Sign in with
Sign up | Sign in
Your question
Solved

SERIOUS problem/question INVOLVING ROOTKITS! NEED HELP/ADVICE!!!!!!

Tags:
  • Windows
  • Windows 7
  • Rootkit
  • Antivirus
Last response: in Antivirus / Security / Privacy
Share
September 26, 2014 4:46:14 PM

I am worried I might have downloaded a rootkit.....I downloaded an exe. earlier today that installed 3 adware programs (YTDownloader, Speeditup, and something else) despite me specifically conducting a custom install. It took me a while but I finally got rid of these junk programs using IObit to ensure that all trace files were also deleted. I then conducted several full scans with both AVG 2015 as well as Malwarebytes using the rootkit detection features built into these programs both of which came up with no malicious items detected. However, I know that these rootkits can be extremely hard to detect so I ran GMER, a program specifically designed to find rootkits. Upon conducting my first scan my computer crashed (BSOD). After rebooting I ran the program again no rootkits were detected. My computer is running fine with no issues but the fact that my computer crashed upon running rootkit detection software concerns me. Any help/advice would be immensely appreciated.

More about : problem question involving rootkits advice

a b $ Windows 7
September 26, 2014 5:03:44 PM

what about spybot search & destroy? IOBIT and those other apps should have never been downloaded.
m
0
l
September 26, 2014 5:12:31 PM

swifty_morgan said:
what about spybot search & destroy? IOBIT and those other apps should have never been downloaded.

IOBit has very favorable reviews on CNET and it was the only way I could uninstall those malicious Adware programs.....and are you saying I shouldn't have used Malwarebytes and AVG? Why would that be a problem? Do you think Spybot Search & Destroy would yield more accurate results? Thanks for the reply by the way.
m
0
l
September 26, 2014 5:21:29 PM

Malwarebytes its a great but it sometimes misses a few i always use every month Panda Cloud Cleaner portable version. Why because it works no need to install and helps to remove what malwarebytes does not find... Also swifty don't be a fan boy not every program its 100% great. and i own IObit as well and great program. avg i dont use because it misses al ot and difficult to delete completely
m
0
l
a b $ Windows 7
September 26, 2014 5:26:37 PM

Dutchoperative said:
swifty_morgan said:
what about spybot search & destroy? IOBIT and those other apps should have never been downloaded.

IOBit has very favorable reviews on CNET and it was the only way I could uninstall those malicious Adware programs.....and are you saying I shouldn't have used Malwarebytes and AVG? Why would that be a problem? Do you think Spybot Search & Destroy would yield more accurate results? Thanks for the reply by the way.


i said you shouldn't use IOBIT............ keep messing with it and you'll know what I mean........... also, said nothing about avg or or malwarebytes............ was referring to those apps that got you in this mess...............(YTDownloader, Speeditup, and something else)

check search box ( type msconfig and hit enter ) look under start up and services for stuff that shouldn't be running or you don't want running. under services, at the bottom, you can filter out microsoft stuff ....

you should check your firewall also.
m
0
l
September 26, 2014 5:38:52 PM

Check here C:\Users\USERNAME\AppData and delete every program install that you know it a virus nothing ells a great way to know its google it. Also use your antiviruses to scan this specific folders(3). Also use adblock or adblock plus on google chrome to block ads and ads viruses.
m
0
l
September 26, 2014 5:41:17 PM

Also everytime you install a program make it so its custom install so you chose witch program gets install. It happen to me many times and once with the IObit installer but great program to own and also driver booster.
m
0
l
a b $ Windows 7
September 26, 2014 5:41:41 PM

And disable system restore. If its nasty it'll come back. If its on. Then do a full scan with something
m
0
l
September 26, 2014 5:48:03 PM

swifty_morgan said:
Dutchoperative said:
swifty_morgan said:
what about spybot search & destroy? IOBIT and those other apps should have never been downloaded.

IOBit has very favorable reviews on CNET and it was the only way I could uninstall those malicious Adware programs.....and are you saying I shouldn't have used Malwarebytes and AVG? Why would that be a problem? Do you think Spybot Search & Destroy would yield more accurate results? Thanks for the reply by the way.


i said you shouldn't use IOBIT............ keep messing with it and you'll know what I mean........... also, said nothing about avg or or malwarebytes............ was referring to those apps that got you in this mess...............(YTDownloader, Speeditup, and something else)

check search box ( type msconfig and hit enter ) look under start up and services for stuff that shouldn't be running or you don't want running. under services, at the bottom, you can filter out microsoft stuff ....

you should check your firewall also.


Okay I gotcha, I assumed you were referring to AVG and Malwarebytes. Believe me I am more than aware of the maliciousness of those junk Adware programs and honestly thought that I had circumvented their installation. I installed and ran Spybot's rootkit function and conducted both the quick and deep scan. What am I looking for here? There are 3 files all of which appear to be associated with AVG and 2 Registry Keys:

(HKLM/SOFTWARE/Wow6432Node/Microsoft/Windows/CurrentVersion/Applets/SysTray/BattMeter/)

(HKLM/SOFTWARE/Wow6432Node/Microsoft/SecurityCenter/

Do any actions need to be taken?

m
0
l
a b $ Windows 7
September 26, 2014 6:00:35 PM

tbh i wouldn't touch either one of those. looks like microsoft products..??
m
0
l
September 26, 2014 6:05:03 PM

swifty_morgan said:
tbh i wouldn't touch either one of those. looks like microsoft products..??


Yes dont touch it but some viruses change it values and that is why the Spybot detect it. if spybot have a option to fix the value so use it but don't delete it.
m
0
l

Best solution

a c 424 $ Windows 7
a b è Antivirus
September 26, 2014 6:06:43 PM
Share
September 26, 2014 9:24:51 PM

SR-71 Blackbird said:
Hitman Pro
http://www.surfright.nl/en/HitmanPro


Hey thanks for the reply, you have actually helped me with several issues over the last few weeks and I really appreciate it. I ran Hitman Pro and it detected some adware that I was sure I had removed before with other programs. Any idea why these files were not being picked up by other malware software? After I allowed it to delete these junk files I ran the scan again after reboot and no malicious items were detected. Do you have any further steps that you think I should take. And thanks again for the help.

m
0
l
a c 424 $ Windows 7
a b è Antivirus
September 27, 2014 9:07:12 PM

You should be fine Hitman is really thorough.
m
0
l
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS