 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Tue, 3 Aug 2010 13:23:53 -0700 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
A format should remove this root kit.
Reinstall, but use the option to remove the partition and do a full
format.
A supposed fix is in this thread:
http://www.bleepingcomputer.com/forums/topic318848.html
-------- Original Message --------
Subject: Re: [PCBUILD] Computer infection
From: Donald DeWitt <[log in to unmask]>
Date: Tue, August 03, 2010 12:02 pm
To: [log in to unmask]
Do to the rapid decline of the computer I decided to go ahead and clean
off
the entire hard drive and do a fresh install while I still had the
chance
because the computer was slowly dying.
After completing a fresh new install using the original CD that came
with
the computer, (Windows XP Media Center Edition 2005) and reinstalling
the
drivers, several things seemed to be uncharacteristic of a new install.
(e.g. no sound, changes in boot-up procedures, and many other things as
well). As time went on things got much worse. Constant pop-up adds,
Firefox
web page replaced with "MyFreeze". Clicking on a bookmark resulting in a
blank page, downloading a program results in weird new short cuts placed
on
the Desktop and many other things that are too numerous to mention. The
computer is almost dead in the water now.
As I was downloading and running all the recommended anti-virus
programs in
safe mode and with system restore off, one of them (I cant remember
which
one now) noted; MBR infected with Whistler Bootkit !! How can that be? I
thought doing a fresh new install completely deleted everything on the
hard
drive. I guess that is not always true?
Searching Whistler Bootkit on the web for a solution I saw that a
program
called MBRCheck.exe could remove it and replace it with the original
file. I
ran this program through several times without any success either
because of
the viruses resistance to it or the lack of my knowledge of how to use
the
program properly. It appears that the author of this nasty virus has
out-smarted all the best anti-virus programs.
With my limited computer skills, do you think there is a chance I can
remove
this thing or do I have to install a new hard drive? Would a new hard
drive
solve the problem? Do you think it has infected my slave drive also? Is
the
is computer beyond repair?
Many thanks for your input regarding this perplexing problem of mine,
Don
On Mon, Jul 26, 2010 at 7:51 AM, don penlington <[log in to unmask]>
wrote:
> Don wrote:
>
>> I have tried everything that was recommended by everyone>>
>>
>
>
> This has probably already been covered, but just in case it hasn't:
>
> Did you disable System Restore? Many viruses hide themselves here and will
> reconstitute themselves unless you disable System Restore before scanning.
> Disabling System Restore effectively deletes all its contents, and you will
> need to re-enable it later.
>
> Don Penlington
>
>
> PCBUILD maintains hundreds of useful files for download
> visit our download web page at:
> http://freepctech.com/downloads.shtml
>
PCBUILD's List Owners:
Bob Wright<[log in to unmask]>
Mark Rode<[log in to unmask]>
PCBUILD's List Owners:
Bob Wright<[log in to unmask]>
Mark Rode<[log in to unmask]>
|
|
|
