Google results all forwarding to http://thealltimes.com/


Recommended Posts

Its also recommended to perform those functions in safe mode.

The MBR fix didn't work either?

Link to comment
Share on other sites

Its also recommended to perform those functions in safe mode.

The MBR fix didn't work either?

How did I miss that?

I have now issued the fixmbr and fixboot commands and the system is now fine!

Many thanks!

Link to comment
Share on other sites

How did I miss that?

I have now issued the fixmbr and fixboot commands and the system is now fine!

Many thanks!

Ignore that - it's back.

Link to comment
Share on other sites

Ignore that - it's back.

Did you run bitdefender bootkit removal tool ? it's portable.

http://www.malwareci...ads&showfile=48

The tool has been tested on the following e-threats:

Rootkit.MBR.Alipop.B

Rootkit.MBR.Alipop.C

Rootkit.MBR.Fengd.A

Rootkit.MBR.Fips.A

Rootkit.MBR.Locker.A

Rootkit.MBR.Locker.B

Rootkit.MBR.Mayachok.A

Rootkit.MBR.Mebratix.A

Rootkit.MBR.Mebratix.B

Rootkit.MBR.Mebroot.A

Rootkit.MBR.Mebroot.B

Rootkit.MBR.Mybios.A

Rootkit.MBR.Pihar.A

Rootkit.MBR.Pihar.B

Rootkit.MBR.Pihar.C

Rootkit.MBR.Pihar.D

Rootkit.MBR.Ramnit.A

Rootkit.MBR.Sst.A

Rootkit.MBR.Sst.B

Rootkit.MBR.Sst.C

Rootkit.MBR.TDSS.A

Rootkit.MBR.TDSS.B

Rootkit.MBR.TDSS.C

Rootkit.MBR.Whistler.A

Rootkit.MBR.Whistler.B

Rootkit.MBR.Whistler.C

Rootkit.MBR.Yoddos.A

Rootkit.MBR.Yoddos.B

Rootkit.MBR.Zegost.A

Win32.Ramnit.N

Link to comment
Share on other sites

Well, its obviously hooked into the MBR since FixMBR corrected the problem temporarily, so you'll need to get something that will remove it from the MBR.

The other option, unfortunately, is that if you can't get it off using an MBR tool, you might be better off backing up your vital data and doing a clean wipe of your system. And when I mean a "clean wipe", I mean performing a write-zero's to the drive. KillDisk is a good program that will do this for you. There is a free version that will do one single pass of zero's to the drive. But, thats just me. ;)

Link to comment
Share on other sites

Well, its obviously hooked into the MBR since FixMBR corrected the problem temporarily, so you'll need to get something that will remove it from the MBR.

The other option, unfortunately, is that if you can't get it off using an MBR tool, you might be better off backing up your vital data and doing a clean wipe of your system. And when I mean a "clean wipe", I mean performing a write-zero's to the drive. KillDisk is a good program that will do this for you. There is a free version that will do one single pass of zero's to the drive. But, thats just me. ;)

So it's something software-based that 10 of the most popular malware removers can't remove? What a crock :(

I can't believe Windows still needs to be reinstalled when one piece of malware hits.

Link to comment
Share on other sites

I had his issue on a system recently, I spent days trying to figure it out, only thing I could do to fix was total format and reinstall.

Link to comment
Share on other sites

I had his issue on a system recently, I spent days trying to figure it out, only thing I could do to fix was total format and reinstall.

That's madness these days, especially when we're on some of the best Windows forums around :/

Link to comment
Share on other sites

So it's something software-based that 10 of the most popular malware removers can't remove? What a crock :(

I can't believe Windows still needs to be reinstalled when one piece of malware hits.

I have encountered one like this on a co-workers PC. Nothing security related would run at all, even in safe mode. Had to use Ultimate Boot CD for Windows.

Although I did completely re-install windows for her, UBCD4Win, with the anti virus components updated before being burnt to disc is a good choice to try.

Link to comment
Share on other sites

If reformatting the system is too much for you, you might try doing a System Restore (after trying the suggestions above).

It is likely the the rootkit is hiding in system restore too. Usualy first step in cleaning an infected Windows pc is to delete system restore files.

Link to comment
Share on other sites

It is likely the the rootkit is hiding in system restore too. Usualy first step in cleaning an infected Windows pc is to delete system restore files.

Yes, on the above mentioned repair I did, system restore failed every time - even going back to a 3 month old restore point.

Link to comment
Share on other sites

1) Start \ Run \ MSCONFIG

Check startup and services

2) Start \ Accessories \ System Tools \Task Scheduler

Check nothing dodgy is scheduled to run on each boot

Both long shots and you seem to have covered the majority of bases here.

Link to comment
Share on other sites

That's madness these days, especially when we're on some of the best Windows forums around :/

When you reach the point where you spend more time trying to fix the problem one way than another, it's just easier to accept defeat and move on.

Link to comment
Share on other sites

I would try

Hitman Pro - http://www.surfright.nl/en/hitmanpro

then

Combofix - http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Then if your computer appears clean run Gmer to make sure it is in fact clean

Gmer - http://www.bleepingcomputer.com/combofix/how-to-use-combofix

If the above combination does not work. Then a format is just simply easier then attempting to clean.

Link to comment
Share on other sites

You are doing all these scans in safe mode, correct?

FTR, most security programs, including Malwarebytes and Combofix, are made to run in normal mode, and will do a better job of cleaning as such. Running in safemode is only supposed to be done when it's not possible to scan in normal mode, and generally, if running in safemode fixes the issue, you want to run a second time in Normal mode to make sure everything is really clean.

Link to comment
Share on other sites

I had his issue on a system recently, I spent days trying to figure it out, only thing I could do to fix was total format and reinstall.

Increasingly this is my solution to most problems. Your post below sums up my thoughts on it exactly!

When you reach the point where you spend more time trying to fix the problem one way than another, it's just easier to accept defeat and move on.

Link to comment
Share on other sites

I can't believe Windows still needs to be reinstalled when one piece of malware hits.

If you need a working system, dual boot with Ubuntu or another Linux distro. You'll never have virus/rootkit problems there. You can even scan/repair your Windows installation from Linux.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.