Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows Live Messenger Rootkit? 1

Status
Not open for further replies.
KimberTech

KimberTech

MIS
Oct 18, 2001
846
CA
I had posted this in the spyware thread and was advised someone here might be able to help.

While beta testing the new messenger software I had a shared folder with a relative newbie.
A "friend" of theirs subsequently did a spyware sweep and found potential rootkit warnings that all pointed back to the messenger program.

I recall seeing some documentation about false positives, and that Microsoft had acknowledged it, but can't find it now.

I would like to provide the information to the person to defend myself, and my qualifications. There was no infection, I made sure.

I have googled this to death and found some notice board/blog type entries, but nothing from an official source.

Any help MOST appreciated.

Kimber
 
Sort by date Sort by votes
Do you happen to know what software, and what release of that software, was used to discover this rootkit?

 
Upvote 0 Downvote
I have requested this information but don't have it yet.

I suspect it is Spysweeper, just a hunch.

Thank you for your response.

K
 
Upvote 0 Downvote
Also, if the three programs above show clean, have them repair their Spy Sweeper:

Open Spy Sweeper, click the Home button, then hold down the Ctrl and Alt keys on your keyboard while double-clicking the Spy Sweeper icon.

Doing so will bring up a small menu of additional support buttons. One of these buttons is labeled Download Full definitions. Click this button and let the definitions fully download.

 
Upvote 0 Downvote
Will do, and will update on results.
I was positive I saw some documentation showing false positives on Live Messenger....will post that too if I find it.

K
 
Upvote 0 Downvote
You guys are the best. Thanks for being there..will update when I finalize this.

K
 
Upvote 0 Downvote
Rootrevealer was the only one that found anything at all.
Both of the others say I am clean.

The results showed entries only for MSN messenger and then only for the three users with which I had shared folders.

How do I interpret the data to explore this further?

I am reading but time is of the essence so any help much appreciated.

K
 
Upvote 0 Downvote
Save the Rootkit Revealer file output and post a copy of it here if it is not too big. Somebody might be able to throw some light on the matter. Don't forget about the Rootkit Revealer forum linked to earlier.

What does Rootkit Revealer say if you disable the shared folder option in Messenger before you run it?
 
Upvote 0 Downvote
Thanks for the help, suggestions and links. I WILL update as promised. I am in the process of documenting and cleaning up.

K
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

K
  • Locked
  • Question
Recover Data Windows 10 1
Replies
2
Views
4K
Rick998
Rick998
pjw001
  • Locked
  • Question
Latest Windows Update - End of Service
Replies
2
Views
3K
pjw001
pjw001
VicM
  • Locked
  • Question
Problem updating Windows Explorer
Replies
1
Views
925
Nancycaf
Nancycaf
pjw001
  • Locked
  • Question
Windows 11 Screen Colours have changed (slightly) 3
Replies
14
Views
7K
pjw001
pjw001
pjw001
  • Locked
  • Question
Programs not loading on Windows 11 Version 22H2.
Replies
9
Views
1K
pjw001
pjw001

Part and Inventory Search

Sponsor

Back
Top