Hello all,
I have been notified by avast! of a rootkit trojan Rustock in one file:
C:\WINDOWS\System32\drivers\255e86a0.sys
Subsequently a full system scan is run, and the file is marked for deletion during reboot.
Next, I ran CCleaner as instructed and temporarily disabled RTM. Running Malwarebytes also reveal the same infected files; the scan log is attached.
After reboot, I continued with SUPERAntiSpyware and this time, several Adware.Vundo infections are detected as well as that of elusive rootkit Rustock. Now I downloaded a game that comes with a warning that AV products may detect false positives within the game's install directory because of its unique online anti-cheat system, and since SUPERAntiSpyware detected several game file that I have confirmed (with the game author) involves in the anti-cheat procedure I am pretty confident that the Adware.Vundo (variant) reports are false positives. Nevertheless, I also attached the scan log for this program.
I have updated my JRE to the latest version and uninstalled all the previous ones. Lastly I did a HJT scan, log file is attached.
Speaking about symptoms I have not experienced browser hijacks (I am using Firefox 3.0.6), but since several weeks ago my computer experienced random crashes, sometimes up to once per day. I have also noticed (thanks to Spybot) that there have been several alterations in the registry, one of them being turning off the Folder Otions (I have since reenabled this).
I have been notified by avast! of a rootkit trojan Rustock in one file:
C:\WINDOWS\System32\drivers\255e86a0.sys
Subsequently a full system scan is run, and the file is marked for deletion during reboot.
Next, I ran CCleaner as instructed and temporarily disabled RTM. Running Malwarebytes also reveal the same infected files; the scan log is attached.
After reboot, I continued with SUPERAntiSpyware and this time, several Adware.Vundo infections are detected as well as that of elusive rootkit Rustock. Now I downloaded a game that comes with a warning that AV products may detect false positives within the game's install directory because of its unique online anti-cheat system, and since SUPERAntiSpyware detected several game file that I have confirmed (with the game author) involves in the anti-cheat procedure I am pretty confident that the Adware.Vundo (variant) reports are false positives. Nevertheless, I also attached the scan log for this program.
I have updated my JRE to the latest version and uninstalled all the previous ones. Lastly I did a HJT scan, log file is attached.
Speaking about symptoms I have not experienced browser hijacks (I am using Firefox 3.0.6), but since several weeks ago my computer experienced random crashes, sometimes up to once per day. I have also noticed (thanks to Spybot) that there have been several alterations in the registry, one of them being turning off the Folder Otions (I have since reenabled this).