View Full Version : Rookit?

Jeff W
09-06-2005, 05:19 AM
F-secure blacklight and Sysinternals Rootkit Revealer both discovered a "rootkit" called sccfg.sys in my C:\ folder. Rootkit Revealer says only that it is "Hidden from Windows API." I deleted it using Erd Commander, but it regenerated.

This file sounds suspiciously like a sound card configuration file, but I have ~$100k online in Neteller and Party accounts that I accessed on this computer.

I'd rather not reformat this computer because it's my grandpa's. MS Anti-spyware and AntiVir anti-virus both come up clean.

The other option is to call up Neteller and Eurobet and ask them to freeze my accounts until Sept. 18.

09-06-2005, 02:21 PM
I read the pcmag article (here (http://www.pcmag.com/article2/0,1759,1790572,00.asp)) on rootkits earlier this year and it made me even more paranoid about security than I already am. I downloaded a rootkit thingy too but it is very complicated. Did you read any documentation on what you have to do to actually determine if something is a root kit? There are no actual individual rootkit signatures like with spyware or viruses, but only indications that something *might* be a rootkit. You then have to investigate further. I would have to be really convinced of a problem to go to the trouble. Good luck and hopefully you don't actually have anything, although we all would seem fairly defenseless against these things.

09-06-2005, 03:05 PM
Rootkits are nothing to be triffled with. By their very nature, they give the villian full control of your PC, and will be difficult to detect and remove.

Back up your data, and data only. Format and start over.