Home
i'm an actor, not a reactor

Primary links

  • About
    • $upport (lol)
    • Ethics
    • FAQ
    • Glossary
    • Privacy Policy
  • Contact
  • MGoStore
    • Hail to Old Blue
  • MGoBoard
    • MGoBoard FAQ
    • Michigan bar locator
    • Moderator Action Sticky
  • Useful Stuff
    • Depth Chart By Class
    • Hoops Depth Chart by Class
    • 2017 Recruiting Board
    • Unofficial Two Deep
    • MGoFlickr
    • Diaries, Windows Live Writer, And You
    • User-Curated HOF
    • Where To Eat In Ann Arbor
  • Schedule/Tix
    • Future Schedules (wiki)
    • Ticket spreadsheet
Home Forums MGoBoard

Navigation

  • Forums
  • Recent posts

User login

  • Create new account
  • Request new password

MGoElsewhere

  • @MGoBlog (Brian)
  • @aceanbender
  • @Misopogon (Seth)
  • @Aeschnepp (Adam)
  • @BISB
  • @EUpchurchPhoto
  • @FullOfTwitt (Fuller)
  • Hail to the Victors 2016
  • MGoFacebook
  • MGoPodcast
  • WTKA
  • Instagram

Michigan Blogs

  • Big House Blog
  • Burgeoning Wolverine Star
  • Genuinely Sarcastic
  • Go Blue Michigan Wolverine
  • Holdin' The Rope
  • MVictors
  • Maize 'n' Blue Nation
  • Maize 'n' Brew
  • Maize And Go Blue
  • Michigan Hockey Net
  • MMMGoBlueBBQ
  • The Blog That Yost Built
  • The Hoover Street Rag
  • The M Zone
  • Touch The Banner
  • UMGoBlog
  • UMHoops
  • UMTailgate
  • Wolverine Liberation Army

M On The Net

  • mgovideo
  • MGoBlue.com
  • Mike DeSimone
  • Recruiting Planet
  • The Wolverine
  • Go Blue Wolverine
  • Winged Helmet
  • UMGoBlue.com
  • MaizeRage.org
  • Puckhead
  • The M Den
  • True Blue Fan Forum

Big Ten Blogs

  • Illinois
    • Illinois Loyalty
    • Illinois Baseball Report
  • Indiana
    • Inside The Hall
    • The Crimson Quarry
  • Iowa
    • Black Heart, Gold Pants
    • Fight For Iowa
  • Michigan State
    • The Only Colors
  • Minnesota
    • GopherHole.com
    • The Daily Gopher
  • Nebraska
    • Corn Nation
    • Husker Max
    • Husker Mike's Blasphemy
    • Husker Gameday
  • Northwestern
    • Sippin' On Purple
    • Lake The Posts
  • Notre Dame
    • The House Rock Built
    • One Foot Down
  • Ohio State
    • Eleven Warriors
    • Buckeye Commentary
    • Men of the Scarlet and Gray
    • Our Honor Defend
    • The Buckeye Nine
  • Penn State
    • Slow States
    • Black Shoe Diaries
    • Happy Valley Hardball
    • Penn State Clips
    • Linebacker U
    • Nittany White Out
  • Purdue
    • Boiled Sports
    • Hammer and Rails
  • Wisconsin
    • Bruce Ciskie

Links of Note

  • Baseball
    • College Baseball Today
    • The College Baseball Blog
  • Basketball
    • Ken Pomeroy
    • Hoop Math
    • John Gasaway
    • Luke Winn/Sports Illustrated
  • College Hockey
    • Chris Heisenberg (Class of 2016)
    • College Hockey Stats
    • Michigan College Hockey
    • Hockey's Future
    • Sioux Sports
    • USCHO
  • Football
    • Smart Football
    • Every Day Should Be Saturday
    • Matt Hinton/Grantland
    • Football Study Hall
    • Football Outsiders
    • Harold Stassen
    • NCAA D-I Stats Page
    • The Wizard Of Odds
    • CFB Stats
  • General
    • Sports Central
  • Local Interest
    • The Ann Arbor Chronicle
    • Arborwiki
    • Arbor Update
    • Ann Arbor Observer
    • Teeter Talk
    • Vacuum
  • Teams Of The D
    • Lions
      • Pride of Detroit
    • Pistons
      • Detroit Bad Boys
      • Need4Sheed
    • Tigers
      • Roar Of The Tigers
      • Bless You Boys
      • The Daily Fungo
      • The Detroit Tigers Weblog
    • Red Wings
      • Winging It In Motown
      • On The Wings
    • Michigan Sports Forum

Beveled Guilt

Site Search

Diaries

  • New
  • Popular
  • Hot
  • Thirteen unlucky minutes (TL;DNR-This is a bit of rant about the refs)
    docwhoblocked - 2 weeks ago
  • Fan Satisfaction Index End of Season Bball Survey
    OneFootIn - 2 weeks ago
  • How likely are we to revert to the mean?
    Bo Glue - 2 weeks ago
  • It's time to avenge Villanova's 1985 NCAA tourney upset over Michigan
    Communist Football - 2 weeks ago
  • 14 Months Ago: The Fire Beilein Threads.
    stephenrjking - 3 weeks ago
  •  
  • 1 of 2
  • ››
more
  • This Month in MGoBlog History - March 2008: Pryor isn't coming, Boren has left, and some academic fraud allegations sprinkled in
    Maize.Blue Wagner - 215 comments
  • The Ballad of Jordan Poole
    k.o.k.Law - 176 comments
  • 14 Months Ago: The Fire Beilein Threads.
    stephenrjking - 91 comments
  • PreSpring Football updates from Sam Webb
    AZBlue - 90 comments
  • Thirteen unlucky minutes (TL;DNR-This is a bit of rant about the refs)
    docwhoblocked - 61 comments
  •  
  • 1 of 2
  • ››
more

