I have found signs of a rootkit on my machine whiche creats an unknown user
S-1-5-32-547 on the machine which gives itself authority on all XP services especially the RPC and on the antivirus program installed. I found this using SysInternals Process Explorer.

For the moment no anti rootkit program I have tried finds anything. During a scan with Spybot 1.5.2 the screen goes dark which I presume indicates something detected which removes itself from the list of detections and thus hides itself.

Any suggestions?

Hello,


I have found signs of a rootkit on my machine whiche creats an unknown user


Please follow the procedure in this link: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)


Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a helper will advise you as soon as available.

Best regards.



Previous topic: http://forums.spybot.info/showthread.php?t=26824