Page 1 of 1
ROOTKITS
Posted: Sat May 19, 2012 10:49 am
by pistonbroke1957
Morning Campers.
Need some advice on how to get rid of ROOTKITS
AVG picked 6 of them up on a scan but can't 'heal' them.
They show on the results as 'hidden' and when i try to
remove them the results say they are 'inaccessible'.
They are all 'CORRUPTED SECTION WIN32K.SYS(TEXT)'
I ran RKILL and MALWAREBYTES prior to AVG but these didn't detect
any issues.
Am running WINDOWS 7 HOME PREMIUM.
Cheers
Re: ROOTKITS
Posted: Sat May 19, 2012 11:06 am
by BillyGoat
Wipe/re-install.
My thinking: if there are 6 that are detected, what else has been left. ADS streams, hidden locations, altered system files, keyloggers, download agents - whatever else!!!
Protect yourself and your data - wipe, re-install and be wary of where you download files from and what you accept from people.
With so many free alternatives for software, I still see people saying "got it from bit torrent - readme says it's a real copy". Yeah. OK. Course it is.....
I've met the foresnsic guys at a major software company - you would be amazed what gets changed in shared files. Scary stuff.
BG
Re: ROOTKITS
Posted: Sat May 19, 2012 11:46 am
by RichieP
TDSS Killer and
GMER
Change the filenames before running them.
Re: ROOTKITS
Posted: Sat May 19, 2012 12:26 pm
by pistonbroke1957
Cheers guys
Re: ROOTKITS
Posted: Mon May 21, 2012 4:53 pm
by Megaross
Kapersky rescuedisk, yet to come accross a rootkit it won't kick out. Great bit of software.
Re: ROOTKITS
Posted: Mon May 21, 2012 7:15 pm
by SteveOC
I used to run something, I seem to recall it was Blacklight.
Anyhow, I ran the two programs that RichieP posted links to just out of curiosity.
TDSS Killer ran no problem.
GMER either hangs my Netbook or seems to run forever, then if left unattended crashes and forces a Reboot.
I might look at the Kapersky option.
Steve O.