[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Help, possible rootkit
- To: BillyBob <billybobknob@xxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Help, possible rootkit
- From: Michael Rutledge <michael4447@xxxxxxxxx>
- Date: Sat, 23 Oct 2004 12:10:32 -0500
What type of software do you use on a regular basis, and what software
have you installed recently? Is this a new install of XP? Also, have
you installed SP2?
Give us a little background about your system so that we can rule out
common software gliches.
-Michael
On Sat, 23 Oct 2004 13:05:29 -0300, BillyBob <billybobknob@xxxxxxxxxxx> wrote:
> I have noticed that my XP system is behaving like I have a rootkit.
>
> - My mouse is jumpy (it freezes for a second when I move it around the
> desktop) and the minimized Taskmanager in the systray shows I have around
> 25 - 30 % usage, but when I open it, there is no process listed using this
> much.
> - I did a netstat, fport, openports and none of these show that I have any
> odd ports open or any connections established.
> - even when I disconnect from the Internet these symptoms do not stop. They
> stop if I reboot, but then start again.
>
> I have ran VICE, Klister, PatchFinder and RkDetect from rootkit.com and they
> could not find anything.
>
> Any more suggestions ?
> Any more rootkit finding tools for Windows ?
>
> Thanks
> Bill
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html