PsychoticxBloodxLust Posted September 25, 2008 Share Posted September 25, 2008 ok i'm tired of looking since i can never seem to find anything that works or maybe i'm just stupid...Anyway My college uses AVG 8.0 network edition. and well i love when it picks up rootkits, it never gets rid of them or all of them.is there a program or list of programs out there to aid in the removal of rootkits. i have been running the free version of Antivir for most cleanups it seems to do the trick 98% of the time Link to comment Share on other sites More sharing options...
shought Posted September 26, 2008 Share Posted September 26, 2008 You can use this to 'reveal' them, I don't know if it removes anything or has the option to: Rootkit Revealer I strongly recommend trying Trojan Remover to get rid of any kind of malware, it has always worked best for me. And I'll get back at you when I've done some more research, how's that? Link to comment Share on other sites More sharing options...
PsychoticxBloodxLust Posted September 26, 2008 Author Share Posted September 26, 2008 You can use this to 'reveal' them, I don't know if it removes anything or has the option to: Rootkit Revealer I strongly recommend trying Trojan Remover to get rid of any kind of malware, it has always worked best for me. And I'll get back at you when I've done some more research, how's that?I have used rootkit revealer just searches it has helped in manual removal but isn't finding a particular rootkit, i have also used trojan remover and it didn't find anything and avg keep picking it up removes it and at restart its back it seemes avira - antivir free got it out i think i'll have run another avg scan see what pop ups.EDIT: I ran combofix as well i think that might have removed it or helped in removal Link to comment Share on other sites More sharing options...
PsychoticxBloodxLust Posted October 6, 2008 Author Share Posted October 6, 2008 Anyone else Link to comment Share on other sites More sharing options...
wyrman Posted October 8, 2008 Share Posted October 8, 2008 Anyone elseAvenger 2 Link to comment Share on other sites More sharing options...
shought Posted October 9, 2008 Share Posted October 9, 2008 So it's not fixed yet? Link to comment Share on other sites More sharing options...
einstürzende Posted October 9, 2008 Share Posted October 9, 2008 Rootkit is bad driver, *.sys for instance, someone uses Alternate Data Streams to hide itself, popular antirootkit tools are RootRepeal, RootkitUnhooker, Gmer. Great countermeasure are various HIPS ... Link to comment Share on other sites More sharing options...
shought Posted October 9, 2008 Share Posted October 9, 2008 Download RootRepeal(currently in Beta): http://rootrepeal.googlepages.com/RootRepeal_1.1.2.rarDownload RootkitUnhooker: http://forum.sysinternals.com/uploads/2007...rku37300509.rarDownload Gmer: http://www.gmer.net/gmer.zipOut of first impression I would say that RootkitUnhooker looks best, but it also requires the most knowledge in things like this, if you are unsure please post here between which options you have to choose and such.Edit: RootkitUnhooker also has its own (tech support, I think) forum at http://www.antirootkit.com/forums/viewforum.php?f=35. Link to comment Share on other sites More sharing options...
einstürzende Posted October 9, 2008 Share Posted October 9, 2008 Thanks to shought for links, RootkitUnhooker team are now part of MS and members are active at sysinternals forum, very good discussions about rootkits and other malware are on malware part of sysinternals forum, here. Link to comment Share on other sites More sharing options...
PsychoticxBloodxLust Posted October 9, 2008 Author Share Posted October 9, 2008 awesome totally forgot about sysinternals and I'll run rootkitunhooker on his machine and see if does the trick Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.