This is a beautiful rootkit that is extremely evasive. I have tried using AVG’s anti-rootkit software to no avail.
I will keep this post updated as soon as I figure something out.
I ended up removing the rootkit with this program: http://rku.nm.ru/rkunhooker_v3/RkU3.7.300.502.zip
Use it at your own risk! I just did a scan, found the offending file, click on unhook selected (there were a few files) and once that was done, I went into the C:\Windows\system32 directory and deleted the file. I ran the AVG anti-rootkit and it didn’t find anything so I think it’s safe to say I got rid of it.
Here are the programs that I use to get rid of 90-100 percent of spyware. A-Squared, Ad-Aware, Spybot S&D, AVG Anti-spyware, Trend micro(either housecall or antispyware) and of course bit defender online scan (won’t do much for rootkits as it is a virus scanner.)
http://www.bitdefender.com/scan8/ie.html…
So I just tried out that app that you mentioned in your post. Installed it, executed it, then my computer shuts down. Running vista ultimate 32 bit. So DO NOT use this with vista?
Oh and it was a BSOD, it didn’t shut down. This happened on both occasions that I opened the executable.
Lee,
I am guessing it is not yet compatible with Vista. Try using AVG’s antirootkit program to see if you have anything on your computer. Be aware though, if you have a program such as Alcohol 120% or Daemon Tools, there will appear to be a .sys file indicating a rootkit but you can be assured that it isn’t and it is apart of either of the two programs.
Nah, no worries, I don’t have any viruses nor spyware I was simply evaluating the app. As I am a computer technician I’m always looking for that extra tool that will get rid of a hijacked browser or that nasty pop-up that won’t go away after you’ve run all the scans. Also Daemon Tools ver. 4.x.x does have some sort of spyware in it from what I read a while back. Any version preceeding version 4 doesn’t.