active root kit remover?

[Vlk]

Basically, it produces lots of data but only RED entries are of interest (unless you really know what to look for).
But the efficiency of the program consists in showing the RED entries whenever necessary.
Additionally, if you right-click any of the red entries, the program lets you "fix" it.

Cheers
Vlk

[Lisandro]

Thanks. I'll give it a try.

[Spiritsongs]

   Hi Vlk & Others :

     Have never disagreed with you before Vlk but everthing I read on the
     various threads on the "other anti-malware software" forum at Wilders
     ( www.wilderssecurity.com/forumdisplay.php?f=35 ) indicates that
       GMER is NOT the best ; see threads such as :
      www.wilderssecurity.com/showthread.php?t=168814  and
      www.wilderssecurity.com/showthread.php?t=157547  and our thread at
      http://forum.avast.com/index.php?topic=26128.0  .

[WuLFe]

yep, i agree with Vlk, currently using Gmer and Darkspy...

is Icesword still being updated..?

[Vlk]

Spiritsongs,

1. During the last year, GMER has vastly improved.

2. Saying that a certain program is BEST is of of course always a bit exaggeration (there's nothing like BEST antivirus, BEST firewall, BEST antirootkit etc.) but what I said is my personal oppinion based on certain facts and some personal sympathies.

3. I don't think the threads over at Wilders' (that you linked) indicate that GMER is "not the best". The first one doesn't mention GMER at all and the second one is of these super-lengthy threads that never lead to anything...

4. The test carried out by informationweek (mentioned in the thread on the avast forum) is definitely NOT something I'd base my judgements on... Compare this to magazine tests of antivirus software.


Cheers
Vlk

[footballer62]

ok, here are some images of what turns up in rootkit unhooker RIGHT when my pc has just booted up.

I also made a new discovery into this matter, it seems that what ever new program that gets loaded gets hooked within few minutes as well. I found this out as I booted up AIM, and about 5 minutes later it was hooked (and thus I had to unhook it). It was not hooked before I loaded it, as nothing was hooked at that point (unhooked everything on my pc after boot up).

This just keeps getting weirder and weirder!

[Vlk]

A347bus.sys belongs to Alcohol120. The second driver belongs to AVG Antispyware.
I don't see anything suspicious on the screenshot you posted...

[footballer62]

and the second part...

[footballer62]

A347bus.sys belongs to Alcohol120. The second driver belongs to AVG Antispyware.
I don't see anything suspicious on the screenshot you posted...

thats the thing, there is something on my system that is getting into these programs, and "hooking" them, the second pic has quite a few from window blinds (wblinds), myspace im, ect, but what in the world is messing with my pc like this?

btw, the first pic is of the SSDT hooks detector/restorer, the second is of the code hooks section in rootkit unhooker.

[WuLFe]

hmmm... i dont think anything's wrong with those hooks in the second screenshot you posted either... and its natural for some programs to hook into other progs, so it would work, especially AVs, otherwise it would be useless