Coffeehouse Post

Single Post Permalink

View Thread: I've got a rootkit...
  • User profile image

    , W3bbo wrote

    The scan completed a short while ago, 7 threats were found in total.

    However all of them were inactive (i.e. just passive virulent files that weren't configured by the system to be loaded anywhere). Curiously enough, it flagged a JPEG file as a virus. I inspected it with a binary editor and apparently it was a renamed zip file containing an EXE. It came attached with some email.

    The thing is, you now know the system was infected but you don't really know it isn't still compromised by something the anti-virus tool didn't spot. So you've lost the best part of a day scanning a system and you can still only be sure it's clean by reinstalling everything. Not unsurprised to see executables hidden inside renamed files though, that's pretty common.

    , PaoloM wrote

    *snip*Using a better browser (with real security features) and an av would have prevented all that to show up on your system.


    Eventually everyone I've ever known to make the statement "I don't need an AV, I know what I am doing" has ended up in exactly this position.