Rootkits

Joe C

Joe C

Golden Master
Messages
5,006
Location
Great Lakes State
What's your opinion of Rootkits?
Do you:
1. suspect the the operating system is totally compromised and prepare to back up data and zero out the drive

2. Clean up the pc with TDSS killer, Combofix, run Malwarebytes plus an on line scan and hope that works?

I'd like to know your opinions please
 
Usually option 2.

I'll also scan with Panda Anti Rootkit to be sure as well.

Depends on what rootkit, and how bad the infection though, too.
 
Although I have cleaned up some pc's using the tools I mentioned in my first post, I believe that you can never know how compromised the system was, and that another rootkit could possibly exist in the system.
If I find a rootkit (using the tools like TDSS Killer) I recommend to wipe the drive and go with a clean install if possible. There are different circumstances with every individual and every pc so these things do need to be taken into account first
 
Agree with carnage, it depends on the rootkit. I had one so bad (that literally came out of nowhere on a PC I practically broke my back to keep virus-free), I had to wipe the HDD. Granted, this was far before I had any really useful knowledge of electronics, but this thing not only permanently enabled all my network connections (could not disable them short of tearing out the hardware, which I did at some point), hijacked all my browsers (yes I have more than one), no, it had to be a complete **** and corrupt some important files for startup that messed up my system so badly I couldn't even get into safe mode. I also didn't have the original OS disk so out of luck there as well. When it comes to rootkits for me, I usually just wipe the disk, and reinstall. All of my personal files/backups are done through Linux OS's (I literally boot to a disk and run off of that while I'm backing up) just to be safe. My experiences have made me annoyingly skeptical. lol
 
Joe C,

...you can never know how compromised the system was, and that another rootkit could possibly exist in the system.
Click to expand...

Exactly!!

If you peruse through many of the malware removal forums, you will find that using diagnostic tools takes precedence. Find out as much as you can about what you are dealing with, and then, use the right tools to remove it.
 
You must log in or register to reply here.

Similar threads

P
ComboFix Replacement
Replies
5
Views
518
PC_Cone
P
R
Hi there .. Let me thank you
Replies
4
Views
705
grantheo
grantheo
S
I think the CPU cooling fan is failing
2 3 4
Replies
35
Views
5K
DomniCruper
D
W
Covert Communication via modulated Ultrasonic Acoustic Pressure Waves
Replies
0
Views
1K
WhiteHatX74
W
D
Kernel-Power 41 Task 63
Replies
0
Views
1K
Dungeonus
D
Back
Top Bottom