Solved

Best rootkit cleaner if I have to slave drive in another system

Posted on 2010-08-23
8
2,843 Views
Last Modified: 2012-05-10
I have a posible rootkit infection and really don't want to wipe the drive clean. I am getting a blue screen on startup and cannot get into windows. I looked up the BSOD and seems like it could be a rootkit. I would like to slave the drive in another system and scan it for a rootkit. I already tried slaving it and running Vipre and it didn't detect anything. Maybe i should try supperantispyware.
any other suggestions?
0
Comment
Question by:calitech
8 Comments
 
LVL 9

Accepted Solution

by:
Darksquire earned 100 total points
ID: 33502978
0
 
LVL 8

Assisted Solution

by:tskelly082598
tskelly082598 earned 100 total points
ID: 33503620
0
 
LVL 22

Assisted Solution

by:optoma
optoma earned 100 total points
ID: 33503694
Try these when system is live. If a rootkit is detected(patched system file).
They should be able to replace the file.
Run TdssKiller and Hitmanpro.
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro

If still having issue run Combofix and post log here
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

IF slaving the drive or using a boot cd, keep the logfiles.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 25

Assisted Solution

by:madunix
madunix earned 100 total points
ID: 33508982
look @ Bootable antivirus Rescue CD
http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/
Bootable antivirus Rescue CD method consider as the most effective way to remove the virus, trojan and malware because it track down some viruses, trojans and other malware are embedded so tightly into your operating system that when you boot Windows the normal way.
0
 
LVL 2

Assisted Solution

by:dragon24
dragon24 earned 100 total points
ID: 33510119
Combofix does a great job as optoma suggested. You might also want to try Malwarebytes. www.malwarebytes.org
0
 
LVL 2

Expert Comment

by:dragon24
ID: 33637742
Calitech, have you tried any of the above suggestions? Any update status?
0
 

Author Closing Comment

by:calitech
ID: 33791594
thanks for the information
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now