Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GMER for Windows 7 64bit OS?


  • Please log in to reply
7 replies to this topic

#1 MissHelloKitty

MissHelloKitty

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 06 May 2010 - 07:52 AM

My Avira AntiVir found a trojan. I need help with this, followed the instructions from bleepingcomputer's anti-malware forum. I downloaded the GMER opened it and received the following pop up window from it:

C:\Windows\system32\config\system
The system can not find the file specified.

I'm running Windows 7 64bit OS

What do I need to do? Thanks in advance for your help!

BC AdBot (Login to Remove)

 


#2 marktreg

marktreg

  • Members
  • 403 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 06 May 2010 - 01:42 PM

Hi MissHelloKitty,

GMER will not work on Windows 7 64bit. There are some other rootkit detectors that will work on 64bit systems, like RootAlyzer, for example. But, to be quite honest, I'm not sure if there are any rootkits that can infect a Windows 7 64bit system. They would either have to use digitally signed files or be 'userland'. There may be some, but I don't know of any at the moment.

But this is not really helping you. So I think the best thing is for you to post what logs you have in the 'Virus, Trojan, Spyware, and Malware Removal Logs' section and just tell them that GMER would not run on your system.

Don't worry. The expert helpers in that forum will look after you. :thumbsup:

Edited by marktreg, 06 May 2010 - 02:17 PM.


#3 MissHelloKitty

MissHelloKitty
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 06 May 2010 - 04:58 PM

Thank you martktreg for your helpful info! It's much appreciated. :thumbsup:

#4 marktreg

marktreg

  • Members
  • 403 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 06 May 2010 - 05:11 PM

No problem, MissHelloKitty. Glad I could help. :thumbsup:

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:31 AM

Posted 07 May 2010 - 06:42 AM

GMER is not 64-bit compatible...it is not able to load it's driver so the user should see an error message. Due to the architecture in 64-bit Windows and the fact that 64-bit drivers need to be digitally signed, rootkits are not seen as often in 64-bit machines so they are less prone to that type of infection. As such, it is very unlikely that there will be a 64-bit version of GMER since that OS is more secure than a 32-bit system.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 MissHelloKitty

MissHelloKitty
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 07 May 2010 - 09:06 AM

Thanks for explaining that quietman7!

Next question-- How do I remove the GMER properly from my laptop? Do I just delete it and that does the job or what? Thanks in advance.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:31 AM

Posted 07 May 2010 - 09:20 AM

Normally to remove GMER, you go to Posted Image > Run..., and in the Open dialog box, type: C:\windows\gmer_uninstall.cmd
Click OK or press Enter.

GMER installs several files as part of its routine to include the above gmer_uninstall.cmd. However, since GMER didn't run, it probably did not load them and you can manually just delete it.

Alternatively, you can download OTC by OldTimer and save to your Desktop.
  • Connect to the Internet and double-click on OTC.exe to start the program.
  • Click on the green CleanUp! button.
  • If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.
  • When it has finished, OTC will ask you to reboot so it can remove itself.
-- Doing this will remove any specialized tools downloaded and used. If OTC does not delete itself, then delete the file manually
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 MissHelloKitty

MissHelloKitty
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 07 May 2010 - 09:41 AM

I gues I'll just have to manually delete it. I downloaded and ran OTC by OldTimer, but it didn't delete GMER. Thanks again for your help!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users