August 31st, 2010, 06:25 AM
I want to track down these malware authors, cut off their thumbs and big toes, and then drive a tent peg through their temples into the ground. Sorry, I have been reading Judges lately, as it were.
The system I am working on seemed to be coming along. It was getting a floppy seek error, and then wouldn't boot once F1 was pressed to continue.
I looked in BIOS, and noticed the date and time was off. I had a spare CMOS battery, so I threw that in there, and was able to correct those problems, but it still would not boot.
I tried going into safemode, but it stalled while loading drivers. I ran a repair off of the Windows CD, but then it stalled at the XP splash screen, where it says 'Please wait'. I did wait... for over an hour. Nothing. So I shut it down, booted off of the XP cd again, ran chkdsk /r, and waited some more. It would get to 75%, then jump back to 50%. It did that several times, but finally finished.
After it finished, I was able to boot into Windows. I got several errors about weatherbug and what not while Windows loaded. I removed weatherbug, and several toolbars, and then ran MalwareBytes. Three hundred and seven infected objects. I removed those, rebooted, then ran a full scan. Three infected objects. Removed, rebooted.
Then I tried to do a Windows update. IE wouldn't open from the Update icon or the actual program file. I ran combo fix. Rootkit activity detected. Rebooted, combofix finished, and removed some objects.
Ran Malwarebytes, clean.
Ran Spybot S&D, 5 objects found. Removed. Rebooted.
IE still wouldn't open. Copied the firefox exe over from another system, downloaded IE8, installed. It finally opened. Pages worked fine, except for... you guessed it, Windows Update.
Ran hijack this, removed a few objects that didn't check out. Rebooted. Nothing.
Downloaded a kaspersky live cd, ran that, clean.
Booted back into Windows. Reset tcp/ip and winsock. Checked the host file... clean. Rebooted.
Still no update. I am running the sophos anti rootkit program now, will see what it turns up.
I have also downloaded the Panda safe-cd. I have not ran it yet.
I am to the point where I am going to recommend reformatting, but I don't think the client is going to be happy with that option.
I am about to pull my hair out. Stupid infections.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
By scratchONtheBOX in forum Miscellaneous Security Discussions
Last Post: March 7th, 2005, 06:58 AM
By moonstar550 in forum AntiOnline's General Chit Chat
Last Post: April 10th, 2004, 03:03 AM
By al1aprize in forum Spyware / Adware
Last Post: March 15th, 2004, 01:24 AM
By neohunk in forum Tech Humor
Last Post: November 19th, 2003, 01:40 PM
By nate_k9 in forum Tech Humor
Last Post: October 26th, 2003, 08:56 AM