I would like to know does using CTM and make snapshot of clean computers and later during a tdss/tdl rootkit infection when trying to restore a clean snapshot get rid of the tdl/tdss rootkits? The reason is I used wondershare time-freeze virtualization and a tdl-3 rootkit by passed it and infected my pc forcing a format to make sure is clean and I have heard shadow defender also fails tdl/tdss rootkits. SO on my new formated pc I was wondering if I use CTM will it protect me against these rootkit or will the snapshots and CTM get infected as well?
Also anyone knows any protection against these rootkits? By the way I have CIS perimum and it failed to detect the rootkit. The only softwares detected was hitman pro 3.5 and GMER. Thanks in advance for your reply.
Most probably yes. You can have a clean computer after restoring the clean snapshot.
But I’m not an expert on CTM (yet).
If GMER detects it, avast will do the same (as the full GMER technology is bundled into avast).
Thank you for testing it for me. Also could you test it on windows 7 home perimum 32bit as well please? SInce I formated my pc because of the tdl infection I have installed win 7 instead of xp. Thanks in advance.
I couldn’t properly tested on my Virtualbox VM
SafeSys worm just keeps making BSOD so I couldn’t test it :-
and under a limited account it just removes self.
I think this virus is aware of virtual environment.
gotta test again with VPC 2007
he just posted it several hours ago :a0
that’s a bad news again.
Seems it has a “better” drive to protect the system.
But it does not allow snapshots, just a “frozen” system that can be reverted.
Although avast gives me a very good protection against rootkits (with GMER technology incorporated), you know, it would be better to have a stronger CTM driver.
yeah I agree.
CTM has more features like snapshot, rebooting support, etc. and it’s free.
for security, we’d rather use a disk imaging software as i mentioned before.
we once used to live on without that software. O0