Trojan.heur.gz.aew@bm6q35 Followed By A Rootkit
BitDefender AntiVirus 2009 successfully removed the above Trojan but in that same day it also detected a RootKit that I don't know how to get rid of. I tried using BitDefender's AntiRootKit-Beta2. The number of hidden files keeps rising when I run it.
The screen I get at the end of the BitDefender Antivirus scan is attached. My OS is Windows XP Professional Version 2002 SP3.
What actions should I take to get rid of the rootkit?
/applications/core/interface/file/attachment.php?id=6030" data-fileid="6030" rel="">RootKit.doc
Comments
-
Hello BlueGreenPurple,
The RRUbackups folder is actually a hidden folder which is part of the IBM Rescue & Recovery Utility (RRU) and is created by the BIOS. The contents of this folder are encrypted and/or hidden from the operating system in order to be protected. They cannot be accessed or modified by anything other than the IBM Rescue & Recovery Utility (RRU). The contents are not infected.
Please ignore the RRUbackups references in the scan report.0 -
Hello BlueGreenPurple,
The RRUbackups folder is actually a hidden folder which is part of the IBM Rescue & Recovery Utility (RRU) and is created by the BIOS. The contents of this folder are encrypted and/or hidden from the operating system in order to be protected. They cannot be accessed or modified by anything other than the IBM Rescue & Recovery Utility (RRU). The contents are not infected.
Please ignore the RRUbackups references in the scan report.
Do you know why BitDefender says I have 1 threat with 1404 infected files starting a few days ago when I have run countless BitDefender scans in the past without this issue? So I really don't have a rootkit problem?
Thanks for your help!0 -
Do you know why BitDefender says I have 1 threat with 1404 infected files starting a few days ago when I have run countless BitDefender scans in the past without this issue? So I really don't have a rootkit problem?
Thanks for your help!
One last question, my options are 'take no action' and 'unhide'. Does is matter which option I choose?0 -
The files are indeed rootkits but they pose no threat,just select 'take no action'
Only a deep system scan will search for rootkits.What type of scans do you usually run?0 -
The files are indeed rootkits but they pose no threat,just select 'take no action'
Only a deep system scan will search for rootkits.What type of scans do you usually run?
I guess I'm not sure. The BitDefender icon shows a triangle every few days saying I have an issue to fix which is that I haven't scanned my system in X days so I click 'fix' and it scans.0 -
I guess I'm not sure. The BitDefender icon shows a triangle every few days saying I have an issue to fix which is that I haven't scanned my system in X days so I click 'fix' and it scans.
During this time BitDefender was running full scans,that's why you did not notice the rootkit entries.0
