :)