Re: Help, possible rootkit

• Previous message: Glenn Sieb: "Re: Help, possible rootkit"
• Maybe in reply to: BillyBob: "Help, possible rootkit"
• Next in thread: Harlan Carvey: "Re: Help, possible rootkit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 24 Oct 2004 13:10:07 -0700
To: incidents@securityfocus.com

This kind of intermittent behavior _might_ indicate that a piece of
hardware in your system is getting flakey on its way to failure. I
have seen an HPUX and a LINUX system behave similarly when hardware
involved with hard drives and hard drive control began to fail. Some
one who has seen a hardware failure on a system with your OS may be
able to shed more light on this kind of problem for you. HTH.

On Sat, Oct 23, 2004 at 01:06:06PM -0300, BillyBob wrote:
> I have noticed that my XP system is behaving like I have a rootkit.
>
> - My mouse is jumpy (it freezes for a second when I move it around the
> desktop) and the minimized Taskmanager in the systray shows I have around
> 25 - 30 % usage, but when I open it, there is no process listed using this
> much.
> - I did a netstat, fport, openports and none of these show that I have any
> odd ports open or any connections established.
> - even when I disconnect from the Internet these symptoms do not stop. They
> stop if I reboot, but then start again.
>
> I have ran VICE, Klister, PatchFinder and RkDetect from rootkit.com and they
> could not find anything.
>
> Any more suggestions ?
> Any more rootkit finding tools for Windows ?
>
> Thanks
> Bill
>
 

-- 
Ralph.  N6BNO.  Wisdom comes from central processing, not from I/O.
rreid@sunset.net  http://personalweb.sunset.net/~rreid
Opinions herein are either mine or they are flame bait.
COTAN (x) = COS (x) / SIN (x)

• Previous message: Glenn Sieb: "Re: Help, possible rootkit"
• Maybe in reply to: BillyBob: "Help, possible rootkit"
• Next in thread: Harlan Carvey: "Re: Help, possible rootkit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]