Hacktool.rootkit
Hello, I just got BitDefender and I hope you can help me out.
This is in relation to my earlier post on "Packer.Malware.NSAnti.I"
My laptop was the first device I noted was infected, as after attaching a thumb drive to download some files, the Symantec(Norton) program alerted me to a couple of viruses.
They were/are Hacktool.rootkit, and infostealer.
What happens is that whenever I open the root folder from "My Computer" - ie. C:\, a virus warning will pop up. This happens when I open the first subfolder too, but not for subsequent sub-folders.
Generally Symantec will delete the viruses as clean fails, but on 2 occasions it actually says clean succeeded. However, each time I boot up the viruses are still there. Eventually infostealer did not turn up anymore. However, now I get W32.Silly.DC (I'm not sure if that's the exact name).
Usually, I can trace the infected file to wincab.sys, and it's usually in one of the "documents and settings" subfolders, usually "temp".
I have tried many times to get rid of them - in "Normal" and "Safe" Windows modes, turning off Windows System Restore, etc. But I can't get rid of the Hacktool.
I tried installing Bitdefender on top of the Symantec, which did not work well. I didn't try uninstalling Symantec as it's a work computer and I don't have the discs. Whenever Bitdefender runs (in "Normal" mode), it seems to trigger the viruses constantly, such that I had a count fo 1500 virus detections before I decided to quit. In addition, I can't run Bitdefender in "Safe mode".
I tried updating BitDefender via my work LAN, but although it seemed to update the virus signatures (890000+), there's no new option to do rootkit scans like for my desktop.
Please help me to get rid of these viruses.
Thanks!!!!!!
Comments
-
Thanks Andrei, will try that when I'm back at work.
0
