Author Topic: Rootkit in Dr Watson  (Read 3034 times)

0 Members and 1 Guest are viewing this topic.

annette2

  • Guest
Rootkit in Dr Watson
« on: December 26, 2008, 05:17:54 AM »
Rootkit found in files ending 3digraph.dll & others similar.
Also: C\Windows\1386\DRWatson.EX_\FAULTH.DLL
There is still a reboot & scan option after about 8 mins even after the virus database has been updated, more than once.
Is this a real problem or a false positive?
Files are islolated to vault but concerned to delete. Obviously using another 'puter.
Has anyone experienced these particular files? If it is a known virus/viruses how to fix it\them?
Thanks 
         

samuelvirucide

  • Guest
Re: Rootkit in Dr Watson
« Reply #1 on: December 26, 2008, 06:11:43 AM »
 ;) hi annete 2,

  have the files upload them to http://www.virustotal.com/ so that you will know if there are false positive post your result here!!! :)

annette2

  • Guest
Re: Rootkit in Dr Watson
« Reply #2 on: January 02, 2009, 12:58:46 AM »
False Positive: notepad report from virustotal.com reads:
Complete scanning result of "Simple user interface.txt", processed in VirusTotal at 12/28/2008 21:44:17 (CET).

[ file data ]
* name..: Simple user interface.txt
* size..: 64669
* md5...: 0871cda84f2bc88451171cf534814e14
* sha1..: f3f998d8982c53cd29a1fa4ae6cb287356ef3f4e
* peid..: -

[ scan result ]
a-squared   4.0.0.73/20081228   found nothing
AhnLab-V3   2008.12.25.0/20081227   found nothing
AntiVir   7.9.0.45/20081228   found nothing
Authentium   5.1.0.4/20081228   found nothing
Avast   4.8.1281.0/20081228   found nothing
AVG   8.0.0.199/20081228   found nothing
BitDefender   7.2/20081228   found nothing
CAT-QuickHeal   10.00/20081227   found nothing
ClamAV   0.94.1/20081228   found nothing
Comodo   834/20081228   found nothing
DrWeb   4.44.0.09170/20081228   found nothing
eSafe   7.0.17.0/20081228   found nothing
eTrust-Vet   31.6.6279/20081228   found nothing
Ewido   4.0/20081228   found nothing
F-Prot   4.4.4.56/20081227   found nothing
F-Secure   8.0.14332.0/20081228   found nothing
Fortinet   3.117.0.0/20081228   found nothing
GData   19/20081228   found nothing
Ikarus   T3.1.1.45.0/20081228   found nothing
K7AntiVirus   7.10.568/20081227   found nothing
Kaspersky   7.0.0.125/20081228   found nothing
McAfee   5477/20081228   found nothing
McAfee+Artemis   5477/20081228   found nothing
Microsoft   1.4205/20081228   found nothing
NOD32   3719/20081227   found nothing
Norman   5.80.02/20081226   found nothing
Panda   9.0.0.4/20081228   found nothing
PCTools   4.4.2.0/20081228   found nothing
Prevx1   V2/20081228   found nothing
Rising   21.09.62.00/20081228   found nothing
SecureWeb-Gateway   6.7.6/20081228   found nothing
Sophos   4.37.0/20081228   found nothing
Sunbelt   3.2.1809.2/20081222   found nothing
Symantec   10/20081228   found nothing
TheHacker   6.3.1.4.201/20081228   found nothing
TrendMicro   8.700.0.1004/20081226   found nothing
VBA32   3.12.8.10/20081228   found nothing
ViRobot   2008.12.26.1536/20081226   found nothing
VirusBuster   4.5.11.0/20081228   found nothing

Thanks for your help!

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 89426
  • No support PMs thanks
Re: Rootkit in Dr Watson
« Reply #3 on: January 02, 2009, 01:13:59 AM »
Well I'm not too surprised as the file you uploaded isn't the same as the ones you say were detected ???

So where did this "Simple user interface.txt" come from and or how did you generate it ?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11867
    • AVAST Software
Re: Rootkit in Dr Watson
« Reply #4 on: January 02, 2009, 01:16:05 AM »
What exactly did the rootkit report say?