Search Members Help

» Welcome Guest
[ Log In :: Register ]

 

[ Track This Topic :: Email This Topic :: Print this topic ]

reply to topic new topic new poll
Topic: RootKit, Can someone please confirm!< Next Oldest | Next Newest >
 Post Number: 1
tramco Search for posts by this member.

Avatar



Group: Members
Posts: 2
Joined: Feb. 2011
PostIcon Posted on: Feb. 02 2011,19:13  Skip to the next post in this topic. Ignore posts   QUOTE

I am using UltraISO Premium 9.36 to write disk image to USB for Symantec Endpoint Recovery Tool 1.0.17

I had the USB drive installed while scanning with tdsskiller from Kaspersky Labs to clean a Tidserv virus and it indicated that my USB drive was infected with rootkit.win32.backboot.gen

I was able to recreate the situation on multiple USB drives after performing a low level format on all of them.

Question is, is it UltraISO or the image from Symantec?


Edited by tramco on Feb. 02 2011,19:16
Offline
Top of Page Profile Contact Info 
 Post Number: 2
xoben Search for posts by this member.

Avatar



Group: Super Administrators
Posts: 2200
Joined: Nov. 2004
PostIcon Posted on: Feb. 04 2011,21:25 Skip to the previous post in this topic. Skip to the next post in this topic. Ignore posts   QUOTE

UltraISO will change MBR (Master Boot Record) and Boot Record of the active partition of your USB flash drive for 'Write Disk Image' operation. It is recommanded to contact vendor of your anti-virus program to get more detailed of your issue.
Offline
Top of Page Profile Contact Info 
 Post Number: 3
X3lectric Search for posts by this member.

Avatar



Group: Members
Posts: 28
Joined: Jan. 2011
PostIcon Posted on: Feb. 07 2011,13:17 Skip to the previous post in this topic. Skip to the next post in this topic. Ignore posts   QUOTE


(xoben @ Feb. 05 2011,02:25)
QUOTE
UltraISO will change MBR (Master Boot Record) and Boot Record of the active partition of your USB flash drive for 'Write Disk Image' operation. It is recommanded to contact vendor of your anti-virus program to get more detailed of your issue.

Actually it should be ultraiso contacting  antivirus companies informing them of this process in detail so it can be white listed, NOT the user.

Passing the buck on real issues to the customer is real excellent business practice...


--------------
The idea that laws decide what is right or wrong is mistaken in general. Laws are, at their best, an attempt to achieve justice; to say that laws define justice or ethical conduct is turning things upside down.
Offline
Top of Page Profile Contact Info WEB 
 Post Number: 4
tramco Search for posts by this member.

Avatar



Group: Members
Posts: 2
Joined: Feb. 2011
PostIcon Posted on: Feb. 07 2011,14:16 Skip to the previous post in this topic.  Ignore posts   QUOTE

Thanks to the both of you for replying.

No other Anti-Virus program has shown any indication of a problem.

I guess my POST was more of a heads up for the programmer/s then any other reason.

I will continue to use UltraISO as I have for the last 6+ years. There is no other application that comes close in my book.
Offline
Top of Page Profile Contact Info 
3 replies since Feb. 02 2011,19:13 < Next Oldest | Next Newest >

[ Track This Topic :: Email This Topic :: Print this topic ]


 
reply to topic new topic new poll

» Quick Reply RootKit
iB Code Buttons
You are posting as:

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code