Help on removing Hacktool.Rootkit~

By kly1760 ยท 4 replies
Apr 22, 2006
  1. My computer is infected by Hacktool.Rootkit. I've read through thread "Can't remove Hacktool.Rootkit" which is posted on August 28th. I've follow steps in the thread but it doesn't help :( NAV still complaining on the Hacktool.Rootkit in the C:\WINDOWS\system32\drivers\BDGuard.sys.
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Go HERE and follow the instructions.

    Then, go HERE and follow all the instructions exactly.

    Post a fresh HJT log, only after doing the above.

    Regards Howard :wave: :wave:
  3. kly1760

    kly1760 TS Rookie Topic Starter

    hello Howard, thanks for replying. I've follow the steps on the links you sent me and run the HijackThis but couldn't see any processes as specified in the link you provided. All of the services are from NAV.

    I've run the RootkitRevealer and found more than 500 files are infected in my C drives...:(
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    It might be a better idea to back up your important data and reformat the drive.

    In fact I`d recommend using a hard drive utility to write zeros to the drive, including the boot sector. You can find a list of hard drive utilities HERE.

    I know this may not be what you want to hear, but with so many rootkit infections on your drive, it may be the best option.

    Regards Howard :)
  5. kly1760

    kly1760 TS Rookie Topic Starter

    thanks Howard~

    I've formatted my disk. Even though, after I installed Norton on my system, the message that BDGuard.sys is infected keep popping out again. Then run a full scan, there is no virus detected which is strange...

    Anyway, now is not appearing. I'll just let it be.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...