Showing results for 
Search instead for 
Did you mean: 

I can't remove NTOSKRNL-HOOK!

A while ago i did a virus scan in McAfee and it found a virus on call NTOSKRNL-HOOK it said it was removed so i left it and thought nothing of it (which is strange cos if anything comes up and i delete it i usually scan again. But anyway i scanned again about a week later and it was still there and the first time i tried to scan it had an error and say that it couldn't find progress.
Then i tried malwarebytes and Superanti spyware in normal and safe mode and its still there. But now when I scan in mcaffe it has there error and shuts the computer off and brings up the blue screen of death. If it helps my computer has had 2 major crashs before the 1st time it was the motherboard and the second time it was viruses.
And ive heard combofix worked for other people but i didn't want to use it because alot of people say its powerful and you have to be careful so i didnt want to use it without proper instruction
Labels (2)
7 Replies

RE: I can't remove NTOSKRNL-HOOK!

NTOSKRNL (The Windows main Kernel) hook is a generic name for detections of modification to the system designed to hide or protect bad files. Usually, they can only be removed manually using special software or by using an offline OS (booting to a CD or Recovery Console) and manually removing the bad files.

I have created a BootCD that can help make the process a little easier than the Windows Recovery Console. You can check it out at the following link:

Secured2k BootCD - Malware/Rootkit Removal

Note: Wireless internet while in the Boot CD environment will be added in the next version within the week.

RE: I can't remove NTOSKRNL-HOOK!

i read the page and i just want to know what it will actually do and if i will keep my files

RE: I can't remove NTOSKRNL-HOOK!

The BootCD description pages are fairly complete and self explanatory. If you have questions about the documentation, please quote the section you do not understand and I will try to answer it and update the post in the future.

Secured2k Boot CD saved me!!!

Thank you. Secured2k Boot CD saved me!!!

The laptop I was working on would not launch programs like Internet Explorer or even MalwareBytes so that I could scan. Started getting blue screens and was unable to use "msconfig" to go into safe mode. McAfee detected but could not effectively clean multiple issues including NTOSKRNL Hook problem.

Had to run both the McAfee VirusScan and ESET Online Scanner to get things cleaned up. After that I was able to run the Bonus: QuickScan (for use in Normal Windows) and then my copy of MalWareBytes, to be completely safe. Time consumming but WELL worth it. Everything is back to normal.:D

RE: Secured2k Boot CD saved me!!!

Awesome! I'm glad my CD has helped you. At this very moment, I'm working on bug fixes for 1.7 that will add Wireless support and get basic network drivers off the hard drive!

RE: Secured2k Boot CD saved me!!!

sorry i forgot to reply back but the cd worked perfectly and now have no problems any more so thank you very much secured2k

RE: Secured2k Boot CD saved me!!!

I'm glad I was able to help.


Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community