ALOT of rootkits

Vodreb · 07-01-2006, 06:00 PM

I just ran RootkitRevealer by sysinternal and it found over 1500 "discrepancies". Granted about 1510 of them were from Norton Utilities undelete thing. But, it did find a couple in my temp internet files, i had emptied them before i ran this. How do i get rid of them??

C:\Documents and Settings\Brendan\Local Settings\Application Data\Mozilla\Firefox\Profiles\rt75ylov.default\Cac he\F10AD81Ed01 7/1/2006 5:20 PM 111.32 KB Hidden from Windows API.
C:\Documents and Settings\Brendan\Local Settings\Temp\~DFA391.tmp 7/1/2006 5:15 PM 16.00 KB Hidden from Windows API.
C:\Documents and Settings\Brendan\Local Settings\Temp\~DFA3A6.tmp 7/1/2006 5:15 PM 512 bytes Hidden from Windows API.
C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\8X27OH63\rk_button_5[1].jpg 7/1/2006 5:16 PM 8.32 KB Hidden from Windows API.
C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\8X27OH63\rk_button_6[1].jpg 7/1/2006 5:16 PM 8.32 KB Hidden from Windows API.
C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\8X27OH63\rootkit_bookcover[1].jpg 7/1/2006 5:16 PM 8.32 KB Hidden from Windows API.
C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\F65GTEHO\js[1] 7/1/2006 5:16 PM 1.33 KB Hidden from Windows API.
C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\WTQ78T6F\valid-rss[1].png 7/1/2006 5:16 PM 1.49 KB Hidden from Windows API.

Thoes are the things that it picked up other than the 1500 norton's
(C:\RECYCLER\NPROTECT\00020450.LNK 6/29/2006 3:43 AM 749 bytes Hidden from Windows API.)

How do i go about deleting them? I have no idea what to do with rootkits and things like that.

Also, i dont know if it fits in here, but im about to encrypt my entire harddrive with CompUSec, is there any reason not to? No site seems to give any reason why it is a bad thing, and i just want to check with your guys first before i mess up my computer.

baronvongogo · 07-01-2006, 06:19 PM

try this:

Blacklight (rootkit remover)
http://www.f-secure.com/blacklight/try.shtml

Rootkit revealer finds lots on my pc too but I doubt any are actual rootkits.I wouldn't worry about it. As long as you keep your pc in ok condition and have enough protection software you should be alright.

Vodreb · 07-01-2006, 06:27 PM

Ty, il try that.

EDIT > I ran it and it didnt find anything. But im still wondering why thoes things in my temp are hidden...

07-01-2006, 06:00 PM	#1 (permalink)
Vodreb Junior Techie Join Date: Mar 2006 Posts: 54	ALOT of rootkits I just ran RootkitRevealer by sysinternal and it found over 1500 "discrepancies". Granted about 1510 of them were from Norton Utilities undelete thing. But, it did find a couple in my temp internet files, i had emptied them before i ran this. How do i get rid of them?? C:\Documents and Settings\Brendan\Local Settings\Application Data\Mozilla\Firefox\Profiles\rt75ylov.default\Cac he\F10AD81Ed01 7/1/2006 5:20 PM 111.32 KB Hidden from Windows API. C:\Documents and Settings\Brendan\Local Settings\Temp\~DFA391.tmp 7/1/2006 5:15 PM 16.00 KB Hidden from Windows API. C:\Documents and Settings\Brendan\Local Settings\Temp\~DFA3A6.tmp 7/1/2006 5:15 PM 512 bytes Hidden from Windows API. C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\8X27OH63\rk_button_5[1].jpg 7/1/2006 5:16 PM 8.32 KB Hidden from Windows API. C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\8X27OH63\rk_button_6[1].jpg 7/1/2006 5:16 PM 8.32 KB Hidden from Windows API. C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\8X27OH63\rootkit_bookcover[1].jpg 7/1/2006 5:16 PM 8.32 KB Hidden from Windows API. C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\F65GTEHO\js[1] 7/1/2006 5:16 PM 1.33 KB Hidden from Windows API. C:\Documents and Settings\Brendan\Local Settings\Temporary Internet Files\Content.IE5\WTQ78T6F\valid-rss[1].png 7/1/2006 5:16 PM 1.49 KB Hidden from Windows API. Thoes are the things that it picked up other than the 1500 norton's (C:\RECYCLER\NPROTECT\00020450.LNK 6/29/2006 3:43 AM 749 bytes Hidden from Windows API.) How do i go about deleting them? I have no idea what to do with rootkits and things like that. Also, i dont know if it fits in here, but im about to encrypt my entire harddrive with CompUSec, is there any reason not to? No site seems to give any reason why it is a bad thing, and i just want to check with your guys first before i mess up my computer. __________________

07-01-2006, 06:19 PM	#2 (permalink)
baronvongogo Master Techie Join Date: May 2005 Location: UK Posts: 2,756	try this: Blacklight (rootkit remover) http://www.f-secure.com/blacklight/try.shtml Rootkit revealer finds lots on my pc too but I doubt any are actual rootkits.I wouldn't worry about it. As long as you keep your pc in ok condition and have enough protection software you should be alright. __________________ spyware programs: Spybot , AdawareSE , Cwshredder , ewido, Prevx1

07-01-2006, 06:27 PM	#3 (permalink)
Vodreb Junior Techie Join Date: Mar 2006 Posts: 54	Ty, il try that. EDIT > I ran it and it didnt find anything. But im still wondering why thoes things in my temp are hidden... __________________

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode