infection

Chkrootkit false positives

Submitted by admin on Fri, 09/30/2011 - 01:47
Tags:
You run "Chkrootkit" on a server and get a list of rootkits and signs of rootkits and some of the lines say you are infected or that you have a suspicious file on your system. What do you do? "chkrootkit" looks for possible signs of infections which may just be the results of safe programs. It is then the job of the web-master or systems administrators to take that clue and look further to decide if it is really a threat.

hijack repair

Tags:
When you have determined you are infected, many times you need to do a certain amount of cleaning before you can clean the rest of the system. This will do just that.

reading HighJackThis logs

Tags:

Reading HighJackThis (HJT) logs is not for the faint at heart. It lists each and every possible point that a highjacker could use your system to infect you so the log can get quite big. Most entries are benign and it is up to you to figure out what is malicious and needs to be removed. You may want someone else to look at the log (see 'sites that analyze a HJT log'). But if you want to try it yourself, read on.

Syndicate content