cant get rid of rootkit.agent

August 2, 2010 at 09:26:35
Specs: Windows XP, 2.2Ghz single core/1.46Gigs of ram
i cant get rid of this annoying ads, trailers n other sounds off my computer, ive found a rootkit.agent n removed it but its came back agian help me

See More: cant get rid of rootkit.agent

Report •


#1
August 2, 2010 at 10:01:01
Hi, first, please run Rkill from the following link: http://download.bleepingcomputer.co...

Once run, Do NOT reboot, as this will cause the malware to reboot.

After running Rkill, please download Gmer from the following link: http://majorgeeks.com/downloadget.p...

and follow these instructions very carefully:

Before scanning with Gmer, please do the following in this order...

1) Disconnect from the internet and close ALL running programs.

2) Disable any Anti-Virus/Anti-Spyware software currently running to avoid conflicts.

3) Double click on "Gmer.exe", and allow it's .Sys driver to load.

4) Gmer will then open and run a quick scan. please DO NOT USE THE COMPUTER WHILE THE SCAN IS IN PROGRESS.

5) If you receive a warning about Rootkit Activity on your system and are asked to do a full scan click No.

6) Click the Scan button, and if you see a Rootkit Warning window click Ok (it should be the only option in the dialog box).

7) When the scan is finished, please click Save, and save the log to your desktop as Gmer.log

8) Click the Copy button and paste the log into your next reply.

9) Re-enable any Anti-Virus/Anti-Spyware software and any other security software you've disabled (Firewall).

Notes: If Gmer results in a BSOD or crashes please uncheck<b/> "Devices" on the right side of the program before scanning. Also, if you encounter problems while scanning in normal mode, please try scanning in Safe Mode.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#2
August 2, 2010 at 11:19:14
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-08-02 14:16:46
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Kenny\LOCALS~1\Temp\kgdoraod.sys


---- System - GMER 1.0.15 ----

Code \??\C:\DOCUME~1\Kenny\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- Processes - GMER 1.0.15 ----

Process C:\Program Files\Internet Explorer\iexplore.exe (*** hidden *** ) 1900
Process C:\Program Files\Internet Explorer\iexplore.exe (*** hidden *** ) 2296
Process C:\Program Files\Internet Explorer\iexplore.exe (*** hidden *** ) 2992
Process C:\Program Files\Internet Explorer\iexplore.exe (*** hidden *** ) 3380
Process C:\Program Files\Internet Explorer\iexplore.exe (*** hidden *** ) 3720

---- EOF - GMER 1.0.15 ----


Report •

#3
August 2, 2010 at 12:22:56
Are you still having issues?. And by ads do you mean you're hearing audio ads when nothings open, clicking tabs in IE, and or your volume control goes mute on it on?.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

Related Solutions

#4
August 2, 2010 at 14:16:27
im hearin audio with nothin open, n i dont use IE, i use firefox or chrome

Report •

#5
August 2, 2010 at 17:30:48
Ah, thank you for telling me that!. You have a Bootkit (same concept as a Rootkit, but it infects your Master Boot Record), please visit this link which should hopefully fix the problem: http://forums.majorgeeks.com/showth...

Before following those steps from the Major Geeks link, I would also look at this thread to: http://forums.majorgeeks.com/showth...

Please let me know if the above posts solve your issue, and please follow those instructions given by the Major Geeks Malware Expert in that thread very carefully, as messing up a step could cause your computer to not boot.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#6
August 4, 2010 at 15:07:17
fixed it, i used combofix when i was still tryin to get rid of it, i used the windows recovery that combofix gave me n i had it renew the MBR

Report •

#7
August 4, 2010 at 21:46:37
Glad I could help!

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#8
January 30, 2011 at 19:29:08
im having the same problem but i dont know if its the same solutions for my problem

Report •


Ask Question