MGoBoard

  • New
  • Recent
  • Hot
  • OT: How do some student-athletes finish a bachelors so quickly (to transfer)?
    47 replies
  • OT: Avicii dead at 28
    47 replies
  • Chase Young becomes highest drafted Michigan lacrosse player
    18 replies
  • Podcast discussion on the conference
    30 replies
  • Matthews Declares WITHOUT agent
    42 replies
  • OT - Jalen Hurts possibly looking to transfer
    105 replies
  • Game Day Condos - who's gonna buy one?
    67 replies
  • OT: Arsene Wenger set to retire from Arsenal FC
    48 replies
  • OT: The Cube Inaccessible Until Fall 2019
    21 replies
  • It’s Friday - Time to POSBANG!!
    74 replies
  • RIP Earle Bruce
    46 replies
  • Final 2018 Basketball COMPOSITE Rankings
    34 replies
  • OT: Map of college stadiums that sell alcohol
    89 replies
  • Auston Robertson arrested again
    59 replies
  • Michigan announces single-game ticket prices for 2018 football season
    36 replies
  •  
  • 1 of 6
  • ››
  • Belleville coach Jermain Crowell mad at UM again
    243 replies
  • "Being Not-Rich at UM" Guide
    168 replies
  • HELP WANTED! I'm moving to Chicago for school and I need good haunts to watch football/basketball games. Recommendations?
    61 replies
  • 2018-19 Michigan Basketball B1G slate announced
    43 replies
  • Michigan announces single-game ticket prices for 2018 football season
    36 replies
  • CBS Sports: Shea Patterson details scope of Ole Miss deception in lengthy letter to Michigan
    41 replies
  • NCAA changes rules to restrict James Doug Foug's super power
    107 replies
  • Angelique on Patterson Transfer
    58 replies
  • Karsen Barnhart - did we cool on him?
    91 replies
  • Q&A with FB Ben VanSumeren--Video
    10 replies
  • Final 247 Basketball rankings published
    43 replies
  • OT: Gregg Popovich's wife Erin dead at 67
    23 replies
  • Apparently, the NCAA has already received a response from MSU about Nassar
    61 replies
  • OT: NFL Schedule Release
    12 replies
  • No additional protest of Shea Patterson appeal by Ole Miss
    113 replies
  • ‹‹
  • 2 of 6
  • ››
  • Why should we be optimistic about 2018 M football?
    273 replies
  • Belleville coach Jermain Crowell mad at UM again
    243 replies
  • Police investigating Elysee Mbem-Bosse for death threat against Harbaugh
    224 replies
  • "Being Not-Rich at UM" Guide
    168 replies
  • Buckle Up
    159 replies
  • Scouting the Enemy: Ohio State QBs are Good
    158 replies
  • Semi-OT: What sports would you fix?
    158 replies
  • Elysee Mbem-Bosse disturbing tweets
    157 replies
  • Whats the Best Way to Make Flight Arrangements?
    149 replies
  • Wagner to NBA
    141 replies
  • Urban Meyer throws more shade at Michigan
    141 replies
  • FB new Nutrition plan under Herbert is well received by players
    132 replies
  • What past season would you have liked to see an Amazon-style documentary on?
    121 replies
  • OT: best-selling musical artists by state of birth
    120 replies
  • The Ice Storm Cometh - And Your Favorite Winter Storm
    119 replies
  •  
  • 1 of 6
  • ››

Support MGoBlog: buy stuff at Amazon

OT- ZeroAccess rootkit trojan: Anyone with experience/advice on removing?

55 posts / 0 new
Login or register to post comments
Last post

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
June 11th, 2012 at 3:52 PM
#302
Moleskyn
Moleskyn's picture
Joined: 06/28/2010
MGoPoints: 5343
To be honest, just treat

To be honest, just treat yourself to a new laptop. In this day and age, any piece of technology over 5 years old is ancient. Plus, Vista was an awful OS. Windows 7 is so much faster, easier to use, etc. I'm sure this will draw some snarky responses from Mac or Linux users, but whatever. Depending on what you need out of a computer, you could easily find a decent one for well under $1,000.

Top
  • Login or register to post comments
June 11th, 2012 at 4:02 PM
(Reply to #2) #303
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
The thought has crossed my mind...

I'd prefer first to make a good effort at saving my current machine, before buying a new one w/$$ that I'd rather spend on other family priorities right now. That's just how I am when it comes to big-ticket items -- e.g., the family minivan has 65k miles on it and I plan on us driving that thing until the 150k mark at least before even thinking about getting a new one. 

But I'm preparing myself mentally for the prospect that you might be right.

Top
  • Login or register to post comments
June 11th, 2012 at 4:36 PM
(Reply to #5) #304
Moleskyn
Moleskyn's picture
Joined: 06/28/2010
MGoPoints: 5343
I hear you! My car is coming

I hear you! My car is coming up on 190K, and I'm hoping to milk 200K out of it. As I said below, my laptop at home has Vista on it, but I don't use it often enough to warrant a replacement at this point. Plus, higher financial priorities right now. But having used work laptops with Windows 7 for the past couple of years, I greatly prefer 7 to Vista.

