Not what you were looking for? Ask our experts!
Reply
Newbie
pjgroff
Posts: 1
Registered: ‎12-12-2011

Root Kits

Ok, so I have scanned my system with power Eraser and 360 anti virus. done all the usual with 360.

I downloaded AVG for the heck of it and it found the following.

"

";"<unknown>";"Service function NtAlpcConnectPort hook -> 0x8B6732D8";"Object is hidden

"";"<unknown>";"Service function NtCreateThreadEx hook -> 0x8B769240";"Object is hidden"

"";"<unknown>";"Service function NtMapViewOfSection hook -> 0x8BD1B7D8";"Object is hidden"

 

 

I cannot find these manually and have no idea if they are infact root kits or AVG is just having a false positive going on.

any help would be appreciated.

 

 

 

Patrick

 

 

yank
Posts: 10,050
Kudos: 2,245
Solutions: 511
Registered: ‎12-02-2009

Re: Root Kits


pjgroff wrote:

Ok, so I have scanned my system with power Eraser and 360 anti virus. done all the usual with 360.

I downloaded AVG for the heck of it and it found the following.

"

";"<unknown>";"Service function NtAlpcConnectPort hook -> 0x8B6732D8";"Object is hidden

"";"<unknown>";"Service function NtCreateThreadEx hook -> 0x8B769240";"Object is hidden"

"";"<unknown>";"Service function NtMapViewOfSection hook -> 0x8BD1B7D8";"Object is hidden"

 

 

I cannot find these manually and have no idea if they are infact root kits or AVG is just having a false positive going on.

any help would be appreciated.

 

 

 

Patrick

 

 


I have received word from a very trusted source that you do not have rootkits.  You have AVG on your machine which is finding Norton hooks.   It's not a false positive but it is an incorrect reading of the cause. Please remvoe AVG.

DistEd2
Posts: 1,965
Kudos: 412
Solutions: 81
Registered: ‎08-11-2011

Re: Root Kits

Hi, Patrick,

 

To elaborate a bit on yank's response...antivirus programs--especially those with some real-time scanning functionality--do not play well together: they tend to perceive one another's activities as malicious, and spend much of their time tripping over each other in hot pursuit (generally of each other!) about as often as the Keystone Kops!

 

This is evidently what has happened in your case: AVG has detected Norton :smileyvery-happy:

 

The fix for this, as yank suggests, is to decide which program you want to keep and delete the other. We'd suggest you keep Norton (and we're just customers like you, not Symantec employees); if you want to keep a second scanner on-hand, two reputable on demand only scanners that will not conflict with your Norton protection are the free versions of malwarebytes and superantispyware, pick one and download it. Stay clear of their paid versions, as they have real-time scanning that would conflict.