Jump to content
Sign in to follow this  
Roann

Are These Rootkits Maliscious?

Recommended Posts

Hi,

AVG Free 2011 Anti-Rootkit scan brings up these rootkits for removal:

 

"";"<unknown>";"IRP hook, \Driver\prodrv06 IRP_MJ_CREATE -> 0xE2144008";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prodrv06 IRP_MJ_CLOSE -> 0xE2144008";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prodrv06 IRP_MJ_DEVICE_CONTROL -> 0xE2144008";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prohlp02 IRP_MJ_CREATE -> 0x469A6582";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prohlp02 IRP_MJ_CLOSE -> 0x469A6582";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prohlp02 IRP_MJ_DEVICE_CONTROL -> 0x469A6582";"Object is hidden"

 

I've tried using the remove option provided in AVG and restart my pc but when I run this anti-rootkit scan again it shows these rootkits are still present. Are they anything to worry about? If so, How can I remove them?

Thanks,

Roann

Share this post


Link to post
Share on other sites

Hi,

AVG Free 2011 Anti-Rootkit scan brings up these rootkits for removal:

 

"";"<unknown>";"IRP hook, \Driver\prodrv06 IRP_MJ_CREATE -> 0xE2144008";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prodrv06 IRP_MJ_CLOSE -> 0xE2144008";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prodrv06 IRP_MJ_DEVICE_CONTROL -> 0xE2144008";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prohlp02 IRP_MJ_CREATE -> 0x469A6582";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prohlp02 IRP_MJ_CLOSE -> 0x469A6582";"Object is hidden"

"";"<unknown>";"IRP hook, \Driver\prohlp02 IRP_MJ_DEVICE_CONTROL -> 0x469A6582";"Object is hidden"

 

I've tried using the remove option provided in AVG and restart my pc but when I run this anti-rootkit scan again it shows these rootkits are still present. Are they anything to worry about? If so, How can I remove them?

Thanks,

Roann

 

Hi and Welcome to The PIT Roann!

Generally the only way to effectively get rid of a rootkit is to format the hard drive. You could try running a HiJackThis scan and posting a log in our HJT forum, but formatting is for sure the best way to clean them.

Run HJT like this:

Download the .exe to it's own folder on your desktop. Open the program and select to "Do a scan and save a log", when finished scanning the log will pop open in Notepad. Copy/paste the contents into a new thread that you open here > http://forums.pcpitstop.com/index.php?/forum/25-hijackthis-logs/

 

Luck to ya'!

 

 

 

 

:geezer:

Edited by caintry_boy

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

Click here to Read Amazon Reviews!



×