Top
  • Login or register to post comments
June 11th, 2012 at 4:02 PM
(Reply to #2) #305
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
Vista was not an awful OS. It

Vista was not an awful OS. It had a very rocky launch due to lack of driver support and it had new features that some people didn't like, which could be turned off in 10 seconds. Windows 7 is basically Windows Vista with a new skin and a few new features. Nothing changed under the hood, which is why it had a much smoother launch and everyone loves it. Once it got off to a rocky start, all of the bad reviews came out and that frame of mind stuck around. I guarantee that Windows 8 is doomed because it offers so many new features that many won't like. They won't bother to look into how to turn those settings off and they will label it as a failure, just like they did with Vista.

Top
  • Login or register to post comments
June 11th, 2012 at 4:34 PM
(Reply to #6) #306
Moleskyn
Moleskyn's picture
Joined: 06/28/2010
MGoPoints: 5343
Eh, I disagree. I got a Dell

Eh, I disagree. I got a Dell with Windows Vista on it, and I really liked the OS compared to XP. But it wasn't the features that turned me off from it. It was the performance. It took longer to boot than XP. FWIW, I still have that laptop at home, and use it, but my work laptop has Windows 7 and I like this one a lot more than the one at home. Maybe my view of Vista is jaundiced since the time when I used it most heavily was not long after it came out. Vista was a necessary step for Microsoft to take, since they botched the version before that (can't remember the name, it was something native-Americanny if I remember correctly), but Vista was a bridge between XP and Windows 7. From what I've read, Microsoft is going to be rolling out new operating systems every few years now; a lot more frequently than the amount of time that went between XP and Vista, at least.

Top
  • Login or register to post comments
June 11th, 2012 at 5:23 PM
(Reply to #14) #307
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
Longhorn was the code name.

Longhorn was the code name.

Top
  • Login or register to post comments
June 11th, 2012 at 4:47 PM
(Reply to #6) #308
JHendo
JHendo's picture
Joined: 10/25/2008
MGoPoints: 13711
Windows Vista with the latest

Windows Vista with the latest service pack is essentially Windows 7.  Transversely, Windows 7 really should have just been a final service pack for Vista (even though thems is fighting words to some people).  That being said, the early versions of Vista were god awful and it is a terrible OS.

To put it in football terms, if a football team had lost it's first 10 games of the season, but somehow pulled off a couple shockers to win it's final 2 against decent teams, it doesn't stop the fact that they're a terrible 2-10 team at the end of the day.

Top
  • Login or register to post comments
June 11th, 2012 at 5:38 PM
(Reply to #19) #309
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
My point was that the early

My point was that the early versions of Vista were god awful because they changed the framework for drivers and the hardware manufacturers didn't do anything about it until after launch. That was the single biggest issue with Vista. It literally made Vista unusable, but there wasn't anything that Microsoft could do about it, but all of the blame falls on them because what worked in XP no longer worked in Vista.

There were other bugs, but there were lots of bugs for Windows 7's launch too. It's just that those issues got exacerbated in the media because of the issues with the drivers. Then, you throw new features, like UAC, which were pretty much universally hated, into the mix and you get a perfect storm of events that places the entire OS into a bad light for it's lifespan, even though, the new features could be turned off, the bugs were fixed in a timely fashion just like every other launch, and the hardware manufacturers got their act together and fixed their drivers (for the most part) within a week of launch.

If you are going to compare it to a football season, I'd say it was much more like a team that had extremely high expectations, but lost it's first game inexplicably, then lost it's second game, basically condemning the whole season. That team then goes on a huge win streak, but even though it did everything right in the end, the first two losses, particularly the first one, will always hang over it's head, even if they win their conference and bowl game.

Top
  • Login or register to post comments
June 11th, 2012 at 11:35 PM
(Reply to #27) #310
ChopBlock
ChopBlock's picture
Joined: 12/11/2011
MGoPoints: 2434
So basically 2007

But think of the kittens!

Top
  • Login or register to post comments
June 11th, 2012 at 8:45 PM
(Reply to #6) #311
switch26
Joined: 02/04/2010
MGoPoints: 4933
sorry to say, but you know

sorry to say, but you know nothing about computers..  Vista was TERRIBLE..  they even acknowleged how bad it was.

 

Win7 is beyond far and above vista..  If your computer can handle vista, you should be able to easily upgrade to Win7...  win7 had a rocky start?  huh?  

 

There isn't the same frame of mind with win7 as win vista at all..   Not sure who you talk to or who you hang around with, but Win7 has never had a problem on my rig, but i custom build PC's and Vista was nothing but a joke, and Win7 has run flawless.. You are wrong sorry

 

I agree win8 could be not for everyone, but who cares..  Vista sucked period..  Sorry to break your heart

 

this was in response to joeyb, but it didn't reply properly

 

 

 

In other news.. i have no clue how you people get so many viruses/malware.. Once i rebuilt my new rig, i didn't download stupid shit and i never have problems ever.. 

Top
  • Login or register to post comments
June 11th, 2012 at 9:03 PM
(Reply to #36) #312
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
I never said that Windows 7

I never said that Windows 7 had a rocky start. I said it had bugs like everything else. XP had them too. Every release of OS X and Linux has them too, but they get patched. Windows 7 is the Windows 6.1 kernel with a new user interface, i.e. Windows 7 is Windows Vista with a new skin. They changed nothing on the back end, which is why Windows 7 works flawlessly on all machines; the manufacturers had 3 years to get the drivers perfect with Vista.

