Can the newer memory based rootkits live in a router or modem? I am worried about a reinfect. Also, all of the file paths of the rootkit that mbam found are still there, just the end point is missing.
EX: HKU\S-1-5-21-3242656160-3075779107-805719229-1000_Classes\d0b67\SHELL\OPEN\COMMAND is still present MINUS command. The other 3 entries are the same. Only missing the last entry.
Should I remove these? Is this a way for it to get back in easily? Leading to the next question; if this does come back, will it go to the same places and exhibit the same behavior?