Rootkit query | AntiVirus Help

Welcome to the Comodo Forum

Welcome, Guest. Please login or register.
Did you miss your activation email?
May 23, 2013, 07:34:38 PM

663838 Posts
70590 Topics
145231 Members
Latest Member: destanee13

more news...

Welcome to the Comodo Forum

Security Products & Services

Comodo Internet Security - CIS

Help - CIS

AntiVirus Help - CIS

Rootkit query

« previous next »

Pages: [1]

Author

Topic: Rootkit query (Read 1203 times)

7Leagues

Comodo Family Member

Offline

Posts: 94

Rootkit query

« on: January 06, 2012, 04:19:40 AM »

Following a full scan, one or more rootkits have been found but when I try to clean them CIS tells me it is not possible to clean or quarantine them. Can anyone advise what the procedure is for rootkit removal please?


	Logged

Who else wants to defy gravity by wearing a pair of 7 Leagueboots?

Ronny

Product Translator
Global Moderator
Comodo's Hero

Offline

Posts: 13182

Volunteer Moderator

Re: Rootkit query

« Reply #1 on: January 06, 2012, 03:56:35 PM »

Can you please post a screenshot of those 'rootkit' detections?

Rookit verification must be done on an 'offline' system, I'd advise to download Hiren's boot CD here
Boot from it and use explorer or registry editor to verify the existence of the detected 'Rootkits'.


	Logged

Volunteer Moderator
Any concerns? Please send me a PM or review the Forum Policy - update Jan 3rd 2013!

7Leagues

Comodo Family Member

Offline

Posts: 94

Re: Rootkit query

« Reply #2 on: January 06, 2012, 05:08:38 PM »

I will have to come back to you Ronny. I didn't take a screenshot so it will require a full scan again. I can't do that at this time as the machine is too busy running other tasks. I can tell you that all rootkits were found in the registry and related to Microsoft applications which seemed a bit strange to me. I was kind of wondering whether they may be false positives?