In this followup video to the Microsoft Security Detection and Removal tests video I show you what rootkit was present on the PC, what apps couldn’t even detect it and what finally removed it.
httpvh://www.youtube.com/watch?v=aRfnBjTCG4I
Microsoft Security Essentials – Rootkit Followup Video
Previous post: Atapi.sys Rootkit is EVERYWHERE!
Next post: Twitter Updates for 2009-12-11
{ 5 comments… read them below or add one }
Did you try scanning with avira antirootkit (uses similer techniques to gmer to detect rootkits rather than just signatures)
Did you scan with Hitman Pro? and could you review Immunet Protect its a cloud based antivirus that uses a new thing called “Collective Immunity” and can be run along side another antivirus similar to threatfire
If you end up reviewing Immunet Protect (Beta) it’s important to remember it’s meant to be run alongside other AV as additive protection at this point and likely should be reviewed as such.
al
Also wondering about Hitman Pro. Would be really interesting to know if it was able to handle it AND in that case without a boot CD. Just in safe-mode with networking or even without a connection by using its “Early Warning Scoring”.
Entertaining and informative videos as always, Matt.
Avira ISN’T detecting the new rootkit that’s been infecting everybody. Not by Full Scan, nor by Rootkit Search. I’m going to use the KittyFix and I’ll tell you if it worked.
This malware simply shows that antivirus apps are very vulnerable. I wonder how many people were infected.