I really don't care if you don't like Vista. That's your opinion and you have a right to it. It just bothers me when people try telling people that they have to "upgrade" from Vista to Windows 7 because of bad reviews stemming from issues that were fixed within the first month of release.

And before you twist my words again, I liked Vista since Beta and thought it was a huge step up from XP. I like Windows 7 even more than Vista due to the interface, but I'm familiar enough with what's underneath the skin that I know they are pretty much the same OS.

Top
  • Login or register to post comments
June 11th, 2012 at 10:22 PM
(Reply to #37) #313
htownwolverine
htownwolverine's picture
Joined: 09/02/2009
MGoPoints: 7149
Ha Windows ME was the worst!

Ha Windows ME was the worst! Complete garbage!

Top
  • Login or register to post comments
June 11th, 2012 at 10:24 PM
(Reply to #40) #314
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
No arguments here.

No arguments here.

Top
  • Login or register to post comments
June 11th, 2012 at 10:37 PM
(Reply to #40) #315
M - Flightsci
M - Flightsci's picture
Joined: 06/30/2008
MGoPoints: 343
Godawful

Godawful

Top
  • Login or register to post comments
June 12th, 2012 at 9:33 AM
(Reply to #37) #316
Hannibal.
Hannibal.'s picture
Joined: 09/09/2008
MGoPoints: 6297
Vista's problems weren't

Vista's problems weren't fixed.  From a gamer's standpoint, it was an absolute;y attrocious operating system.  An terrible piece of festering monkey shit.  Knowing that there might be some problems, I kept a dual boot system with XP on an old hard drive.  Even a couple of years after Vista was launched, all of the games that I tried in both XP and Vista ran either the same or significantly better in XP (Crysis, Gears of War, GTA IV, and The Witcher are some of the ones that I tried).

When I upgraded from Vista to 7, the improvement was immediate and noticable.  If it's just Vista with a new coat of paint, then that is one effective coat of paint. 

Top
  • Login or register to post comments
June 11th, 2012 at 3:53 PM
#317
Hannibal.
Hannibal.'s picture
Joined: 09/09/2008
MGoPoints: 6297
I have this same problem

I have this same problem right now, and I have already backed up everything in anticipation of wiping and re-installing the operating system.  i even have a dual boot system and when I ran a virus scan and Malaware after booting up on the other drive, it still couldn't get it clean.  When I researched the problem, I found some solution-like substances that involved some complicated-looking stuff that had the risk of screwing up your system. 

Top
  • Login or register to post comments
June 11th, 2012 at 4:19 PM
(Reply to #3) #318
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
How will you be sure your backed up files are clean?

I've only read a little about this approach, but it seems to be another challenge -- how do you make sure all the files you've backed up are clean before you put them on the newly wiped computer? I'd hate to go through the hassle of a wipe/reinstall if I'm just going to reinfect the machine when I reload all the files I've saved.

Top
  • Login or register to post comments
June 11th, 2012 at 3:57 PM
#319
RowoneEndzone
RowoneEndzone's picture
Joined: 09/27/2008
MGoPoints: 3543
I've had the same one on my

I've had the same one on my wife's junk laptop for a year plus.  I just do important banking and buying from a different computer now.

Top
  • Login or register to post comments
June 11th, 2012 at 4:18 PM
#320
robbyt003
robbyt003's picture
Joined: 10/25/2010
MGoPoints: 9974
If you have everything backed

If you have everything backed up.. Just restore it to factory defaults and cut your losses.  While that is not a guarantee to remove the virus, 9 times out of 10 it days.  If you do not know how. here ya go.

http://support.gateway.com/s/software/microsof/Vista/7515910/7515910su9.shtml

 

Top
  • Login or register to post comments
June 11th, 2012 at 4:27 PM
(Reply to #7) #321
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
This is helpful, thanks

One question -- how does this ("Restore System to Factory Default") differ from this ("Full Factory Recovery")?

Top
  • Login or register to post comments
June 11th, 2012 at 10:40 PM
(Reply to #9) #322
M - Flightsci
M - Flightsci's picture
Joined: 06/30/2008
MGoPoints: 343
Apocalypse

You seriously just wipe the HDD's and don't attempt an in-place removal?  Wow... I worked for a college IT help desk and we would spend hours upon hours attempting to remove malware without resorting to nuking most of the data.  That certainly would have been a more efficient solution on our end, although in no way elegant.

Top
  • Login or register to post comments
June 11th, 2012 at 10:53 PM
(Reply to #44) #323
bluebloggin
bluebloggin's picture
Joined: 12/04/2010
MGoPoints: 500
I'm a network admin

And this approach is more common than you'd believe. It's up to the user to diligently backup because it's a waste of time to try and remove viruses especially if they're root kits. Root kits drive into the cornerstone and it's better to backup and nuke it.



With viruses your run the risk of leaving hangerons so just blow it up and be more careful next time

Top
  • Login or register to post comments
June 11th, 2012 at 4:24 PM
#324
jlcoleman71
jlcoleman71's picture
Joined: 07/15/2008
MGoPoints: 138
I've had similar rootkit

and trojan/malware issues in the past year, the standard programs were no good......malwarebytes and others did nothing.

