Vista - RE: RootKits?

08-12-2008

Lately I've become suspicious of these AVG warnings. They may be bogus. For
now, don't delete anything.
Try a different anti-virus software and see if another software can find the
same "virus."
--
oscar

....Right click is your very good friend...

"Buddha" wrote:

Quote:

> AVG Free RootKit has identified the following files on my Vista Home Premium
> system as malicious rootkits:
>
> at2sv5f.sys
>
> atbm8drv.sys
>
> When I got ready to delete them, AVG warned that deleting system files could
> be harmful, etc.
> Does anyone here recognize either of these files an either legit or
> malicious? I'd really prefer not to delete them and then find out I just
> hosed my system.
>
> Thank you:
>
> Buddha
>

08-12-2008

No.

Submit samples to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission(s) will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition Virus
Total will provide the sample(s) to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@xxxxxx?subject=SCAN

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

08-13-2008

This is getting harder and harder. Windows Explorer will not even display
C:\Windows\System32\Drivers as even existing, although we all know it does.
The only way I can see the folder is with Win NC 3000 in Safe Mode. I've
taken all the steps suggested by various users to enable Explorer to display
everything, but some folders remain hidden.

Can someone recommend an Explorer type program that will display EVERYTHING
on the drive in normal mode, regardless of whether MS thinks I should see it
or not? Their attempts to protect me from myself are really infuriating at
times.

Thanx:

Buddha

"oscar" <oscar@xxxxxx> wrote in message
news:55A17E39-6831-4583-90A3-B72D71C80BAE@xxxxxx

Quote:

> Lately I've become suspicious of these AVG warnings. They may be bogus.
> For
> now, don't delete anything.
> Try a different anti-virus software and see if another software can find
> the
> same "virus."
> --
> oscar

>
> ...Right click is your very good friend...
>
>
> "Buddha" wrote:
>

Quote:

>> AVG Free RootKit has identified the following files on my Vista Home
>> Premium
>> system as malicious rootkits:
>>
>> at2sv5f.sys
>>
>> atbm8drv.sys
>>
>> When I got ready to delete them, AVG warned that deleting system files
>> could
>> be harmful, etc.
>> Does anyone here recognize either of these files an either legit or
>> malicious? I'd really prefer not to delete them and then find out I just
>> hosed my system.
>>
>> Thank you:
>>
>> Buddha
>>

08-13-2008

"Buddha" <TEPonta@xxxxxx> wrote in
news:B87DB2DB-7D3A-4F8F-872B-232D059CA11F@xxxxxx:

Quote:

> This is getting harder and harder. Windows Explorer will not even
> display C:\Windows\System32\Drivers as even existing, although we all
> know it does.

Go to folder options and uncheck hide protected OS files and put a check
besides show hidden file and folders. The default view is how you should
keep it most of the time anyway.

08-12-2008	#1 (permalink)
oscar n/a posts	RE: RootKits? Lately I've become suspicious of these AVG warnings. They may be bogus. For now, don't delete anything. Try a different anti-virus software and see if another software can find the same "virus." -- oscar ....Right click is your very good friend... "Buddha" wrote: Quote: > AVG Free RootKit has identified the following files on my Vista Home Premium > system as malicious rootkits: > > at2sv5f.sys > > atbm8drv.sys > > When I got ready to delete them, AVG warned that deleting system files could > be harmful, etc. > Does anyone here recognize either of these files an either legit or > malicious? I'd really prefer not to delete them and then find out I just > hosed my system. > > Thank you: > > Buddha >
My System Specs

08-12-2008	#2 (permalink)
David H. Lipman n/a posts	Re: RootKits? From: "oscar" <oscar@xxxxxx> \| Lately I've become suspicious of these AVG warnings. They may be bogus. For \| now, don't delete anything. \| Try a different anti-virus software and see if another software can find the \| same "virus." \| -- \| oscar No. Submit samples to Virus Total -- http://www.virustotal.com/flash/index_en.html The submission(s) will then be tested against many different AV vendor's scanners. That will give you an idea what it is and who recognizes it. In addition Virus Total will provide the sample(s) to all participating vendors. You can also submit a suspect, one at a time, via the following email URL... mailto:scan@xxxxxx?subject=SCAN -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
My System Specs

08-13-2008	#3 (permalink)
Buddha n/a posts	Re: RootKits? This is getting harder and harder. Windows Explorer will not even display C:\Windows\System32\Drivers as even existing, although we all know it does. The only way I can see the folder is with Win NC 3000 in Safe Mode. I've taken all the steps suggested by various users to enable Explorer to display everything, but some folders remain hidden. Can someone recommend an Explorer type program that will display EVERYTHING on the drive in normal mode, regardless of whether MS thinks I should see it or not? Their attempts to protect me from myself are really infuriating at times. Thanx: Buddha "oscar" <oscar@xxxxxx> wrote in message news:55A17E39-6831-4583-90A3-B72D71C80BAE@xxxxxx Quote: > Lately I've become suspicious of these AVG warnings. They may be bogus. > For > now, don't delete anything. > Try a different anti-virus software and see if another software can find > the > same "virus." > -- > oscar > > ...Right click is your very good friend... > > > "Buddha" wrote: > Quote: >> AVG Free RootKit has identified the following files on my Vista Home >> Premium >> system as malicious rootkits: >> >> at2sv5f.sys >> >> atbm8drv.sys >> >> When I got ready to delete them, AVG warned that deleting system files >> could >> be harmful, etc. >> Does anyone here recognize either of these files an either legit or >> malicious? I'd really prefer not to delete them and then find out I just >> hosed my system. >> >> Thank you: >> >> Buddha >>
My System Specs

08-13-2008	#4 (permalink)
Wingwong Woo n/a posts	Re: RootKits? "Buddha" <TEPonta@xxxxxx> wrote in news:B87DB2DB-7D3A-4F8F-872B-232D059CA11F@xxxxxx: Quote: > This is getting harder and harder. Windows Explorer will not even > display C:\Windows\System32\Drivers as even existing, although we all > know it does. Go to folder options and uncheck hide protected OS files and put a check besides show hidden file and folders. The default view is how you should keep it most of the time anyway.
My System Specs

Similar Threads
Thread	Forum
Scanning for rootkits	Vista General
Removing RootKits	Vista security
Removing RootKits	Vista file management
Windows Rootkits/Virus Issues.	Vista security
Rootkits in Vista RC-1 and RC-2 ?	Vista General