Main Forum > General Computer Support

how to use both GMRE and aswmbr anti rootkits tool ?

(1/2) > >>

Gamezertruth:
A long time I have not done running anti-rootkits tools for checking my system for an rootkits Infection! So I had to just run some of the anti-rootkits tools and with this I did not understand what they report ! so can somebody help my understand this report ?

and how to use both of GMRE and aswmbr anti rootkits tool ?

all I noticed that is a strange entries in path C:\Windows\System32\drivers like this one in the line

\??\C:\Windows\System32\drivers\

INT 0x51  ?

and now I need to reboot my system Because both tools, eating high memory! /-( :rolleyes:

Boggin:
Some rootkit scanners are specialist tools and should only be run under supervision by qualified disinfection people.

The free version of MBAM has a Rootkit scan option but you can also use Norton's Norton Power Eraser, although the latter has been known to take out legit programs but has a restore/undo facility - but creating your own restore point is the safest bet.

Had you cleaned out the system following my advice in your networking thread ?

Gamezertruth:

--- Quote from: Boggin on June 25, 2015, 05:37:34 pm ---Some rootkit scanners are specialist tools and should only be run under supervision by qualified disinfection people.

The free version of MBAM has a Rootkit scan option but you can also use Norton's Norton Power Eraser, although the latter has been known to take out legit programs but has a restore/undo facility - but creating your own restore point is the safest bet.

--- End quote ---

thank for you info :smiley:


--- Quote from: Boggin on June 25, 2015, 05:37:34 pm ---\
Had you cleaned out the system following my advice in your networking thread ?

--- End quote ---

 no, I follow the instructions in the link that you linked me to and i have done checked All the steps manually in that article and uploading Each of svhost to VT.com and all clean ! but I wonder why roguekiller keeps detected this svhost and unable to removed it!

note : many virus removal tool found nothing ! the only tool was and still found svhost is roguekiller!

Boggin:
Run the free version of MBAM with the Rootkit option enabled and then NPE.

In MBAM you need to click on Settings then on Detection and Protection and check the Rootkit box.

NPE is an aggressive scanner when clicking on the default button on the face page, but clicking on Advanced gives you other options.

You could also give it a full scan with MSRT by going Start - type mrt then press enter and opt for the full scan.

If you think you are still infected then you could register on www.techsupportforum.com - open the Trojan and Virus section and after reading the pre-requisites open your thread and explain what you have done so far and what RogueKiller is reporting - if it still is after running those other programs.

The people in that section are all Mods and specially trained in disinfection.

Gamezertruth:
I’m running a malware scan with Mbam right now and i will run other scan with the rest of malware scanner ! so i think i have find this and i don’t know if something to do with it ? http://forum.adlice.com/index.php?topic=386.0

Navigation

[0] Message Index

[#] Next page