Windows 8 and 8.1 Forums

Help in removing rootkit

  1. #1

    Posts : 7
    windows 8.1

    Help in removing rootkit

    I just ran a rogue killer scan and it shows that I have a rootkit. I would appreciate any help in removing
    this. See report:



    RogueKiller V10.4.1.0 (x64) [Feb 19 2015] by Adlice Software
    mail : Contact
    Feedback : Adlice forum
    Website : RogueKiller download
    Blog : Adlice Software - malware analysis
    Operating System : Windows 8.1 (6.3.9600 ) 64 bits version
    Started in : Safe mode with network support
    User : Karen [Administrator]
    Mode : Delete -- Date : 02/22/2015 07:07:12
    Processes : 0
    Registry : 0
    Tasks : 0
    Files : 0
    Hosts File : 1
    [C:\WINDOWS\System32\drivers\etc\hosts] localhost
    Antirootkit : 1 (Driver: Not loaded [0xc000035f])
    [IAT:Addr(Hook.IEAT)] (iexplore.exe @ wow64.dll) ntdll.dll - memcpy : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE @ 0x11038d0
    Web browsers : 0
    MBR Check :
    +++++ PhysicalDrive0: ST500LM012 HN-M5 SATA Disk Device +++++
    --- User ---
    [MBR] 7ea2c00f60c9dbfb7304f609c967be1e
    [BSP] 5246beb6805e95d217c41c2452eedadd : Empty MBR Code
    Partition table:
    0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 300 MB
    1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 616448 | Size: 100 MB
    2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 821248 | Size: 128 MB
    3 - Basic data partition | Offset (sectors): 1083392 | Size: 475961 MB
    4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 975851520 | Size: 450 MB
    User = LL1 ... OK
    User = LL2 ... OK

    RKreport_DEL_02162015_124609.log - RKreport_DEL_02192015_034046.log - RKreport_DEL_02192015_035043.log - RKreport_DEL_02192015_114150.log
    RKreport_SCN_02162015_124134.log - RKreport_SCN_02192015_033604.log - RKreport_SCN_02192015_034900.log - RKreport_SCN_02192015_113451.log
    RKreport_SCN_02202015_213834.log - RKreport_SCN_02222015_070618.log

      My System SpecsSystem Spec

  2. #2

    Posts : 1,950
    windows 8.1 Update 1 Pro 64bit

    Have you ran a rootkit remover such as TDSSKiller Free, see here:
    Kaspersky TDSSKiller Download - TechSpot
      My System SpecsSystem Spec

  3. #3

    Posts : 87
    Win 8 and Linux (MINT)

    I would not go by one software scan, use several different ones to ensure you do not have false positives.
    Try each of the following to ensure infection.
    TDSSKiller Free Download | Rootkit Remova | Kaspersky Lab US
    Free Anti Rootkit Tool | Rootkit Detection and Removal | Sophos Virus Removal
    Rootkit Remover | Bitdefender Labs
      My System SpecsSystem Spec

  4. #4

    Posts : 7
    windows 8.1

    I have tried them all.
      My System SpecsSystem Spec

  5. #5

    Posts : 1,950
    windows 8.1 Update 1 Pro 64bit

    If you are not getting any rootkit reports from all the scans you've tried it is possible that RogueKiller has already cleaned it out for you.
      My System SpecsSystem Spec

  6. #6

    If you are still concerned about this, I recommend you go to bleeping computer, join that site and open a topic in the "Am I infected?" forum. People there will help you for free, and are quite knowledgeable about malware.

    Am I infected? What do I do? Forum -
      My System SpecsSystem Spec

  7. #7

    If you want to see if there is indeed a rootkit hiding on you drive, then you need to look at it with GParted. This is a bootable partition manager that will allow you to see the contents of your drive, including any hidden partitions.

    Rootkits generally cloak themselves from Windows disk management. This application will show the entire contents of the disk.

    GParted -- A free application for graphically managing disk device partitions

    D/L GParted, select the medium you wish to use & run it at boot time. Any rootkit will show up, usually at the end of the drive, as a hidden boot partition between 1 to 10 MB depending on the variant. If such an item is present, you have confirmation & can take steps to remove it.
      My System SpecsSystem Spec

Help in removing rootkit
Related Threads
windows 8.1 rootkit problem in System Security
hi ! im quite new to these forums, but i think some of you might help me. i was dealing with some torrents of different games, and i got rootkit infection from those. i scared quite a bit, and o readed from somewhere that if i reinstall windows COMPLETELY it will get deleted. well, i did that....
removing driver in Drivers & Hardware
i posted about a month ago about my printer not responding because windows had installed my driver in the wrong place therefore when I went to print I wasn't given that option. I was thinking I could remove that driver and install from disk and see what happens. thanks
Removing Windows 8 in Installation & Setup
Hi I have had enough of Windows 8, its rubbish, it has screwed up most of my programs and caused me much unneeded stress since I installed this crappy system :mad: I have another PC running on Windows 7 Ultimate, I forget about this and had an idea to use the hard drive and install it on my...
Hi there After HATING W8 at first and then getting to grips with it -- quite a big learning process -- not in using windows itself but re-arranging working style and conveniently arranging applications -- I actually like it a lot now and see where Ms was trying to go with this one. However what...
Solved Removing a VHD in Virtualization
Hello, as the title states, I am wondering how I could remove, or possible delete a VHD created as a partition of my C drive. I recently partitioned it to install Windows 7 on it, though I don't need anymore, so I decided I'd remove it, my problem now is I don't know how. Thanks in advance.
Solved removing windows 8 in Installation & Setup
I want to remove windows 8 and go back to windows 7 Can I just insert the disc and enter the key? or how do I uninstall windows 8 first as it was a downloaded app?
No boot after removing 2nd hd in Installation & Setup
Clean installed win 8, 1 hd, no problems worked well and installed all programs. Three days later i added a second hd to backup to. All went well.?? If i remove the second hd the system wont boot, just hangs at m/b boot logo, put the 2nd hd back and boots normally. Suggestion?
Eight Forums Android App Eight Forums IOS App Follow us on Facebook