Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: how to avoid getting rootkits

28 Sep 2010   #11
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Quote   Quote: Originally Posted by User001 View Post
I was thinking, I read from a Win 7 text, the author suggest to bypass UAC, use Run as Admin.

Is using Run as Admin the same as UAC?
Can I check the Detail before I either Cancel or Install?
If I can Cancel using Run as Admin, where is the file stored and can I scan it using Antivirus before install or delete it if the file was detected as corrupt/infected?
Hi, User001.

To begin, as you have been advised by all of the replies in this thread, you should not try to bypass UAC. When selecting Run as Admin, you will receive a UAC prompt.

Second, unless you change the location, when you download files on Windows 7, they are saved to C:\\Users\%UserName%\Downloads. You can navigate to that folder and scan with your antivirus prior to installing. Note, however, that is not a guarantee the file is not infected. You could also scan the file at Virus Total or Jotti as well.

Advice: Download only from vendor and reputable sites.

Quote   Quote: Originally Posted by pacinitaly View Post
Quote   Quote: Originally Posted by francis93 View Post

To avoid rootkits, you must scan your pc from time to time with gmer.

gmer gives me errors?
Hi, pacinitaly.

GMER has not been updated for Windows 7. Besides, even if compatible, it would not help you avoid rootkits. It is for scanning/removal of rootkits.


My System SpecsSystem Spec
.
28 Sep 2010   #12
pacinitaly

windows 7 professional & ultimate 64bit laptops
 
 

Quote   Quote: Originally Posted by Corrine View Post
Quote   Quote: Originally Posted by User001 View Post
I was thinking, I read from a Win 7 text, the author suggest to bypass UAC, use Run as Admin.

Is using Run as Admin the same as UAC?
Can I check the Detail before I either Cancel or Install?
If I can Cancel using Run as Admin, where is the file stored and can I scan it using Antivirus before install or delete it if the file was detected as corrupt/infected?
Hi, User001.

To begin, as you have been advised by all of the replies in this thread, you should not try to bypass UAC. When selecting Run as Admin, you will receive a UAC prompt.

Second, unless you change the location, when you download files on Windows 7, they are saved to C:\\Users\%UserName%\Downloads. You can navigate to that folder and scan with your antivirus prior to installing. Note, however, that is not a guarantee the file is not infected. You could also scan the file at Virus Total or Jotti as well.

Advice: Download only from vendor and reputable sites.

Quote   Quote: Originally Posted by pacinitaly View Post
Quote   Quote: Originally Posted by francis93 View Post

To avoid rootkits, you must scan your pc from time to time with gmer.

gmer gives me errors?
Hi, pacinitaly.

GMER has not been updated for Windows 7. Besides, even if compatible, it would not help you avoid rootkits. It is for scanning/removal of rootkits.


thanks corrine !!!
My System SpecsSystem Spec
28 Sep 2010   #13
Corrine

Windows 7 & Windows Vista Ultimate
 
 

You're welcome pacinitaly.
My System SpecsSystem Spec
.

28 Sep 2010   #14
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

My System SpecsSystem Spec
28 Sep 2010   #15
pacinitaly

windows 7 professional & ultimate 64bit laptops
 
 

great read too
My System SpecsSystem Spec
29 Sep 2010   #16
pacinitaly

windows 7 professional & ultimate 64bit laptops
 
 

got it to work on my vista laptop.
I don't know what I'm looking at


Attached Thumbnails
how to avoid getting rootkits-capture.jpg  
My System SpecsSystem Spec
29 Sep 2010   #17
Keiichi25

Windows 7 Ultimate x64 and Home Premium x64
 
 

Quote   Quote: Originally Posted by pacinitaly View Post
got it to work on my vista laptop.
I don't know what I'm looking at
From that image, you are looking at roughly what I believe is the system uses to start initially. It points out several programs and the process it at starts at, which is where Rootkits try to embed themselves in to avoid being easily removed.

So far, nothing looks out of the ordinary, as there is the normal references to ntkernel and bthport, which I believe is for the Bluetooth port enabling for bluetooth devices like a keyboard to use the laptop.
My System SpecsSystem Spec
29 Sep 2010   #18
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

C:\Windows32\Drivers\PROCEXP141.sys is Process Explorer
My System SpecsSystem Spec
29 Sep 2010   #19
pacinitaly

windows 7 professional & ultimate 64bit laptops
 
 

Quote   Quote: Originally Posted by Keiichi25 View Post
Quote   Quote: Originally Posted by pacinitaly View Post
got it to work on my vista laptop.
I don't know what I'm looking at
From that image, you are looking at roughly what I believe is the system uses to start initially. It points out several programs and the process it at starts at, which is where Rootkits try to embed themselves in to avoid being easily removed.

So far, nothing looks out of the ordinary, as there is the normal references to ntkernel and bthport, which I believe is for the Bluetooth port enabling for bluetooth devices like a keyboard to use the laptop.
Quote   Quote: Originally Posted by Jacee View Post
C:\Windows32\Drivers\PROCEXP141.sys is Process Explorer


thank you both very much!!
My System SpecsSystem Spec
Reply

 how to avoid getting rootkits




Thread Tools




Similar help and support threads
Thread Forum
External HDD with possible rootkits
I'm dealing with an external HDD that has possible rootkits or other nasty viruses on it. I reinstalled Windows 7 on a fresh, clean, uninfected HDD and now I need to retrieve some files from the old drive (which is now the external HDD). At this point, I have NOT yet powered it up. What...
System Security
Question about Windows 7 x64 and Rootkits
Hi everyone. Sorry if this is the wrong place to ask, but I've been curious about this for a while now, and I thought I'd ask the Win7 experts. Back when I was running an x86 XP SP3 system, there were a variety of readily accessible and easy to run rootkit scanners (Rootkit revealer, GMER,...
System Security
Another major infection; Rootkits!
Okay.. A few of you vets out there might cringe upon hearing this; but yes. I've (or my brother) has come across a rootkit or two; which constantly redirect google links unless using a VPN. Malwarebytes scan followed up with this list of bad files : http://puu.sh/17YRJ (I recently did a...
System Security
14 Rootkits, Removal Help Needed
Ok so, to start this, I have an ASUS K53SV-B1 Laptop, whose specs. are these: Intel Core i7 2630QM Nvidia GT540M 6GB RAM 5'400RPM HDD, 640GB 15.6" Inch Screen Microsoft Windows 7 Home Premium 64-bit The problem is, today I felt curious, and ran a scan with Avast! Free Antivirus to detect...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 19:14.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App