Let's have a look if you have a rootkit on your system?
Let RootkitRevealer scan
- Please close down all applications, close down your webbroser.
- Disconnect from the Internet
- Don't do anything on your machine
- close down your antivirus and your spywareprogram(s)
- shut down your network connections and your WLAN
- nothing may be done on your system
Let Blacklight scan
- Download RootkitRevealer,
unzip it to its own folder C:\program files\rootkitrevealer.- Run RootkitReavealer.exe.
- Click onto "Scan".
- When the scan is finished, save the logfile.
Let Sophos scan
- Download F-Secure Blacklight
save it to its own folder C:\program files\blacklight.
Does the download not work? Try this link.- Start blbeta.exe. Close down all applications.
- Click onto "I accept the agreement", "next", "Scan".
- When the scan is finished exit Blacklight with "Close".
- You will find a Blacklight fsbl-XXX.log in the folder of Blacklight, XXX means a number of digits.
Let Gmer scan
- Download Sophos
Rootkitescan. You will get an installation file sarsfx.exe.- Start it, accept the license, allow the installation, do not change the path C:\SOPHTEMP.
- Open this folder, start sargui.exe, close down all other applications.
- Hold on the options and "Start scan". It will last some time. When it's finished
you will get a fresh window with the summing-up, click "Ok". Close the Sophos Rootkitscan.
It's only an analysing tool.- Start > run > type %temp%
Locate sarscan.log, copy its content and post it.Let AVG Antirootkit scan
- Download Gmer from here. Unzip it to your desktop.
- Start gmer.exe > Tab Rootkit. Close down all other applications.
- Be assured that all checkmarks are set from "System" to "ADS".
- (Important: NO checkmark may be set next to "Show all".
Start the "Scan". Don't do anything with your machine.- When the scan is finished, click onto "Copy" to get the logfile.
- Exit Gmer with "Ok".
- Paste your logfile to this thread.
Let Bitdefender Antirootkit-ß scan
- Download the Beta Version of AVG Antirootkit
and save it to your desktop.- Install the program. All applications mut be closed. You will have to restart your system.
- Start antiRootkit.exe in its own folder.
- Click onto the button "Search for Rootkits".
- When the scan is finished, click the button "Save result to file",
rename this log to log1.- Click the button "Perform in-depth search". You may not do anything on your machine while the scan is running.
- When the scan is finished, click onto the button "Save result to file", rename this log to log2.
- Locate avgark.log in the Grisoft folder, copy its content and post it.
Let TrendMicro's Rootkit Buster scan
- Download Bitdefender Antirootkit-ß
- Save it to its own folder c:\program files\bitdefender
- Start the program with a Double-Click onto the file bitdefender_antirootkit-BETA2.exe
- Accept the license, start the scan, copy the result and post it to your thread.
Let Panda Anti-Rootkit scan
- Download Rootkit Buster
- Unzip it to its own folder
- Click onto the RootkitBuster.exe.
- Hold on the options, do not change anything. Please don't do anything on your machine, close down all applications, close your webbrowser.
- Click Scan.
- When the scan is finished you will be asked: 'Do you want to view the lög file?
- Click 'YES'
- Now you will get a new window with the logfile of the scan.
- Copy the content of this file and paste it to your thread.
- Download Panda Anti-Rootkit.
- Download IZArc, needing a Zip Tool which recognizes rar files.
(Screenshots and Introduction to Panda Anti-Rootkit)- Unzip AntiRootkit.rar to it's own folder C:\Program Files\Panda Antirootkit
(The tool gets updated automatically)- Close down all applications, close down your webbrowser, close all Windows.
- Close down all Guards and the On-Demand-Scanner of your antivirus.
- Don't work on your machine.
- Double-Click PAVARK.exe to start it.
- Agree to the Licence and start the scan.
- Do not interrupt the program.
- Take Screenshots of the results.
- After the san you may want to send your rootkitfiles to Panda.
Make us see the Screenshots of the Panda Anti-Rootkit Scan.Open your antivirus/antispyware,
before connecting to the Internet!
Asking for advice: please make us see all logfiles.(Learn here how to create a new folder: Windows Tutorial.)
