Posted on 07/01/2009 7:12:27 AM PDT by Oshkalaboomboom
I have a rootkit trace that refuses to go away. Macafee can't delete it. Malwarebytes Antimalware claims to delete it but it's right there as soon as it closes. I find hundreds of references to it via Google but nobody says how to get rid of it and nobody even discusses what it does besides annoy you. My cd burning programs have been disabled so I can't make an alternative OS like BartPE. I can boot off the Windows CD and get into the Recovery console. I use DOS commands to delete the files but they come right back again.
Microsoft has said that there are some infections that can't be fixed. Is this one of them? I can wipe everything out and start over but I'd prefer that to be the last resort, not the first.
The file that won't go away is uacinit.dll It also makes a few copies of itself and a registry key. Has anyone ever successfully deleted this?
I ran MRT and AVG at the same time and AVG removed my trojan/peraonal antivirus virus fist because it ran faster. It came up on mrt but mrt could not remove it because I had already removed it with AVG.
Turn off System Restore
AVG, Norton, McAfee, etc. are not powerful enough to totally and completely remove 99% of malicious rootkits, though. Not to mention that the last two are memory hogs.
Love the irony of using BING for that search.
When I used to use Windows, I’d set up my computer specifically so I could just zap the whole install and start over whenever I needed to. I found this much easier than pounding my head against the wall every few months. When Windows started to slow down, or if I had a problem, I’d format the Windows partiion on the HD. Then, I’d put the Recovery Disks in and start over from the beginning. Really didn’t take that long to do and I knew that when I was finished, I’d have a healthy computer.
Most of my data stayed on a separate partition anyway, and I always had backup copies of any programs I used regularly.
Those days have long passed since I started using Ubuntu.
I’ve been using Linux for two years now. You can boot up your computer with a Linux “live CD”. It does nothing to your Hard Drive and you can then save all the important files you really need on memory sticks or an external hard drive. Once you’ve backed up all the data you really want reinstall Windows. (Or , if you like, stay with Linux and become pleasantly amused at all the hardship others are having when a better choice is free for the taking)
Just a different problem instead...
The computer, or the girl?
OK, if none of that stuff works, go to www.majorgeek.com and follow their instructions TO THE LETTER for removing malware. Why are they different? Because they walk you through the process (in part using the hijackthis tool) of actually digging into the registry, bootup process, etc where malware hides and manually ripping it out by the roots. Warning: The process is long and tedious and if you mess up a step, you just might (in fact probably will) trash your computer. Its where I go when all else fails (and I have both trashed and saved my computer on different occassions).
I agree. Eating and drinking lots of beer make lots of problems just disappear.
Depending on the age of your hard drive and type, buy a SATA/IDE-to-USB adapter or an external drive enclosure. Pull your hard drive, plug it into the USB adapter and then plug into a system with the very latest Windows updates, AVG/other antivirus and spyware removal tools.
Once mounted externally, you can treat it as another drive. I start with an AVG scan and finish with a Malwarebytes scan.
There are a few extra “super-hidden” files that you can't get into on a drive that is the boot drive. I typically find these infected files in “Recycler”.
While you have the drive out, go ahead and run a defrag of the drive.
If this is a true rootkit then you will need better tools, but for most things AVG, Windows Defender and Amlwarebytes work fine.
There comes a time that you may be well advised to take the system into a local nerdshop and pay them to help.
If you can wait a day, I can build you a BartPE and send it over. FReepmail me if you need it.
Well, “delete computer” and then “get a Mac” and you’re home free... :-)
Then the computer.
Then the girl.
Then the girl again.
Did you turn off/disable Windows Restore before trying to delete the trojan?
If not, you need to do that.
Bookmark
You do know that “I’d hit it” comments makes some people break out in hives don’t you?
But then, that’s probably why you said it.
I wouldn’t hit it because I am married.
Is fantasizing really cheating?
I'd hive it.
I wouldn’t hit it because I am married.
Oh, you'd hit it. You just don't want the consequences of hitting it.
But make no mistake.
You'd hit it.
bump for later
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.