Is VIPRE capable of removing new TDL3 rootkit?

Discussion in 'other anti-virus software' started by Durad, Nov 30, 2009.

Thread Status:
Not open for further replies.
  1. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    Is VIPRE capable of removing new TDL3 rootkit from infected machine?
     
  2. xolith

    xolith Registered Member

    Joined:
    Oct 10, 2009
    Posts:
    7
    Yes, it does.
     
  3. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,032
    Location:
    Hengelo, The Netherlands
    No it doesn't.

    It doesn't detect it so it certainly doesn't remove it.

    Only an injected user mode DLL that is part of the TDL3 rootkit is detected:

    Windows XP Professional-2009-12-02-19-46-34.png

    As the screenshot shows a deep scan was performed.
     
  4. xolith

    xolith Registered Member

    Joined:
    Oct 10, 2009
    Posts:
    7
    Sorry i ment "no" :)
     
  5. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    Only Dr.Web can cure the system yet when rootkit is active
     
  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,032
    Location:
    Hengelo, The Netherlands
    Hitman Pro 3.5 build 79 or newer also removes the rootkit.
     
  7. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    Then I need to be sure that I don't get that rootkit before the new 64bit version has arrived ;)
     
  8. Zombini

    Zombini Registered Member

    Joined:
    Jul 11, 2006
    Posts:
    469
    Do these rootkit removal solutions boot from a WinPE/BartPE CD. If not, then they are just blowing smoke.
     
  9. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    This is a false statement.
     
  10. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    that isn't. hint: active
     
  11. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    Hitman does it, active infection.

    Kaspersky also does it with defs from their pre release server.
     
  12. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    /faceplam.
     
  13. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    no, it couldn't see it at all (3.20 version of tdl)
     
  14. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    Actually wrong again. Tested both 3.19 and 3.20, both are detected and removed (active infection)

    Final testing before public release for antirootkit module on this server ftp://dnl-test.kaspersky-labs.com/test/emu
     
  15. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    ok so even if kaspersky doesnt detect and remove it (not saying it doesnt, but just the amuse you) ughh... but Hitman Pro does... so that shows that ur wrong saying only Dr.Web can either way.
     
  16. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Guess this is pretty much the only way Dr. Web can get into the spot light here. Is if it's forced in on someone else's topic. :rolleyes:
     
  17. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    AYW, guy. jibba jabba speech's boring. :thumbd: I dislike any brainless funs. cul8r
     
  18. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    ROTFL, killer's queen
     
  19. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Yey for another A vs B thread.
     
  20. Eagle Creek

    Eagle Creek Global Moderator

    Joined:
    Jul 27, 2004
    Posts:
    734
    Location:
    The Netherlands
    The original question has been answered.
    No need to go into a "yes it can, no it can't" discussion :).

     
  21. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Might be wise to lock the thread then!
     
  22. Eagle Creek

    Eagle Creek Global Moderator

    Joined:
    Jul 27, 2004
    Posts:
    734
    Location:
    The Netherlands
    I was hoping that wasn't necessary because of nobody making new posts ;).
     
Loading...
Thread Status:
Not open for further replies.