Anime Forum

Rootkit Hidden Driver Help

Jako98146

Jako98146

Active member
Regular
Joined
Sep 8, 2010
Messages
1,406
Kin
0💸
Kumi
0💴
Trait Points
0⚔️
Today, I went to download something off of a website called adfoc.us, when it said that it failed. Because I'm always suspicious of downloading anything, I did an AVG whole scan on my laptop and found some hidden driver. My AVG said that it removed the driver, but then I did a second scan just to be completely sure that it was gone, but the same rootkit was detected and removed.

After that, my plug fell out of my laptop(without a battery, so it shut down)and no rootkit was detected when I did another scan. I just want to know if there's any way the driver could have screwed my AVG(since most viruses usually hit antivirus software at some point)or if the driver's completely gone because of AVG(I have very little trust for AVG, that's a main reason why I'm asking this). Now I may sound completely ignorant for writing this, but that's because I have very little understanding of technology...
 
Sanzen

Sanzen

Active member
Veteran
Joined
Aug 26, 2011
Messages
2,844
Kin
25💸
Kumi
480💴
Trait Points
0⚔️
So many internet security and antivirus questions, letely. You just can't be stupid. If you were suspicious, then why did you download it?
Seriously, I question why some people even have access to the internet.
The fact that you were dumb enough to download something from a site that you didn't trust in the first place just shows that you won't be able to do what I am going to suggest, but I'll suggest it anyway. Get another hard drive and put it in your laptop, then install debian onto said new hard drive.
I think I have microsoft security essentials on my windows hard drive, don't really know tbh. But other than that, I have nothing and I do fine. Why? Because I know not to be stupid about what I download.
A rootkit is a type of malicious software that is activated each time your system boots up. Rootkits are difficult to detect because they are activated before your system's Operating System has completely booted up. A rootkit often allows the installation of hidden files, processes, hidden user accounts, and more in the systems OS. Rootkits are able to intercept data from terminals, network connections, and the keyboard.
Click to expand...
also, read this.
You must be registered for see links


Crafter said:
Try running a scan with malwarebytes. It's a free program.
You must be registered for see links
Click to expand...
Don't just use malwarebytes regular, there is a special program within malwarebytes.
You must be registered for see links
 
Jako98146

Jako98146

Active member
Regular
Joined
Sep 8, 2010
Messages
1,406
Kin
0💸
Kumi
0💴
Trait Points
0⚔️
Sanzen said:
So many internet security and antivirus questions, letely. You just can't be stupid. If you were suspicious, then why did you download it?
Seriously, I question why some people even have access to the internet.
The fact that you were dumb enough to download something from a site that you didn't trust in the first place just shows that you won't be able to do what I am going to suggest, but I'll suggest it anyway. Get another hard drive and put it in your laptop, then install debian onto said new hard drive.
I think I have microsoft security essentials on my windows hard drive, don't really know tbh. But other than that, I have nothing and I do fine. Why? Because I know not to be stupid about what I download.

also, read this.
You must be registered for see links



Don't just use malwarebytes regular, there is a special program within malwarebytes.
You must be registered for see links
Click to expand...
It's not that I didn't trust it, it's more that I'm suspicious of downloading things from most websites, due to some unfortunate viruses from downloading from certain websites that seemed legit and sites that I trust, so I always scan after doing a download of everything that's not from Steam. Nothing wrong with being cautious...And I'm pretty sure I've downloaded from that site prior to...this, and have performed AVG scans that came up with no threats
 
Last edited:
-Yard-

-Yard-

Active member
Supreme
Joined
Jan 13, 2011
Messages
25,264
Kin
0💸
Kumi
0💴
Trait Points
0⚔️
Awards
You'll need to scan in safe mode without networking.
Hijack this
TDSSKiller
GMER
Are the best programs in my opinion for this situation.

If they don't detect anything you should be fine. If they detect something, remove it and when you restart it's still there, then that means it's in your boot sector and will re-install it'self while hidden each time it's removed.

In which case aswMBR.exe
You can go look up a tut on using it, I don't have enough free time atm to.

If you used it correctly and had it replace/clean your boot sector and it's still there, then it's in your firmware which is rare and to my knowledge nothing can save you.
 
  • Like
Reactions: Naruto.
Jako98146

Jako98146

Active member
Regular
Joined
Sep 8, 2010
Messages
1,406
Kin
0💸
Kumi
0💴
Trait Points
0⚔️
Well, I just did an AVG scan and a MalwareBytes scan in safe mode, and I have no apparent rootkits...Although I have 71 info severity infections...

Anyway, thanks for the info everyone, and thanks Sanzen, for candidly calling me an idiot while not even fully understanding how I viewed the website in terms of trust...
 
You must log in or register to reply here.
Top