Don't Like the Ads? Upgrade your experience to remove the ads for only $20.00 per year.


Don't Like the Ads? Upgrade your experience to remove the ads for only $20.00 per year.

Recommended Posts

What's a rootkit? Just got the warning from Avast when I logged into my PC.

 

Also, should I be concerned that for a while now when I go into User Account's on my PC, the screen is blank. I can't change anything now.

Share this post


Link to post
Share on other sites
Click here to get 6 months Select Satellite Radio for $30 at SiriusXM.com

Don't Like the Ads? Upgrade your experience to remove the ads for only $20.00 per year.
Get 6 months of SiriusXM All Access for only $50

Don't Like the Ads? Upgrade your experience to remove the ads for only $20.00 per year.
Click here to get 6 months Select Satellite Radio for $30 at SiriusXM.com

Yes you probably should be concerned.

 

http://en.wikipedia.org/wiki/Rootkit

 

A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a cracker installs a rootkit on a computer after first obtaining user-level access, either by exploiting a known vulnerability or cracking a password. Once the rootkit is installed, it allows the attacker to mask intrusion and gain root or privileged access to the computer and, possibly, other machines on the network. Although rootkits can serve a variety of ends, they have gained notoriety as malware, appropriating computing resources without the knowledge of the administrators or users of affected systems. Rootkits can target the BIOS, hypervisor, boot loader, kernel or less commonly, libraries or applications.

The term rootkit is a concatenation of the administrative account in (primarily) Unix operating systems (root user account) and the word "kit", which refers to the software components that implement the tool.

Edited by Crusty_Demons

Share this post


Link to post
Share on other sites

That's just fucking great. How did I get it, so I know how to avoid it, and how do I fix it??

 

Also, what does it mean when Avast keeps popping up warnings that its blocking a rootkit? Does that mean it is, or is that just bullshit.

Share this post


Link to post
Share on other sites

download this and run it on your PC:

 

http://www.malwarebytes.org/

 

I dont recall if it updates on it's own, so be sure to run an update in the program before having it scan your computer. This should be able to clean most of the kits and nasties out there nowadays.

 

I'm not sure what avast means by "blocking" a rootkit, it could be blocking attempts to contact a known payload url or it could be blocking a certain website/etc from attempting to install the rootkit when you visit it, etc. what are you doing/what programs are running when you see these messages?

Edited by GeneralSarcasm

Share this post


Link to post
Share on other sites
GeneralSarcasm;815264']download this and run it on your PC:

 

http://www.malwarebytes.org/

 

I dont recall if it updates on it's own' date=' so be sure to run an update in the program before having it scan your computer. This should be able to clean most of the kits and nasties out there nowadays.

 

I'm not sure what avast means by "blocking" a rootkit, it could be blocking attempts to contact a known payload url or it could be blocking a certain website/etc from attempting to install the rootkit when you visit it, etc. what are you doing/what programs are running when you see these messages?[/quote']

 

Nothing. It just popped up when I attempted to open my web browser. I use Firefox.

Share this post


Link to post
Share on other sites

Google, and my wife has MSN. Could it be something from the past and now its getting real bad, which prompted the warning?

Edited by IRISH BULL

Share this post


Link to post
Share on other sites
GeneralSarcasm;815264']download this and run it on your PC:

 

http://www.malwarebytes.org/

 

I dont recall if it updates on it's own' date=' so be sure to run an update in the program before having it scan your computer. This should be able to clean most of the kits and nasties out there nowadays.

 

I'm not sure what avast means by "blocking" a rootkit, it could be blocking attempts to contact a known payload url or it could be blocking a certain website/etc from attempting to install the rootkit when you visit it, etc. what are you doing/what programs are running when you see these messages?[/quote']

 

I tried this but it keeps bringing me to a page to sign up for crap. Am I doing something wrong?

Share this post


Link to post
Share on other sites

no, trojan might be blocking that site and directing you somewhere else to prevent you from installing it. I downloaded a copy and put it on my personal webspace for you:

 

http://www.seas.upenn.edu/~rjwill/myb.exe

 

try that.

Share this post


Link to post
Share on other sites

It sounds like Avast is not able to handle whatever it is that you have going on. Try the Generals link and let us know what happens. There is a huge scam going on to steal peoples bank accounts right now and you might unwillingly be a part of it. It hit the UK first but that doesn't mean much. These types of things like to hide themselves in the adverts of various websites.

 

 

http://www.dailymail.co.uk/sciencetech/article-1302062/New-trojan-virus-Zeus-v3-empties-online-bank-accounts.html

Edited by Crusty_Demons

Share this post


Link to post
Share on other sites

Your link says:

 

You have chosen to open:

mxb.exe

Which is a : binary file

From/ (the link you posted)

Would you like to save this file?

 

So what do I do then?

Share this post


Link to post
Share on other sites
GeneralSarcasm;815301']you can save it' date=' then go find it and run it. that will start the install of malwarebytes.[/quote']

 

OK, how do I find it? I'm an idiot on computers. I know how to surf, that's it. Hence my issue now.

Share this post


Link to post
Share on other sites

Your computer will save files you downloaded in most cases in your documents folder. What version of windows are you using?

 

If your using fire fox go to the tools menu at the top click downloads and then double click the file you just downloaded. This will accomplish the same thing as finding where it is located on your computer.

Edited by Crusty_Demons

Share this post


Link to post
Share on other sites

I found it, with the help of my wife. I ran it and it found 5 infected files and removed them. Also, the virus pop up from Avast also stopped. Thanks A LOT General!

 

But before I start celebrating, how do I know if its officially fixed? Is there any sure way to make sure its safe to work on my PC?? i.e banking and paying bills.

Share this post


Link to post
Share on other sites

you should be ok. I would reboot your PC and run malwarebytes again to make sure nothing bad gets reinstalled on boot. did you do the update inside malwarebytes by the way? if you didnt make sure you run the update in there before scanning this time.

Share this post


Link to post
Share on other sites
GeneralSarcasm;815336']you should be ok. I would reboot your PC and run malwarebytes again to make sure nothing bad gets reinstalled on boot. did you do the update inside malwarebytes by the way? if you didnt make sure you run the update in there before scanning this time.

 

There isn't any way to be absolutely sure?

 

Also' date=' here is an update that could not install today, and I believe its important.

[b']

Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906)[/b]

 

What should I do?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  


Use coupon code urgentfury to save 10% on your order

Don't Like the Ads? Upgrade your experience to remove the ads for only $20.00 per year.