Solved Root Kits/Removers

Hello Everyone,

This i would like to see if Any of the fellow techs here could help out, or just anyone that might of come across any.

I was hoping to locate a good root kit remover/unhooker(rename) file. I have used a couple. One is rootrepeal which is no longer being updated and or supported, I have used Rootunhooker. hoping to find some to help find unknowns from legits-
W/ Kernal modes w/ call backs. To help combat these newer versions of TDL4's-MBR hooks, aswell as the files assc.(trojan horse cryptic CWW &CYK, and exploits to Java as well as Flash.

TY in Advance
~Sixwheeler~

Hello Sixwheeler,

Have you got a rootkit? Or are you just looking for prevention?

Rootkits are nasty pieces of work and require very powerful tools to remove, such as Combofix, do not use combofix unless instructed to do so by a trained professional.

aswMBR is a tool made by the Avast corporation. It is a diagnosis and removal tool capable of removing TDL4/3, MBRoot (Sinowal), Whistler and other rootkits.
aswMBR
TDSSKiller is a tool made by Kaspersky. It is a specific removal tool for the TDSS strain of rootkits
How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?

aswMBR shouldn't be used unless instructed to do so, but TDSSKiller can be run fine without an expert present

As you can see, anti-rootkit software tends to be removal tools rather than protection

I don't know of any real time rootkit protection software, just use a good AV such as Microsoft Security Essentials and come back here if you have any infection

Upon googling it, I found this: UnHackMe - First BootWatch AntiRootkit - Greatis Software

Looks like it's the sort of thing that you're after, but I don't know

Tom

Make sure you're up to date with Java and Flash by using this tool:

Secunia Personal Software Inspector (PSI) - Introduction

Tom

Hello tom982,

I am not looking for protection,

Thanks for responding, I am not infected, I work on infected machines. just having some issues w/ unhooking some rootkits. I know all about Java And Flash, & those getting exsploited.
As I work For an antivirus company some tools are not allowed to be ran on clients PC's, I have used TDSSKiller yes, & have had great succes. Some rootkit removers can copletely remove on which am not allowed to run. I was hoping something like you have prposed in the latter of your post, to unhook these infections so as a AV can heal the PC-when they are hooked to a system file-sys32-win32-.exe and such.
I do appreciat your help And will look into your suggestions. i do use Sercurnia PSI Myself great tool, & have also used & installed on Clients PC's.

Sixwheeler2011
~ADAM~

Okay, I understand now. Have you had a look at this: How to Remove rootkit virus with RootKit Unhooker

Tom

Thanks just added it to my tools as well as the others, Now i have some reading to do and some testing Oh well that's OK.
Thanks Tom

No worries Have you got any further questions? Or can I mark this thread as solved?

Tom

You can go ahead and mark this thread as solved.

Again TY

It's my pleasure If you ever have any further issues then feel free to post back in this thread, or start a new one

Tom