I did some digging around online at the time and came across a program called "ComboFix.exe"...........I've used it twice now and have found it to be my last defense against these types of problems........it's looks ghetto and runs out of the DOS window........it runs an initial scan, will detect the problems and then ask to reboot.........once it reboots, it goes through a number of steps and ultimately got rid of the issues I had..........I was skeptical at first, but it works great.

You can download it from the cnet.com website.......and it's free.

http://download.cnet.com/Combofix/3000-8022_4-75221073.html

Top
  • Login or register to post comments
June 11th, 2012 at 4:52 PM
(Reply to #10) #325
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
Thanks -- have heard about ComboFix

It seems like nothing's foolproof, though - I've read of people using itand it still hasn't solved the problem (same goes for Malwarebytes, Kapersky/TDSSKiller, and all the rest). Guess I'll just have to try everything and see if any of them work!

Top
  • Login or register to post comments
June 11th, 2012 at 5:22 PM
(Reply to #21) #326
htownwolverine
htownwolverine's picture
Joined: 09/02/2009
MGoPoints: 7149
Combofix will remove pretty

Combofix will remove pretty much anything. I use it all the time. Run it two/three times and you should be ok. Kapersky and others like it are desiged for end users who are stupid and click on bad looking things (just kidding).

I have run my machines for 10 years with no AV. I use spyobt and superantispyware in the background and have Combofix and Malware Antibytes for cleaning.

Also, check out Hirens boot Cd as this has most any tool you need. Including the ability to load a lite version of Linux via flash drive to access hard drives when the dreaded Blue Screen of Death appears.

 

Check out this link sounds like this virus is a real MF'er :

 

Bleepingcomputer

 

Top
  • Login or register to post comments
June 11th, 2012 at 5:33 PM
(Reply to #22) #327
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
Ha!

"Kapersky and others like it are desiged for end users who are stupid and click on bad looking things (just kidding)."

I deserved that one. :-)

And yes, from everything I've read ZeroAccess is really nasty -- a tough nut to crack.

Top
  • Login or register to post comments
June 11th, 2012 at 5:36 PM
(Reply to #21) #328
Griff88
Griff88's picture
Joined: 01/26/2010
MGoPoints: 1401
Combofix

is very good. However, it's an extremely powerful program. If you are not sure what you are doing... Combofix can really screw things up. I would back everything you need first... then run combofix. Otherwise, if you make a mistake with combofix... you will not be able to boot up into windows.

Top
  • Login or register to post comments
June 12th, 2012 at 9:34 AM
(Reply to #26) #329
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
Thanks for the heads up

I've read of people having success using Combofix to remove the ZeroAccess rootkit only to find that they can't get an internet connection, can't connect to their network printer, etc.  So if I choose that path I'll proceed with caution (and probably with the help of one of the forums mentioned elsewhere in this thread).

Top
  • Login or register to post comments
June 11th, 2012 at 6:04 PM
(Reply to #10) #330
Philip A. Duey
Philip A. Duey's picture
Joined: 08/11/2011
MGoPoints: 290
Similarly...

rkill.exe has been a godsend for me; just download it to your computer, let it run, and it'll stop any processes that the rootkit/adware/whatever is using to block Malwarebytes or SuperAntiSpyware or whatever program you're trying to use.

Here's the download link:http://www.bleepingcomputer.com/download/rkill/

Top
  • Login or register to post comments
June 11th, 2012 at 4:30 PM
#331
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
So, here is my thought on

So, here is my thought on viruses. 90% of the time, anti-virus should take care of viruses with no issue. 9% of the time, you might have to do a little bit more, but everything works out. That 1% of the time, though, even if you manage to remove it from your system, it leaves it's mark behind. I find that when a virus is difficult to remove, the damage has already been done and it's easier to just cut your losses and start clean. I go with this mentality from the start and I keep all of my data separate from the OS. Lately, it's been a lot easier because I can keep almost everything online.

I know nothing about this particular rootkit, but, generally, rootkits are so deep in the system, they essentially become or appear to be part of the system, which is why they are so hard to remove. If you wipe, there should be no trace of the rootkit left over.

Depending on your priorities, here is what I would do.

  1. Back everything up.
  2. Try some of the more dangerous procedures to remove the virus (I'd skip this but it is an option).
  3. Format your system and start fresh.
  4. Get rid of McAfee, do a bit of research, and pick the best AV for you. I use Microsoft Security Essentials. Avast and AVG are also free. I've heard good things about Panda Security, but I think that costs money.

As Moleskyn mentioned above, there is the option of buying a new computer as well. That is not necessary, though, if your laptop was running to your satisfaction before the virus. If a computer is built right when you buy it, it can last years before it needs to be replaced. I built a computer for $600 6 years ago, replaced the graphics card 2 years ago, and it's still kicking. I won't upgrade that computer until I start having issues running software, which hasn't happened yet. If, however, your computer was slow, even before the virus, I suggest that you purchase a new laptop as reformatting would be like doing a full detail on a car with 150k miles on it that you don't plan on keeping for too much longer.

If you decide to do #2 in the list above, I found plenty of resources with a google search that should walk you through the steps necessary to remove it. You could also probably post on one of those forums and have someone help you one-on-one with your specific scenario.

