- Aug 30, 2015
- 189
I recently obtained a new outboard drive off a friend for 10$ lol good deal right...Well I plug her in and format it no problem also note I plugged it into a VM not my host machine to format it completely using Easus Partition Master. It seems as though something got through and that would be a rootkit, but I'm not sure so here are the logs. I should have DBAN'D the drive but instead I figured it would take to long given the size of the drive. So I decided not to zero write the drive out. I really need help if it is a rootkit or is this just HMPA throwing a false positive somehow. I'm not exactly sure how HMPA exploit mitigation works whether it embeds itself into the kernel or what. So if I am kitted I need help removing it. Drive L is the suspected drive that is kitted but I definitely need help on the steps to take to get rid of the rootkit if it is kitted. Thanks for any response. And