Forum rules
We have no special rules for UVK forums. Just try to be polite and clear in your posts.
Please don't post spam in this forum. Spammers will be banned by IP, e-mail and username.
We reserve the right to delete all posts and ban all users we consider not having respected these rules without warning.
I've been asked to post a tutorial on rootkit removal using UVK. So here it is.
If some of you think there is something else to add to this tutorial, please post.
Step 1: Try to remove the rootkit with Kaspersky TDSS killer:
Let's not start the hard way. First we'll try to use TDSS killer to remove the rootkit. Note that this procedure requires internet connection.
Download UVK and install it with the default settings. This is very important as it will create a system restore point just before the installation. For more information and download, visit the following urls: http://www.carifred.com/uvk/help/ http://www.carifred.com/uvk
Run UVK, and click Run UVK scripts. Paste the following code into the UVK commands text box:
So, first UVK will download TDSSKiller to your desktop and save it with a diferent name from the original. This is very important as most of the modern rootkits detect TDSSKiller by its name and prevent it from running.
If the tool found and removed your rootkit, then man, you're lucky, click no if it asks you if you want to reboot immediately.
Close TDSS killer, and UVK will then clear the hosts file and flush the dns, reset the group policies, create a new system restore point, and reboot your machine. Hopefully after the reboot, your rootkit will be gone. If so you can ignore the next steps.
I'll continue this tut later. Please post if the step above didn't remove the rootkit.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.
I'm going through old posts and came across this tutorial. Since it's from 2012 is it safe to say it's before TDSS killer was added to the malware section or is this in addition to that part?
Yeah, I made this topic a long time ago. I was supposed to add more info, explaining how to detect and delete rootkit drivers manually using the Service manager and more stuff, nut I never got the time to finish it.
Merry Christmas!
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.