| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 107499 | 2010-02-18 16:35:00 | Question for Guru,s | kjaada (253) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 859727 | 2010-02-18 16:35:00 | I see there is a bad rootkit malware on the loose affecting XP. While it will not affect me I am curious to know: Could a linux live CD be used to clear the likes of this out of a MS system. |
kjaada (253) | ||
| 859728 | 2010-02-18 17:35:00 | I guess it could if you know where to look and what your looking for, I doubt I would though without help from on here | gary67 (56) | ||
| 859729 | 2010-02-18 19:24:00 | You could use UBDC/Hirens to boot off and clean it that way, but as Gary says, other than giving you 'a place to stand', no Linux distro is going to give you a hand-holding removal process. Your best bet is to be preventative (a little harder with a rootkit), or pull the drive and slave it before scanning with NOD32. |
nofam (9009) | ||
| 859730 | 2010-02-18 19:56:00 | you would have to know exactly what you are looking for, each and every file - even then you may not get everything. You would be better off using a dedicated rootkit removal program - plenty about, but once again you have to be careful as to what you remove. Just a few (www.renjusblog.com) - but like the one from Sysinternals, it shows all hidden files/folders/reg keys and most are legit OS files, remove them and you would be going towards a reinstall |
wainuitech (129) | ||
| 859731 | 2010-02-18 20:15:00 | I actually posted as I wondered if it was reasonably easy with linux,why it had never been mentioned.Thanks for your answers and I take them on board. |
kjaada (253) | ||
| 859732 | 2010-02-18 20:22:00 | trojan remover (not free) will probably remove it. Or malwarebytes. Boot into safe mode then scan it with one of these | Speedy Gonzales (78) | ||
| 859733 | 2010-02-18 21:16:00 | trojan remover (not free) will probably remove it. Or malwarebytes. Boot into safe mode then scan it with one of these I actually thought I was finished with this as it was just a query after seeing several news items on this latest rootkit trojan affecting thousands of XP users. But now to further the "investigation" as my partner has "that other OS" will the MS security system prevent this latest attack on "the other system" signed: Dedicated linux.(from way back) |
kjaada (253) | ||
| 859734 | 2010-02-18 21:19:00 | Depends what the name of the rootkit is, and whether its in MSE's database. If it is, it should remove it. XP is on the other PC here. And hasnt been infected yet. It wont affect XP just because it can. Just be careful where you go / download and install. Have you got a link for this rootkit, youre talking about? | Speedy Gonzales (78) | ||
| 859735 | 2010-02-18 21:55:00 | Go here: gcn.com |
kjaada (253) | ||
| 859736 | 2010-02-18 22:10:00 | You've got more chance of getting that rootkit, if you use P2P programs. MS have confirmed the rootkit causes that BSOD (if you installed the KB 977615 update). Link (blogs.technet.com) Dont use P2P programs, and you'll have less chance of getting it. However, if you use 64 bit windows, you wont get it / it doesnt run in 64 bit So, if you decide to install an update (which updates the windows kernel), scan your system, before you install it (esp, if youre using a P2P program). So, its not the windows update that makes a system crash, its because the system was infected, before you installed it |
Speedy Gonzales (78) | ||
| 1 2 | |||||