RootKit Revealer - Saxperience

Adam_Q · 1st February 2008, 21:37

I've been getting loads of spyware on my fooking computer and been advised by Alex to run Hijack this and RootKit Revealer

I've run the rootkit thingy, which brought up loads of stuff... but dont know what to do with it....

Can anyone help?

Alex^p · 1st February 2008, 22:03

post it up, some stuff will come up that is ok tho.

Adam_Q · 1st February 2008, 22:15

Just scanning again

Adam_Q · 1st February 2008, 23:00

Could only take screen shots so its in two parts

Alex^p · 2nd February 2008, 08:28

The only one that looks suspicious to me is, "uduuiig.exe" and it's other files.
It does help if you close things such as firefox tho, will give less results.

Adam_Q · 2nd February 2008, 12:43

Quote:

Originally Posted by Alex

The only one that looks suspicious to me is, "uduuiig.exe" and it's other files.
It does help if you close things such as firefox tho, will give less results.

Oh ok... will run it again and try to close as much as possible

But how do I remove the suspicious files? Would I need to find the source and remove it that way?

Alex^p · 2nd February 2008, 20:10

See if you can modify them in safe mode, just try renaming the exe file first incase it's required.
Or hook your HD up to another PC and modify.

Adam_Q · 3rd February 2008, 11:40

Quote:

Originally Posted by Alex

See if you can modify them in safe mode, just try renaming the exe file first incase it's required.
Or hook your HD up to another PC and modify.

Not something I feel comfortable about doing..... dont suppose you wanna come give it a go somewhen?

Alex^p · 3rd February 2008, 15:15

after abit of digging around it looks like your infected with MessengerSkinner, Some crappy malware that hides itself with a rootkit.

Your a bit far for me to come (Would have to charge) but give this ago to, ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

It should give you the option to remove those files.

Adam_Q · 3rd February 2008, 15:33

Quote:

Originally Posted by Alex

after abit of digging around it looks like your infected with MessengerSkinner, Some crappy malware that hides itself with a rootkit.

Your a bit far for me to come (Would have to charge) but give this ago to, ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

It should give you the option to remove those files.

ok bud. I'm running f-secure now. So will that find any mailware and spyware? then remove it?

Alex^p · 3rd February 2008, 15:36

Hopefully, Iv'e never used it but it did say on there site it has a removal engine.

Adam_Q · 3rd February 2008, 15:41

Its scanning now, but does have a cleaning process after... so hopefully that fixes it

Thanks for your help dude!

Adam_Q · 3rd February 2008, 15:43

F-secure didn't actually find any hidden files... will run it again though