Solved! Kernal Rootkit Removal/Identification?

[kangodafi_1]

I have a root kit installed on my computer, I haven’t got a clue how to find it or remove it. My fear is that it is a kernel root kit and I’m pretty done for atm. If anyone can offer help then thanks.


I managed to find a very suspicious file if anyone knows what it is. It’s called 4127879B, it runs as a .sys file.
Here’s a picture: https/imgur.com/a/himM4OE

 

[Ralston18]

Download, install, and configure Malwarebytes (free). Be sure that you go to the real Malwarebytes website.

https/www.malwarebytes.com/mwb-download/

Then scan your computer accordingly.

 

[kangodafi_1]

Didn’t work

 

[Ralston18]

By "Didn't work" you mean the file was not deleted or removed?

May be a false positive.

Look in Startup. Do you see anything being launched that you do not or cannot recognize?

Consider TDSSKiller (Kaspersky Lab):

https/www.bleepingcomputer.com/download/tdsskiller/

 

[shknawe]

Read this-----https/www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&cad=rja&uact=8&ved=2ahUKEwi34fqpqePfAhUNZd8KHfp8Bf0QFjABegQIBxAE&url=https%3A%2F%2Fwww.file.net%2Fprocess%2Fmbamchameleon.sys.html&usg=AOvVaw1j832xyddGdy2ZT12tGZBH

 

[shknawe]

Try this--https/download.cnet.com/Bitdefender-Rootkit-Remover-64-Bit/3000-2239_4-75860215.html

 

[rgd1101]

I have a root kit installed on my computer, I haven’t got a clue how to find it or remove it. My fear is that it is a kernel root kit and I’m pretty done for atm. If anyone can offer help then thanks.


I managed to find a very suspicious file if anyone knows what it is. It’s called 4127879B, it runs as a .sys file.
Here’s a picture: https/imgur.com/a/himM4OE

What software is that that find the file?

 

[shknawe]

if you have one it should find it

 

[shknawe]

have you clicked on that 4127879b in system 32 to see what its properties are?