Jun 20 2007, 11:28 AM
QUOTE(Mudmaniac @ Jun 20 2007, 10:26 AM)
I have a computer that was behaving funny, so i used rootkit unhooker to scan its code hooks. 130 odd hooks on ntoskrnl.exe.
would that be a rootkit?
a bit inexperienced in this so im asking for advice.
Looks like it. But to be sure, you can use several AV programs incorporating rootkit to confirm as you would want to see the related files used. check out fsecure blacklight, Panda, Avira(http://www.antirootkit.com/software/Avira-Rootkit-Detection.htm), Sophos (http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html). Finally, start using an AV which supports rootkit detection and removal...would that be a rootkit?
a bit inexperienced in this so im asking for advice.
Hope this helps...
Quote
0.0154sec
0.39
6 queries
GZIP Disabled