Top
  • Login or register to post comments
June 12th, 2012 at 8:44 AM
(Reply to #12) #332
Moleskyn
Moleskyn's picture
Joined: 06/28/2010
MGoPoints: 5343
So, question: I've never had

So, question: I've never had a problem with a virus on my computer, so I've never really thought of these things, but regarding storing all of your data somewhere other than your hard-drive, do you mean you store all of your files (Word docs, Excel spreadsheets, etc.) elsewhere? You can't do that with program files, can you? For instance, I have a 320 GB external hard drive that I pretty much just use for pictures and videos and such, so that they don't bog down my computer, but could I place my executables for Word, Excel, Photoshop, etc. on there, too? Basically just use the computer as an interface for accessing everything on my external hard drive?

Top
  • Login or register to post comments
June 12th, 2012 at 11:16 AM
(Reply to #48) #333
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
The first thing that I do

The first thing that I do with a new laptop is I zero the hard drive to get rid of all manufacturer stuff. Then, I partition the hard drive and put the OS on a ~50GB partition and give the rest to the second partition which I use for data, e.g. pictures, videos, documents, spreadsheets, etc. I used to change My Documents to point to the D: drive (Data partition) in XP so that nothing was ever stored on the C: drive, but Vista and 7 require a much bigger process to get the same functionality. Now, I just use Google Docs and back up all of my pictures to Google, so the partition is generally just used for random stuff like downloads or programs that I'm working on.

Executables are kind of tricky. Basically, you can install to the data partition, but if they need access to the registry and you wipe your OS, then you just FUBARed your program. They do make versions of software, meant to go on thumb drives, that you can choose to install on your data partition or external hard drive. Those update on their own schedule, but would do what you are looking to do. Like I said, it's meant for flash drives, so you probably aren't going to see a lot of really big programs available to you. Also, they have to have access to the source code and they rebuild them with this specific purpose, so I doubt that you can find MS Office, but who knows? Usually, though, I find it's just better to install all of your programs again. A lot of programs don't update, so installing fresh will get you the latest version. If you purchased (or downloaded) a program that can't be upgraded, then just keep the installer on your data drive in folders. I used to do that for hard-to-find programs.

Top
  • Login or register to post comments
June 12th, 2012 at 11:28 AM
(Reply to #12) #334
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
McAfee question

Thanks for your thoughts, joeyb -- appreciate your insights.

One question: There seem to be a lot of negative opinions of McAfee on this board, and I'm genuinely curious why that's so, as I don't follow this world of antivirus programs closely. (I suppose that's about to change...) McAfee has always worked fine for us, and I certainly don't blame it for my current predicament, which is my fault. (Unless someone tells me that a better AV would've blocked those phony Adobe Flash update popups from even appearing.) I also work at a place where, to put it mildly, there is an extreme emphasis on IT security, and we have McAfee on the computers here.

Are McAfee/Symantec etc. just too big to be agile enough to keep up with the ever shifting threats from hackers? Or is there some other reason they aren't as good as others? 

 

Top
  • Login or register to post comments
June 12th, 2012 at 11:46 AM
(Reply to #51) #335
joeyb
joeyb's picture
Joined: 10/12/2008
MGoPoints: 14048
Personal experience for me.

Personal experience for me. McAfee just used to slow my computer to a hault. It also did little to prevent the worst viruses and still didn't clean the computer very well when it managed to find viruses. I used to have to supplement McAfee with AdAware and Spybot way back in the day. It is also confirmed in a lot of tests between AV programs; it just doesn't protect or clean as well as other programs.

We use Symantec at my work too. I don't know if there is a major difference between their enterprise and home AV solutions, but our CSO doesn't use Symantec at home either. Maybe it's just because the free AV programs are as good as, if not better than, the ones you pay for.

For a while, I dropped anti-virus altogether. I went years without getting a virus just by being smart about what I was doing. I did manage to get a virus at one point, but I'm pretty sure it was from one of my room mates.

When Microsoft Security Essentials came out, I tried it out with the thought that MS knows their system better than anyone else and it should integrate really well. It runs so flawlessly that I forget that I have it installed. I install it on every computer that I fix for people. What kills me is when I go to my in-laws and they (I'm thinking it's my brother-in-law) installed AVG on top of MSE. In case you weren't aware, having two AV programs is bad. Essentially, AV programs act like a bigger, badder virus and watch over your stuff for you. When you have two competing, they get in each others' ways and you end up with lapses in coverage.

Top
  • Login or register to post comments
June 11th, 2012 at 4:30 PM
#336
a non emu
Joined: 06/30/2008
MGoPoints: 718
The laptop is old enough. Get

The laptop is old enough. Get your data off and re-image. if you don't have your original windows product key, just put Ubuntu/Linux Mint on it. for day to day tasks like browsing you won't notice a difference. If anything it'll probably run a little faster.

Top
  • Login or register to post comments
June 11th, 2012 at 5:14 PM
#337
Griff88
Griff88's picture
Joined: 01/26/2010
MGoPoints: 1401
In

In this case, system restore will not work. Before you run any tool/cleaner, turn it off.

Download Tdsskiller from here

 http://support.kaspersky.com/downloads/utils/tdsskiller.zip

Follow the instructions here

http://support.kaspersky.com/faq/?qid=208280684

Good luck, I hope you get rid of this nasty bug. If you want to be completely sure, then backup everything you want to save. Either burn the saved items to disk, or back them up to an external hard drive. Once that's done, make sure you have unpluged your external from the laptop. It's easy to forget that it's still connected, and you can accidentally format the external as well. Once you have everything backed up, then you can reformat/reinstall windows. All you need is a Windows Operating System Disk. You don't need the original recovery disks that came with the laptop.

