Jump to content

Detecting and Removing Rootkits


Recommended Posts

Yes it can, and it's pretty darn effective in my experience :P . Just note, there are a few rootkits out there right now that specifically target Malwarebytes' and other security tools and sites from loading and these often have to be handled with the assistance of a more knowlegable person to help a user disable the rootkit and then use the other tools, like Malwarebytes' Anti-Malware, to get the rest of the infection(s).

Link to post
Share on other sites

Thanks for the response exile360. Currently I'm looking for the best rootkit scanner/remover but since malwarebytes does remove rootkits then I don't need look further? If i still need to, could you recommend anything here? In a scale of 1 to 10 how would you grade Malwarebytes at removing rootkits?

Link to post
Share on other sites

The reason why I'm looking for the best rootkit scanner is because recently Malwarebytes took so long to update(your also replying in my other post :P), and sometimes my PC lags for no apparent reason, I thought this could be due to a rootkit.

I only use AVG AV as security protection and Malwarebytes for on demand scan, I update them daily for about 2 months now since I got my PC. Problem is in my scouting for rootkit removers I could see that most of these have negative effects when they remove the rootkits and also it seems that no tool is close to perfect, in my readings AVG rootkit remover had best reviews but its been discontinued by AVG in 2007(so its old), although you can still get it from other sources. No reviews on how Malwarebytes does in this, thats why I asked here its performance grade for detecting and removing rootkits.

Link to post
Share on other sites

Oh, ok. Well if you want an AV (arguably more effective than AVG), not only at detecting rootkits, but also other threats as well, then you have many choices, and two of them are free: Avira and Avast! (both free) and if you're willing to purchase I'd recommend either Kaspersky or NOD32. As far as dedicated rootkit detectors, I've used BlackLight (made by F-secure) on many occasions, but much like AVG's rootkit scanner, it hasn't been updated in a long time ;) . There are better anti-rootkit tools out there, but honestly they aren't really for use by those without extensive knowlege about how they work and what's good and what's bad. The tools I'm talking about are those like RootkitRevealer, GMER and RootRepeal. Those three usually require assistance by someone more knowlegable to analyze the logs (such as the individuals who assist in our own Malware Removal - HijackThis Logs area of the forum ;) ) or by the members on the Sysinternals forum.

As a side note, I've seen many use MBAM along with the AV's I mentioned and they've had excellent protection with it and they seemed to get along quite well :P . As far as your suspicions, it most likely was an issue with the connection, were it a rootkit or other infection blocking Malwarebytes' it either wouldn't even have been able to run or wouldn't have been able to update at all (or both) and you probably wouldn't be able to access this site right now. Usually when there are issues like slow updates etc it is caused by a temporary hiccup with the database distribution network that Malwarebytes' uses and is generally corrected quite quickly ;) .

Link to post
Share on other sites

Many thanks for the info. I hope your right about it, and most likely you are. Still I'd like to know how good Malwarebytes is at detecting/removing rootkits because they are some of the most dangerous threats and since its one of its capabilities so that I could gauge whether to add more to my PC defenses or not. How does it rate in a scale of 1 to 10 in rootkit a)Detection and b)Removal? just in case the worst happens....

Link to post
Share on other sites

Thanks for the response exile360. Currently I'm looking for the best rootkit scanner/remover but since malwarebytes does remove rootkits then I don't need look further? If i still need to, could you recommend anything here? In a scale of 1 to 10 how would you grade Malwarebytes at removing rootkits?

Malwarebytes' Anti-Malware is not a dedicated rootkit scanner, and while it can detect and remove many rootkits there is always the possibility that it will miss something (as with all security products from all vendors).

If you want a dedicated rootkit detector, then here are a few links for you:

GMER

Rootkit Unhooker

RootkitRevealer

Link to post
Share on other sites

I've read that these rootkit removers are prone to false positives and could even destroy a PC thats why I don't like installing just anything. I think I'll just stick with Malwarebytes for now since accdg to exile360 'its pretty darn effective' :P (but he did'nt give me the grade 1 to 10 just how effective it is). I just hope he's right.

In the case that Malwarebytes does find rootkits will it remove them 'cleanly' through the standard removal method, without harming my PC or is there a method specifically for removing rootkits, and if there is where can I find instructions for removing them? Thanks again.

Link to post
Share on other sites

  • Root Admin

Yes, using these tools without understanding what they do or how to use them can be detrimental to your system and could even stop it from ever booting again without manually reinstalling Windows. So that's a good decision to stay away from such tools without having a lot of experience on computer internal workings.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.