Posted 24 October 2005 - 08:12 AM
I have recently d/l and run SVV from
Nothing specifically wrong with my winbox that I can tell but am really low level user: Point and click, follow instructions, that sort!
I was just playing around and got 2 Level 5 warnings.
Then used Ice Sword which showed no hidden processes.
Any body know about these tools and how to interpret the results?
No positives with F-secure Blacklight beta, Rootkit revealer, UnhackMe, RKDetector.
Posted 10 November 2005 - 09:40 PM
I am new here.
SVV checks the system if it has been compromised. The results it shows, however, do not classify what it detects since it doesnt really check for known signatures of malware.
U can post SVV's results here so that we can work something out regarding your problem.
Posted 10 November 2005 - 10:37 PM
Sorry been away for awhile and missed your reply CNM until today.
I will attach one image to this post of SVV scan showing warnings.
There is not much around to enable analysis of these warnings.
All other AV scans; normal: KAV, AVG, BD8, A2, Ewido, NAV.
Blacklight rootkit scan, UnhackMe, Rootkit revealer, RKdetector; All show nothing.
IceSword scan shows no hidden processes.
AutoRuns, ProcX, Security Task Manager and other process monitors clear AFAICT
Bootlog XP looks clear.
I will attach the IceSword SSDT results in the next post.
Identity theft and such compromise really frighten me (as I'm sure they do others)
Any help appreciated.
Really do not want to reformat and reinstall!
Posted 10 November 2005 - 10:42 PM
Whoops too big!
will rejig and repost
Edited by SGC, 10 November 2005 - 10:43 PM.
Posted 10 November 2005 - 10:49 PM
See for "unknown" hooks
Posted 10 November 2005 - 10:50 PM
See for "unknown" hooks
Hmm not to clear.
Can any one tell me how to get it better?
Easily readable version is 164kb
Edited by SGC, 10 November 2005 - 10:51 PM.
Posted 10 November 2005 - 11:07 PM
I was just "testing" my system in anticipation of an "all clear" result after reading about the app here and there.
Have not attempted any fixes
Posted 11 November 2005 - 01:18 AM
It seems that some module has hooked into your kernel components but the module that hooked is missing or most probably hidden. Correct me if im wrong. I would appreciate feedback since I have just recently begun researching on rootkit technology.
Posted 11 November 2005 - 04:48 AM
What exactly does that mean?
I have SSweeper set as on demand only
AVG set as on demand only (E-mail scanning disabled)
WWasher as on demand only
EWIDO and BDefender free, ie no start-up scanners
Norton GoBack is on demand only
A2 on demand
AdAware on demand
All of these have start-up scanner functions not installed, but I imagine all have reg hooks somewhere.
I get "registry change" notification from Spybot teatimer when WW launches.
Posted 11 November 2005 - 05:17 AM
Posted 11 November 2005 - 07:22 AM
These are no doubt going to be useful tools in due course.
I got your message earlier.
Will be interesting to see how these apps develop
Posted 11 November 2005 - 07:23 AM
Edited by SGC, 11 November 2005 - 07:24 AM.