05-05-2022, 10:59 PM
(05-05-2022, 10:41 PM)Atma Wrote: Any suggestions on how to deal with it?
Switch to Linux, and keep your system up to date. When you update Linux, every piece of software on your PC gets updated, not just the operating system. (This assumes you haven't installed third-party software from outside the repo.)
In the case of the Windows rootkit, I deleted all of the files that the intruder had just uploaded. I don't remember what I did next, but I probably ran an antivirus scan. If it were to happen now, I'd try to identify the program that was downloading the files, and remove it.
That said, the chances of a user just happening to catch rootkit files appearing in their system folder in Windows Explorer are exceedingly remote in the first place.
You can see which programs are doing what in your firewall. Some firewalls allow you to set the warning level ridiculously high, to the point that it'll alert you about every little bit of network activity, e.g., every time a program accesses the Internet. It gets obnoxious after awhile. It can scare the bejeezus out of you if you don't know what all of those alerts mean. I remember Black Ice Defender constantly displaying an ominous-looking flashing icon in the system tray on a PC I had years ago.
