Removing Rootkits

Started by Skhilled, May 14, 2015, 06:31:49 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Skhilled

May 14, 2015, 06:31:49 PM
A rootkit is a program or a program kit that hides the presence of malware in the system.

A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install its own drivers and services in the system (they also remain "invisible").

I recently been getting messages from avast!, which I have installed, that it is blocking malware. The malware it kept finding was "Win32:Evo-gen". However, after running a scan multiple times it found nothing. Malwarebytes did not find anything either. So, I decided to see if the problem was a false positive or a hidden rootkit, etc. and did a little research. I found this page containing these programs with detailed steps to remove them. I HIGHLY suggest you run the steps here every so often to be safe. After running step 4 is when I finally found some things and got them removed. Please run ALL step in the order shown!

http://malwaretips.com/blogs/win32evo-gen-susp-virus/

Maxx

#1
May 14, 2015, 08:44:18 PM
Thanks Doc. regular scan, but you never know those sneaky little buggers!

It good we remind each other these things, I found to PUP with the Malware bytes.

And BTW windows 10 Is still working great!

regards,
Maxx
Print
Go Up Pages1
User actions