If you don't know how to reformat/reinstall Windows. You will want to delete all partitions on the laptop, and then do the reinstall. You can find many youtube tutorials on how to do it. It's not hard, just take your time.

Top
  • Login or register to post comments
June 11th, 2012 at 4:41 PM
#338
Dantana
Joined: 08/24/2011
MGoPoints: 137
I have dealt with these

I have dealt with these things in the past and am currently in the middle of trying to clean my computer from Trojan Sirefef.

To me, wiping the hard drive is the absolute last chance fix. There are many good forums much like this one that have techs who will walk you through the process of cleaning the computer for free.

The one I use is called www.techsupportguy.com. Create a login, then go to the  virus/malware removal forum and post your symptoms/malware/etc and wait for someone to respond. To speed things up, download a program called hijackthis (link should be on techsupportguy site) and run it and post the results in your initial post. This is a quick system snapshot of what programs are running and they can see what doesnt belong.

A few years back my computer autoinstalled an update which completely screwed up my computer, blue screen of death and all. I called Dell and explained it was one of their updates which caused the problem. Their solution? Wipe out the entire hard drive. I said F that and got on to techsupportguy and explained my situation. They walked me through uninstalling that particular update and bingo...computer back to normal.

 

Top
  • Login or register to post comments
June 11th, 2012 at 7:41 PM
(Reply to #17) #339
acnumber1
acnumber1's picture
Joined: 10/19/2009
MGoPoints: 18671
I second this approach

I used one other than techsupportguy but it looks to be a similar service.  Might take a day or two by they are thorough and effective.

Top
  • Login or register to post comments
June 11th, 2012 at 4:45 PM
#340
bronxblue
Joined: 11/22/2008
MGoPoints: 59108
I ran into this problem with

I ran into this problem with my netbook a couple of years ago, and ultimately all I did was clean the system and reinstall the OS.  If you have your files backed up, you should be good.  Might need to follow up with some of the vendors if you have license keys, but that's relatively trivial and shouldn't be an issue for those that rely on physical addresses/IDs for authenticating your system.

Rootkits are notoriously tough to get rid of, and at some point just starting over makes more sense than slamming your head against a wall.

Top
  • Login or register to post comments
June 11th, 2012 at 4:50 PM
#341
Blue Durham
Blue Durham's picture
Joined: 06/30/2008
MGoPoints: 5293
I've had similar problems with a trojan called vundo a few years

back.  I went to the web site AUMHA.net and looked/searched through a variety of threads.  A number of other people were having similar problems and they fixed it for them.  About AUHMA:

  • They are computer guys who do this free but expect donations.  If they fix your problem, then I am sure you will be willing to donate.
  • They solve a variety of problems for a lot of people.  Look through the relevent threads and see how they handle people and what they expect.
  • How it works:  Unlike MGoBlog, you are instructed to post on your own thread ONLY.  If you post on someone else's thread, they will likely not only not help you but ban you. 
  • These guys do not suffer fools at all.  Do exactly what they ask, everything they ask, and in the order that they ask.  You screw up once, they will berate you.  Screw up a second time and they likely will lock your thread and not deal with you.
  • Your problem will be solved, but it will probably take a couple of days of back and forth e-mails and you sending some logs for them to check.

You will get one-on-one help with an expert with no cost except you donation if and when you choose to make one.  However this dialog that you have will be visible to anyone on the net. 

Everyone is instructed not copy the protocol set forth in threads (no matter how pertinent the other person's situation is to yours) other than the one(s) you start.  If you do, and this does not solve you problem, and then you start a thread asking for help, they will likely lock you thread.

Hope that helps.

Top
  • Login or register to post comments
June 11th, 2012 at 6:14 PM
(Reply to #20) #342
oriental andrew
oriental andrew's picture
Joined: 06/30/2008
MGoPoints: 19784
Nice.  I might just try those

Nice.  I might just try those initial steps to see what happens, given that they say it should clean up the system pretty well even before your first post (not that my computer is infected or anything). 

Top
  • Login or register to post comments
June 11th, 2012 at 6:48 PM
(Reply to #31) #343
Blue Durham
Blue Durham's picture
Joined: 06/30/2008
MGoPoints: 5293
They're great because

they have you use a variety of free-ware and they check for a variety of problems from the log files you post.  Thus, if any other problems arise, they are familiar with you and situation and take addition steps to resolve it, unlike using just one program like malwarebytes (which they do have you use). 

Top
  • Login or register to post comments
June 11th, 2012 at 5:27 PM
#344
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
Thanks for the advice, everyone

I love MGoBlog.  Lots of options to consider... I'll let you know how it works out.

One question I asked above, still not clear on the answer -- when I do a backup of all the stuff I want to save in case I need to reformat or buy a new machine, how do I ensure that stuff isn't infected before loading it onto the clean/new computer?

Thanks again!

Top
  • Login or register to post comments
June 11th, 2012 at 5:51 PM
(Reply to #24) #345
Griff88
Griff88's picture
Joined: 01/26/2010
MGoPoints: 1401
Scan

everything on the external hard drive. As long as you are not backing up system files, dll's, unfamiliar exe's, or registry entries... you should be fine.

I would recommend getting rid of McAfee Antivirus. For free Antivirus use either Microsoft Security Essentials or AVAST. For paid Antivirus, ESET Nod32 is excellent.  There is also a free online scanner from Trend Micro, that is good as well.

http://housecall.trendmicro.com/

Simply put, just scan everything.

