Posted January 11, 201213 yr I have a Windows XP system that is showing signs of a "rootkit" infection. I have installed Microsoft Security Essentials AND Symanted Endpoint Client. MSE runs and shows no problems exist. SEC also runs and shows no problem. While SEC is running a full hard drive scan i notice that it hangs for a few seconds on "ntos", "VirusRemoval.vbs" and "NewVirusRemoval". All 3 files are shown as being in the SYSTEM32 directory. When i examine the directory none of the 3 files are visable. The workstation is running slow and I believe is infected with a rootkit virus. I've downloaded a standalone version of Windows Defender camm ed "Microsoft Standalone System Sweeper". I created a bootable CDROM from the download, booted it and let it run. It also found no problems. I've booted a standalone CDROM with UBCD4Win. This is a standalone utility with a file browser and it does not show the above 3 files in the SYSTEM32 directory. I believe the rootkit maybe both hiding and moving these files. Can anyone offer a suggestion? Thanks, Jim Continue reading...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.