Re: win32Rootkit-gen
- From: 1PW <barcrnahgjuvfgy@xxxxxxx>
- Date: Thu, 23 Jul 2009 19:26:06 -0700
Donald Eagle wrote:
I run XP home, SP3 updated to today with Zone Alarm free, Avast 4 Home,
Malwarebytes, and SuperAntiSpyware.
This afternoon Avast told me it had detected Win32Rootkit-gen in
Windows\system32\svchost.exe, but could not quarantine it, Windows
Defender, MalwareBytes and SuperAntiSpyware found nothing. A boot scan
from Avast also found it, but I did not attempt a repair because it is a
Windows file. Scanforfree.com root kit remover did not find it, but
Sophos Anti-Rootkit did, but gave the following message:
Area: Local hard drives
Description: Unknown hidden file
Location: C:\WINDOWS\system32\svchost.exe
Removable: Yes (but clean up not recommended for this file)
Notes: (no more detail available)
What do I do now? Can I tell Sophos to remove it and regenerate the
file? Can I repair it from an Avast boot scan? If I do either of these,
will I still be able to boot to Windows?
Suggestions for a solution greatly appreciated.
Hello Donald:
Upload your suspected C:\WINDOWS\system32\svchost.exe to:
<https://www.virustotal.com/>
After VT has analyzed, post the URL for the analysis here as a follow
up. Please don't reproduce the report here.
Regards,
Pete
--
1PW @?6A62?FEH9:DE=6o2@=]4@> [r4o7t]
.
- Follow-Ups:
- Re: win32Rootkit-gen
- From: Donald Eagle
- Re: win32Rootkit-gen
- References:
- win32Rootkit-gen
- From: Donald Eagle
- win32Rootkit-gen
- Prev by Date: win32Rootkit-gen
- Next by Date: Re: win32Rootkit-gen
- Previous by thread: win32Rootkit-gen
- Next by thread: Re: win32Rootkit-gen
- Index(es):
Relevant Pages
|
