Help - Search - Members
Full Version: Zero Access Rootkit
Kaspersky Lab Forum > English User Forum > Protection for Home Users > Kaspersky Rescue Disk 10
Tom ZeCat
I have two friends who each have the Zero Access Rootkit, according to a retail organization that scanned their PCs and wants a large fee to remove it. This Zero Access Rootkit must be very pervasive. I'm thinking of removing it from my friends' systems with the Kapersky Rescue Disk 10. Will it work? Is the rescue disk equipped to destroy this rootkit without making the operating systems unstable? One PC has Windows Vista Home Premium; the other has Windows XP Professional.

My other option is to just reformat their hard drives and reinstall the operating systems from scratch. And neither person has their system recovery disks (of course).

A related question: I'm thinking of insisting that each friend purchase and use Kapersky Internet Security. Will it prevent them from getting the Zero Access Rootkit again? One person was using a junky free antivirus product. The other had let his Norton expire way back in March and has been unprotected all this time.
Attest
QUOTE(Tom ZeCat @ 1.10.2011 17:41) *
I have two friends who each have the Zero Access Rootkit, according to a retail organization that scanned their PCs and wants a large fee to remove it. This Zero Access Rootkit must be very pervasive. I'm thinking of removing it from my friends' systems with the Kapersky Rescue Disk 10. Will it work? Is the rescue disk equipped to destroy this rootkit without making the operating systems unstable? One PC has Windows Vista Home Premium; the other has Windows XP Professional.

My other option is to just reformat their hard drives and reinstall the operating systems from scratch. And neither person has their system recovery disks (of course).

A related question: I'm thinking of insisting that each friend purchase and use Kapersky Internet Security. Will it prevent them from getting the Zero Access Rootkit again? One person was using a junky free antivirus product. The other had let his Norton expire way back in March and has been unprotected all this time.


Yo, I don't know anything about the recovery disk, but since it seems as if responses are pretty slow around here I'll just say that I believe I saw someone on youtube using kaspersky for this very problem, I imagine the rootkit might be more advanced since then but I'd say it's definitely worth a go. I think he made use of the disinfect function in order to prevent the system perhaps becoming unstable. In regards to whether Kaspersky would have caught it I imagine it would have, as I understand it they're renowned for very quickly getting signatures, certainly I've seen someone test some zero access rootkit against Kaspersky a while back.

As I say I'm not too knowledgeable on the matter, I'd say there was no harm in trying.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.