said by SweetNoob :upon further research it seemed to be part of the ijji game reactor program...i uninstalled it months ago and this little rootkit remained.
why do people even attempt a clean up after their system has been compromised? just format, reinstall, don't copy any files left over from the infected machine, change passwords and avoid what lead to the infection
also i heard gmer is the worst anti rootkit.
It's two different schools of thought. One could extend the reformat argument to things like simple spyware or well documented and easily removable trojans.
Oddly, for many years though, I was very against this idea. I preferred to manually yank rootkits out if there was no damage to core operating system files beyond reasonable repair. During the height of the Windows XP rootkit saga, Rootkit Unhooker was plenty capable of removing every in-the-wild rootkit with relative ease. Unfortunately, the author of RkU hasn't updated the public version in a very long time, but the rootkits have continued evolving.
Contrarily, on a Linux system, I have always felt that if the machine were rootkitted, the entire OS should be immediately re-installed. Today, I would probably follow this philosophy with Windows as well, because Windows Vista/7/8 re-install much quicker and easier than shitty Windows XP.
If you do take the re-install route, you can back things up, but only things that you're certain weren't part of the infection vector/potentially infected. I would have no qualms about backing up my music, pictures, documents, etc after a rootkit as long as I knew the infection wasn't a mass file infector.
Lastly... a few words about GMER. GMER was recently updated for x64 support, including Windows 8. It's one of very few standalone anti-rookit tools that still exist and receive updates, as well as have x64 and Windows 8 support.
Back in the day, however, there was quite a bit of GMER bashing. GMER had *good* detection, but it was bypassed from time to time, and then eventually updated. I would imagine it would detect and remove mostly everything in the wild today, but that's just my guess and I truthfully have no idea. For all I know, it could have insanely crappy detection (or none at all) for some of the more advanced rootkits. Kaspersky's AV engine has always had pretty excellent detection and removal capabilities, and MSE's scanning engine is regularly updated to support detection and removal of newer rootkits... though I've had mixed results with it over the past few years while using it in practice. TdssKiller (by Kaspersky) has found TDL4 MBR infections that MSE has missed on several occasions. Hitman Pro, for a while, had very excellent rootkit detection, and still probably does. Malwarebytes has probably improved their rootkit detection enormously. Avast uses GMER technology (whatever the hell that means). ESET's rootkit detection was a mixed bag for a while... not sure if it ever improved. Likely, it did.
Bottom line: If you are using Windows, use an x64 version, preferably Windows 8, to be the least likely to be infected with a rootkit. Unfortunately, I don't know if there's currently anything in the wild that infects x64 Windows 8. I do know there are working x64 Windows 7 rootkits... several of them, attacking mostly the MBR (and probably *all* detected by Tdsskiller). For best results, use *everything* and/or reformat