a computer is a laptop daaa

@KASHEDS A computer is older then a laptop daaa

@destructias445 lol there the same thing its called a desktop a desktop is older than a laptop computers and laptops are the same thing just differnt names

@KASHEDS k. but one has a bigger screen then another.

@destructias445 so its just a diffent size so what

@KASHEDS well thats the difference. the fact that they are both a different size is mainly the difference

is it compatible with av

Gmer is great thanks

lol, people talking about how to detect rootkits, but never saw one's source code. funny

is ndis.sys a rootkit?

Britic, When I downloaded Gmer, why did my Norton internet security identify it as a trojan and quarantine it?

Was it cause it was freeware or came with files falsely identified as a trojan?

Please answer, thanks :)

I got done back in March with a TDSS Rootkit Trojan. I neeeded to reformat my Hard Drive and then download the full AVG Suite-THIS ROOTKIT SURVIVED REFORMATTING. Only when I downloaded AVG and ran it was this Rootkit sucessfully removed. It CAN survive a Reformatting!

@peterkin1010 You should have nuked the whole hard drive. Reformatting can create duplicates of system files, so that root kit probably got lucky and was copied.

When you say 'as of this time' could you please input a date for that time? as of THIS date 6-12-2011 I believe my win 7 does have a root kit. I did find and delete a trojandropper with Malwarebytes Anti-Malware - and Prevx has been shut down and all files deleted even though it is apparently still operating appearances wise!

That is to say the directory has been emptied - but the icons are still there even though the program will not run and no error messages pop up when I try to run it.

mywot says that is a bad site full of trojains wat should i do????

d: $#@¡ ʎloɥ ¡uʍop ǝpısdn ɯı ƃɯo ¿sıɥʇ sı looɔ ʍoɥ puɐ ı ɯɐ looɔ ʍoɥ

even if you reinstall will they still have access to my computer??? i just got hacked last night lolz

i have used the program but after 1:50 minutes it doesn't work anymore..do you have a solution?

@KEVIND666 use WINSOCK FIX

google it

Try Dr. Web !

if you have a rootkit, disconnect yourself from the internet and call an IT guy.

ok so i downloaded one of the softwares but the rootkit was clever and initiates the blue screen everytime gmer scans the system, what can u suggest?

i donwloaded that shit and my computer crashed

I use

Malwarebytes

superAntiSpyware

Sophos cleanup tool

Sophos anti-rootkit

Gmer

+ AVG and Panda anti virus.

And still Rootkit.TDSS is a bullfucker to get away :-) the tarded rootkit did reappear on restart. So had to turn of system restore thingy.

You should try those programs and make a video about what you think of them :-)

gonna try the ones in your¨vid now

@whisket666

Try, RootkitRevealer

hello britec.is it true that 64bit computers are more immune to these rootkits?thanks.

@MrArnold1972 I have never seen a Rootkit on a 64bit O/S

But I would not like to say 64bit is 100% rootkit free...I suppose only time will tell, but as of right now Rootkits wont run on 64bit O/S

@Britec09 i say it is win7 wdk i remember reading a bypass for patch gaurd.

@Britec09 i got a rootkit i=on my new windows 7 64 bit :(

@Britec09 there are 2 different rootkits that can infect a 64-bit OS, only 2!

@ballader1 Which ones are those?

@byakuya600 1 different version of TDSS and one that I can't remember it's name

@Britec09 actuarly i had a rootkit on a 64bit os

i deleted it with cmd (netstat -ano)

@kevinspl2000 There's no way possible you deleted a rootkit by running "netstat"

@kenmha ofcourse you can

netstat -abot

:P rootkit is like a hacker

@Britec09 my computer is a 64bit OS, and I do indeed have alureon.a...microsoft security essentials found it, and I have seen evidence of svchost's activity being odd, so I don't have a doubt it's making stuff up! haha

for some reason I can't access my F8 function on startup, so I can't even enter safemode. My computer boots normally in any other case.

This will not detect level 0 rootkit >.<

I just had a rootkit. Malewarebytes quarantined it but couldn't fix it. Took it to the shop for $100. She said she removed the hard drive, hooked to another computer, rebooted in safe mode, said that made it easier to find. After 2 trips to the shop, $100 she got it. Saved all my files, lost nothing. I got rootkit.tdss.gen from a porn site. Slutload.

when i turn boot my CPU my anti virus is off and i have to turn it on after start up i scanned my comp numerous times ( i use MSE) is this a rootkit also before i turn it on it says survice has stopped... thats a problem right??

i ran this GMER program and it caused a blue screen dump.i wont be using it again and i dont reccommend it at all.

@MrArnold1972 GMER is an AWESOME program (I use it professionally in my business) but it is NOT recommended for every day users. It's extremely powerful and you can brick your system if you don't know what you're doing. I've seen it BSOD on systems that are already unstable or in the case of systems running 64-bit Windows (it usually just refuses to run on 64-bit, but I have seen it BSOD).

@MrArnold1972 i must be what you would call a every day user and im sure it is a awesome program as you say.i saw the bsod and bowed out gracefully haha.if im right i think avast5 anti-virus actually uses the GMER scanner.

Try using your antiviruses forums, example: If you use avast, find the avast forum. If you are using kapersky use their forum and so on.

However if you are using AVG, contact them by mail, and describe your problem, they will help you out.

Otherwise there are lots of free forums with tallented helpers, remember this:

DO NOT FOLLOW THE INSTRUCTIONS ON A CASE SIMMILAR TO YOURS!

Wait for a helper to contact YOU, do not follow what he tells other people to do, most infections are unique.

I will give you people a very good tip:

If you are infected with a rootkit, do not attempt to remove it by yourself (unless youre a pro)...

