Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot Run A Full Scan Of GMER


  • Please log in to reply
5 replies to this topic

#1 Cuhathol

Cuhathol

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:57 PM

Posted 04 October 2010 - 05:20 PM

I do not suspect there to be any rootkits on my laptop but decided to perform a scan just to be sure.

I downloaded GMER as a randomly named file, the program opens and I begin the scan. It usually continues for about five or so minutes before I receive a message telling me that the program has stopped working and only gives me an option to end the process.

I understand this isn't much to work with, so if there is any other information I can provide please ask.

Thanks in advance.

Edited by Budapest, 04 October 2010 - 07:21 PM.
Moved from Vista ~BP


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 PM

Posted 04 October 2010 - 09:26 PM

Try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning[/color][/i].
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:57 PM

Posted 05 October 2010 - 08:07 AM

GMER is a stand-alone tool that will help investigate for the presence of rootkits. It will not actually tell you if you are infected or not unless you know what you're looking for. If you're unsure how to use a particular Anti-rootkit (ARK) tool or interpret the log it generates, then you should not be using it. Some ARK tools are intended for advanced users or to be used under the guidance of an expert who can interpret the log results. Arks are powerful tools and using them incorrectly could lead to disastrous problems with your operating system. Most of the more effective ARK tools like GMER should only be used under the guidance of an expert who knows how to investigate its log for malicious entries before taking any removal action.

Why? Not all hidden components detected by ARKs are malicious. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. SSDT (System Service Descriptor Table) is a table that stores addresses of functions that are used by Windows. Whenever a function is called, Windows looks in this table to find the address for it. Both Legitimate programs and rootkits can hook into and alter this table. You should not be alarmed if you see any hidden entries created by legitimate programs after performing a scan.

There are many free ARK tools but some of them require a certain level of expertise and investigative ability to use. These are a few of the easier ARKS for novice users:Malwarebytes Anti-Malware uses a proprietary low level driver (similar to some ARK detectors) to locate hidden files and special techniques which enable it to detect a wide spectrum of threats including active rootkits. SUPERAntiSpyware Free offers technology to deal with rootkit infections as well.

Edited by quietman7, 05 October 2010 - 08:20 AM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Cuhathol

Cuhathol
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:57 PM

Posted 05 October 2010 - 11:10 AM

Thank you both for the replies.

After the information that quietman7 posted I think I will use an easier program like those which were suggested as I don't consider myself at all close to being an expert with rootkits.

Edited by Cuhathol, 05 October 2010 - 11:36 AM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:57 PM

Posted 05 October 2010 - 12:09 PM

I forgot to include the link to the Sophos Anti-Rookit User Manual.

Also Avira updated their AntiRootkit Tool and it now requires an Avira product to be installed in order to use it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Cuhathol

Cuhathol
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:57 PM

Posted 05 October 2010 - 12:48 PM

Once again, thank you for the information.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users