AfterDawn Forums

Question Re Rootkit Removal

This discussion thread has 12 messages.

#1
Hey Guys,
So after taking a college class on the rise of cybercrime, I am now extremely paranoid of having a hidden virus on my PC (windows 7). I recently wiped the OS and reinstalled so I know for now I am clean. I have started looking to maximize my system security, and have decided on Webroot Secure anywhere, supplemented by malwarebytes and Superantispyware. However I noticed webroot scored low on a couple of review on rootkit removal. I was wondering if anyone had any suggestions on a good standalone rootkit detection program, so as to finally make me feel safe :) Any help would be appreciated guys!

-Justin
▼▼ This topic has 11 answers - they are below this advertisement ▼▼
AfterDawn Advertisement
#2
tdskiller.
#3
I thought TDSkiller was only for a specific form of rootkit?
#4
well it probably doesnt remove them all but no,it is a nonspecific removal tool.ultimately you could google your specific rootkit if you knew what it was and look up a specific removal tool.first tho,i would give tdskiller a try.
#5
Thanks Aldan. I'm almost positive I don't have an infection. Like I said, I recently wiped the OS. I'm just looking for ways to improve my detection capabilities. Sensative stuff stored on the computer. I will add this tool to my collection.
#6
you probably wont use it much hopefully.trend micro also has some free tools worth looking at on their website.in particular a bho remover.as well i like hijack this,but you have to learn to recognize what to remove and what not to remove.we used to have a guy on this site that was the guru of hjt.20ldgeek where have you gone.
#7
Just buy a kaspersky subscription and be done with it. They're the best antivirus program out there. I have a subscription for 5 computers and have never had any problems. I scan all of my customers backups on my computer to make sure it's clean before restoring their data. You would be amazed what kaspersky finds and what avg, norton, mcaffee and all those other horrible laggy programs miss.

I'd say just install a trial version, update it and see what it finds. It includes a rootkit scanner. Kasperky is the one that makes tdsskiller and they keep it updated regularly.

#8
Originally posted by aldan:
you probably wont use it much hopefully.trend micro also has some free tools worth looking at on their website.in particular a bho remover.as well i like hijack this,but you have to learn to recognize what to remove and what not to remove.we used to have a guy on this site that was the guru of hjt.20ldgeek where have you gone.
hello aldan, guess you and others thought I was dead.... but my spirit is still looking over you guys and all you have to do is summon me.... LOL

I see most of you are mis informed about HJT - it still is a good tool if you know what you are looking for and understand that it has NOT been updated for 64bit OS and does give some false readings. I have been looking over some of your fixes and see that you don't understand a few items so, I was just about to put together something on the newer tools that are available and maybe help get rid of the newer threats for the poor malware collectors out there.
I am now 70 yrs old and have been trying to retire sense I was 65, I work for a hotel chain, each time I mention retiring I get a promotion and a substantial raise. Very difficult to quit under those conditions. I love my work. I am head of the IT dept. and the main "go-to guy" for the other hotels in the chain.
aldan, it's good to see you are still helping malware victims and I have been considering getting back into the pileup.. GMER is probably the best rootkit remover but, you need a deep understanding of the computer and how to use it, it's not for a novice.
so, hows things going it your world???
2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#9
glad to see you are still around.you have been missed here.im getting tired of peeing on the electric fence.time i learned something for a change.lol.by the way,alls well in my world.Al.
This message has been edited since its posting. Latest edit was made on 19 Oct 2012 @ 20:55
#10
Originally posted by Jlee14:
Hey Guys,
So after taking a college class on the rise of cybercrime, I am now extremely paranoid of having a hidden virus on my PC (windows 7). I recently wiped the OS and reinstalled so I know for now I am clean. I have started looking to maximize my system security, and have decided on Webroot Secure anywhere, supplemented by malwarebytes and Superantispyware. However I noticed webroot scored low on a couple of review on rootkit removal. I was wondering if anyone had any suggestions on a good standalone rootkit detection program, so as to finally make me feel safe :) Any help would be appreciated guys!

-Justin
Webroot is a joke let me explain i had webroot installed on one of my computers key word one it kept removing the same malware and spyware from it's own directory it never detected any virus programs or malware i purposely put on the machine avg found it mcaffee found it and norton found it but webroot kept removing the virus and malware out of its own software so i deactivated it and installed avg on top of it and out of no where avg found 26 malware files located where in web roots own directory including the .exe that ran the program and i decided to clean the files once the files where clean i tried to run webroot and the stupid thing wouldn't launch without its malware and spyware

no thanks you think your paranoid join the club
#11
What I would worry about are the ones that fake your system into thinking that they are updates for browser plug-ins. Once they have control of your browser not only can it report back to the home base what you have typed or cut and pasted but it will add packages to any executable you down load. They work fine in safe mode and are hidden from HijackThis. The one I had was even smart enough to attack the restore points so I couldn't restore I could only format.

Aha yes root kits, gmer, Combofix and rooter are some anti-root kits.
#12
malwarebytes has come out with a rootkit remover in beta.i am in the process of checking it out.
This discussion thread has been automatically closed, as it hasn't received any new posts during the last 180 days. This means that you can't post replies or new questions to this discussion thread.

If you have something to add to this topic, use this page to post your question or comments to a new discussion thread.