Top
  • Login or register to post comments
June 11th, 2012 at 5:52 PM
#346
BlueMan80
BlueMan80's picture
Joined: 01/21/2011
MGoPoints: 7559
Thanks for reminding me....

I need to backup my computer.  Haven't done that in a while.  Once my kids got their own computers, things have been a lot "cleaner" with this system.

Top
  • Login or register to post comments
June 11th, 2012 at 10:17 PM
(Reply to #29) #347
htownwolverine
htownwolverine's picture
Joined: 09/02/2009
MGoPoints: 7149
Gospel brother. I have spent

Gospel brother. I have spent hours cleaning my nieces computers. Drives me nuts to go to the in-laws, use a 3 month old machine and it takes 15 minutes 2 load a webpage.



My wife is thankful that we have had the same box for years with no viruses.

Top
  • Login or register to post comments
June 11th, 2012 at 6:59 PM
#348
Rusty Shackleford
Joined: 04/03/2010
MGoPoints: 5981
First

Trojans are tricky to get rid of because they update themselves. You can scan and remove all you want, but if there is a connection to the internet it will not go away. To fix this problem you have to scan in safemode.

If you want to make sure it gets out you have to learn the hard way. Find out which files are executing, back everything up and get rid of them manually.

Ditch your anti-virus, the knowlegde of protection systems and intrusion prevention is better then any anti-virus you could ever buy.

Top
  • Login or register to post comments
June 11th, 2012 at 8:18 PM
#349
orobs
Joined: 10/03/2010
MGoPoints: 3205
this thread makes me happy i

this thread makes me happy i no longer use windows.  I splurged on a shiny new imac in 2006.  It still works like new.  I've never had a virus.   I think the last time I rebooted it was 5 months ago

Top
  • Login or register to post comments
June 11th, 2012 at 9:27 PM
(Reply to #35) #350
ppToilet
ppToilet's picture
Joined: 04/18/2011
MGoPoints: 3013
Don't get cocky

Every system has its problems and Mac OS X is no exception.

Top
  • Login or register to post comments
June 11th, 2012 at 10:36 PM
#351
M - Flightsci
M - Flightsci's picture
Joined: 06/30/2008
MGoPoints: 343
I'd second the

I'd second the malwarebytes/combofix route.  While "ghetto" in appearance as someone mentioned, combofix is an extremely effective tool.  MB run in safe mode w/ networking (for definition update) can be useful if you follow it up with normal mode scans.  I've found it usually works best to tackle these problems with a nice arsenal of tools at your disposal.  Most of the aformentioned programs will work well for you.  The only resource limiting you is time, and how much you're willing to dedicate to the task. 

 

I'll also third/fourth/fifth the notion of getting rid of McAfee and using Microsoft Security Essentials.  It's lightweight and unobtrusive, sort the far end of the pendulum swing from MS's User Account Control

Top
  • Login or register to post comments
June 12th, 2012 at 10:37 AM
(Reply to #42) #352
NoVaWolverine
Joined: 09/07/2010
MGoPoints: 1716
Time as limited resource

That's the real issue for me, I think -- how much time do I want to devote to this, and what's the best use of my resources (time & money) to resolve the problem? I can see using one of these tech support forums to attempt a thorough clean-up, but that can take a while. Wiping/reformatting and starting fresh would give me more piece of mind knowing the rootkit is truly gone, but even that sounds a little daunting. A new laptop would be the quick and easy way, but I'm not sure I want to spend the money right now.

First World Problems, right? :-) 

Top
  • Login or register to post comments
June 12th, 2012 at 3:01 AM
#353
RioThaN
RioThaN's picture
Joined: 09/28/2009
MGoPoints: 1971
I used to fix mine, but I

I used to fix mine, but I don't really remember how to, there are message boards that can help you step by step, I used forospyware.com but is in spanish.

There are tools like antimalwarebytes wich help a lot and some other that gives you the root directory, I remember one called bazooka, but it was when I had a pentium 4 computer with Windows xp so maybe that's too old now, you had to write down the directions and restart the computer in safe mode, then erase those files and directories, some needed additional software like killbox to be able to delate the files. Some other software like edowe (I think it was called that) was usefull to scan the computer and get the logs, people in those message boards read the logs and tell you what to erase or so, but after half a day I was able to remove red sheriff, a really nasty spyware very hard to remove as far as I know, perhaps backing up everything and reinstalling windows would be easier.

Top
  • Login or register to post comments
June 12th, 2012 at 10:19 AM
#354
ixcuincle
ixcuincle's picture
Joined: 08/11/2010
MGoPoints: 4547
Download a USB Virus scanner

Download a USB Virus scanner such as Kaspersky to a USB drive, off another computer. Then boot up in safe mode, run the scanner, and hope that the virus is removed. 

Talk about nuking above, but that's a last resort option in my opinion. 

Also, this laptop is an utter piece of junk, the fan is actually blaring right now and making some irritating noise. I heard the ultrabooks are pretty nice, but they're pretty expensive compared to the other laptops I'm looking at in Newegg. It's about the same age as the OP's laptop, so I could use a new laptop that actually runs videos and surfs the internet without freezing! 

Top
  • Login or register to post comments
Powered by Drupal, an open source content management system
Theme provided by Roopletheme; sidebars adapted from Chris Murphy.