Level 1

11 points

How to remove rootkits and malware?

I have downloaded and ran the programme Rootkit Hunter and the results are worrying.

I don't know much about malware other than a malicious individual has persistently been installing it onto my machines via malicious emails - this time targeting my iPhone 4 (which I promptly got rid of upon discovering this individual's presence and replaced with a new Samsung S4, which is probably infected as well now) first; and from there using my house Wifi network to get onto my Macbook Pro 10.8.3 (which is the machine I am on now, and the machine the results refer to); and also my Samsung Galaxy Tab 10.1; and most likely the phones and computers belonging to other members of my family are compromised as well.

The following are the worrying results identified by Rootkit Hunter:

For "Checking LD_LIBRARY_PATH variable", it says in yellow "skipped".

For "Checking for hidden processes", it also says in yellow "skipped".

I also have red warning notices in relation to system configuration file checks and filesystem checks alerting me to the following:

"Checking if SSH protocol v1 in allowed The SSH configuration option 'Protocol' has not been set";

"Checking if syslog remote logging is allowed Syslog configuration file allows remote logging: install.* .0.1:32376"

"Checking /dev for suspicious file types Suspicious file types found in /dev: /dev/fd/6: MS Windows icon resource"

"Checking for hidden files and directories Hidden file found: /usr/share/man/man5/. rhosts.5: troff or preprocessor input text".

I do not know how to interpret these results other than of course realising they are alerting me to the fact that something is wrong and needs fixing.

I do not know exactly what Rootkit Hunter is telling me is wrong, and I do not know how to fix the problems it has identified.

I would greatly appreciate it if anybody could perhaps tell me how I can do these things. And any advice on which programmes to use for my Samsung machines and the best way to protect my devices in the future would also be greatly appreciated.

Posted on Aug 23, 2013 11:05 AM

68 replies

kitokia

Level 1

4 points

May 21, 2016 8:53 AM in response to Minty18522

Hi Minty 18522, i didn't find any of your contacts so I'm writing here. I've got pretty much the same story of a boy spying on me. I'm sick of people telling me that this kind of a hack is impossible. I've counted 9 or 10 hacked devices in my environment including my Iphone 4s, 5s and my moms 6 and sister's 6s as well as many of my friends androids and my own tablet. Thanks God there's one thing he didn't hack - my PC running Windows 7 😀 The boy threw hints at me in associative nondirect way that he knows what I'm up to in my life, pretty much something in the same way as your girls as i imagine. He blackmailed me with hints and threatened and let me know that he wants me. I didn't obey his demands as I've hot a boyfriend so he started to send all those pictures of me naked, conversations and sounds to well known people of my country, so called stars. It's a huge scandal now and everybody thinks that I'm doing all this myself and no one wants to talk about this with me so I have no proves only clues about what was sent to them. It was all real and my personal life that no one could access except for hacking devices. He couldn't do this physically because he had no access. Me and my bf bought unsmart simple phones and pretty much threw all smarties away as nothing helped them (tried factory reset many times, changed passwords, changed devices and so on..) so no one listens nor hacks us at the moment. But he threatens me into spying and sending stuff of my whole family and I cannot prove anything for them, everytime I try to tell them about this spying horror they think I'm paranoid and delusional as I have no proves ( I mentioned). I wanted to ask if you knew and learned anything from your own story that would help me, how did it end up to you?

Minty18522 Author

Level 1

11 points

Sep 5, 2013 8:20 PM in response to g_wolfman

Okay thanks four advice.

If she persists I may have to act on it.

Minty18522 Author

Level 1

11 points

Sep 6, 2013 5:18 AM in response to Minty18522

I got no replys to this question for weeks, and then a whole deluge in one night!

Anyway, thanks everyone.

Minty18522 Author

Level 1

11 points

Sep 19, 2013 2:26 AM in response to Minty18522

From what I've read I believe I need a virtual keyboard with some sort of scrambled layout if I am to have any chance of succeeding in protecting my passwords from keyloggers.

Minty18522 Author

Level 1

11 points

Sep 19, 2013 12:22 PM in response to MadMacs0

So I am basically screwed for the meantime then?

What are "147 Rats" by the way? I have Android devices.

Thanks.

Minty18522 Author

Level 1

11 points

Sep 19, 2013 12:37 PM in response to MadMacs0

Okay, a bit over my head, but thanks for taking the time to help me. Much appreciated!

g_wolfman

Level 4

3,472 points

Sep 20, 2013 8:09 PM in response to Minty18522

RAT stands for Remote Access Tool.

g_wolfman

Level 4

3,472 points

Sep 21, 2013 6:26 AM in response to MadMacs0

True, but there's a context to the thread as well...I doubt Remote Admin Tools used for fleet management are included in malware definition databases, for example.

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

How to remove rootkits and malware?