If you do try to remove it, you will most likely fail, and make the situation even worse. What to do is simple: Find a helper on a trusted forum.

Helpers will most likely as for logfiles from programs like: Gmer, Hijackthis and RSIT. Post the logs in the forum, and wait for help.

Do exactly as they tell you and everything should work out.

KK. i got a rootkit.agent? whats that? i wanna remove it! Its fucking with my firefox..plz help

Ummmm.....I am using avast...and today it showed me that i have a rootkit....i still don't know much about this virus....i press delete...i don't know is it deleted?....o.O

Please help! T.T my computers been infected by 7 rootkits and malware defense. I disconnected my computer from the internet and then scanned tried scanning with malwarebytes, superantispyware, and an antivirus program. But none of them work!

Superantispyware and malwarebytes wont open and everytime I try the antivirus program my computer freezes. My computer wont

even let me do a system restore. Im typing this from my phone right now and desperately need help!

@GTOrulezzz try running malwarebytes in safemode, keep pushing F8 at startup and enter safemode

when my window was booting it shows.....

re-install a copy of.......window root>/system32/hal.dll

after then its shows.... fsquirt.exe... re-install

then again it shows.....problem with ANIWZCS2 Service Launcher

Pls help me and pls explain clearly what i should do and to click ... hope to hear from u

Note am not the Admin but my sister share me as an administrator... pls help me... my connexion is going off and on

@GTOrulezzz I found a nice solution to your problem. I had the exact same thing happen to me. I ended up wiping the drive and reinstalling the OS... but I also used a USB drive and installed malwarebytes on it. The next time I got hit (darn those pron sites heh heh) I just unplugged network, and ran malwarebytes from the USB drive :) Problem solved :)

@james9322000 , how about you just stop going to porn sites that infect your computer and get laid you idiot. Your try porhnub dot com....they have 1,000's of free videos and its safe, ask anyone on here and theyll tell you it indeed is safe..

@GTOrulezzz dude, holy shit...

Get some help for your computer next time, don't ask from youtube, SEND IT TO PROFESSIONAL! You can't be surely deleting every file from your computer that is linked to malware or rootkit, and they can even come back...

Send it to professional next time... For your computer...

@GTOrulezzz Did you fix it!? Because this happened to me as well!

@WeezerBreather Yeah I got it fixed (yay!) but I had to go the shop to get it fixed for me ): Good luck with your problem!

@GTOrulezzz Reformat your computer. It is the guarantee why to remove nasty infections. Don't depend on programs to give you a 100% list of infections.

Gmer only gives me 3 tabs to scan, files, registry, and services. Is this because i am running 64 bit os?

when i run the scan it scans for about five seconds and then the program freezes. why is that?

@hermanoguzman there is other programs you can try, Root Repeal, Panda Anti Rootkit, Sysinternals RootkitRevealer, IceSword, DarkSpy.

I have had that same problem with Gmer, maybe its the root kit locking up the pc? not sure

@hermanoguzman You have tp press the scan button again.Ik it really is strange the way that happens.It's an amazing anti rootkit though.:)

I ran Gmer and it found a suspicious registry key with a random name in the HKCU\Software\Microsoft\Window­s\CurrentVersion\Shell Extensions\Approved key.

When I try to access this key using regedit, I get an error, which means the malware is protecting it somehow.

if its malware run malwarebytes and superantispyware

the only things are my AVG 9 and filesystem/ntfs and /fat

go to my forum and post your logs and someone will help you

hey can i just restore the pc? these bastards had disabled my task manager! i got through again though through the registry..but can i?

if you have a rootkit on your machine system resore will not help you, you must try to remove rootkits, if all else fails reformat your machine back to factory settings :(

FUck mY LIfe....i took it to my cousins house and thats how it got infected...throught a flash drive...im using my lap top right now...do you know how to restore to factory setting? by any chance>?"

so basically I only need to download 1 of the three you listed? or is rootkit hooker needed?

and once i delete it, it wont grow back like with antimalaware bytes?

(i tried, and reboot, it always reappears)

I just scanned it with gmer, it detected it, but wont let me delete it or disable it...what do it do?

its in a font, where you cant click on it,

look at my video on how to delete files

Which video, i only found

the one that talks about

"how to delete spyware and malaware"

but no root kit removers, or "delete files"

i emailed gmer since they did not let me delete the files...

(the delete and disable were greyed out and unclicable)

is there other ways? your vudeo did not show how to delete rootkits

all you have to do is write the path down and delete that file in command prompt or use unlocker, you might have to kill process before you can delete it or something like that.

I got unlocker now, what, 'how can i relate my unlocker program to gmer to delete this rootkit

(Win32:Alureon-DA [Rtk])

I tried searching for the files, on my search, on my computer, it found nothing, especially the root files \\?\globalroot\Device\Ide\IdeP­ort3\rjkkciqh\rjkkciqh\tdlwsp.­dll

all it said was "global root is not an existing folder" even though i clearly said "search in hardrive c"

it changes to "global root...."

First off this is a real bad rootkit trojan or virus, try scanning with RootRepeal, also combofix, make sure you tick search hidden services and files in RootRepeal. I would try free online scan with ESET & Panda or Bitdefender, just keep trying different software..its a tuff one to delete. and very hard to explain on here how to delete it without looking at your pc

@fuckpennyfinders

I am running AVAST! and that is the same message if you have any luck could you please let me know how you deleted it?

my friends computer got hacked and the hacker set his settings so no viruses or rootkits could be detected

backup and reformat.

The GMER worked really well, it helped me find the filepaths

Yes all Rootkits will be gone, if you are using the windows format when installing windows do not use the quick format method ok.

Well main one to scan is c drive with your windows on.

What it wont let you check all hard drives?

good post brian

Cheers mate