Alright, so I have a computer here with a deeply embedded rootkit.
first I tried to run malwarebytes, nope no go.
so to try and get this virus removed, I rebooted to safe mode, and tried again.
and got the expected result. the rootkit, blocks the executable from running.
well, then I navigate to the install folder of malwarebytes, and copy and rename it to mbam.com
why is the copy important. well, if malwarebytes, needs to run on reboot, it doesn't know I've renamed it to mbam.com, so it still needs the original mbam.exe to finish cleaning the infection.
right, so now.. here goes.. scanning..
fix 2 other computers come back....
yup.. just what I thought. nasty little rootkit.
even worse because, it has a neat little trick.
it doesn't have a real path it uses a \\global system path\
formed like this to hide itself.
however it detected the registry entries, and associated files that weren't hidden, also
so I rebooted, came back up in safe mode.. ran it again, malwarebytes successfully removed the non-rootkit entries, and detected the \\global$ entries, this time, when I rebooted, they were gone.
good ol' malwarebytes, truly sticks to the adage, try, try again..
Michael Reid
Computer Medic Services, LLC
Friday, January 15, 2010
Malware doesn't mean the Doomsday Clock has reached midnite.
Alright, so your system has been hijacked, as I talked about yesterday.
But don't worry, its not the end of the world as we know it.
There are some things you can do to help yourself, before spending hundreds of dollars. at the geeksquad, or wiping your system to the day you bought it.
Malware and Virus Removal, doesn't take a degree in computer science!
for example if you found yourself here. That means you still have some control, and can get to the tools and resources that can help you.
So Step 1
Download MalwareBytes Anti-Malware, funny name great software, check for updates, and do a quick scan. and YES its free 100%!!
In most cases, just one quick scan will take care of 99% of what ails you!
Let me know how it works out, and tomorrow, I'll introduce you to another tool from the makers of Malwarebytes, that will clean up some of that junk that loads when you turn on your system
if your in Bentonville, AR and can't get this to run, feel free to bring it by the shop, and we'll get ya taken care of! for more info click here
But don't worry, its not the end of the world as we know it.
There are some things you can do to help yourself, before spending hundreds of dollars. at the geeksquad, or wiping your system to the day you bought it.
Malware and Virus Removal, doesn't take a degree in computer science!
for example if you found yourself here. That means you still have some control, and can get to the tools and resources that can help you.
So Step 1
Download MalwareBytes Anti-Malware, funny name great software, check for updates, and do a quick scan. and YES its free 100%!!
In most cases, just one quick scan will take care of 99% of what ails you!
Let me know how it works out, and tomorrow, I'll introduce you to another tool from the makers of Malwarebytes, that will clean up some of that junk that loads when you turn on your system
if your in Bentonville, AR and can't get this to run, feel free to bring it by the shop, and we'll get ya taken care of! for more info click here
Thursday, January 14, 2010
Ack! I have Internet Security 2010!
I get this call so many times everyday, at the computer store...
oh hi, I'm Michael, and I work in a computer repair shop in Bentonville, AR.
Customers everyday call.. wanting to know, is it hopeless, have I lost my pictures.. or my files, last year tax returns?
Usually not, any pc technician worth his salt, and armed with the right tools, will be able to remove those virus's without a problem.
Now, yes I say virus, tho technically "internet security 2010" and various other virus, and malware type programs, aren't technically a virus, but they fall in the same category, they make our systems run, like a cat with a hairball, not very far, and not very fast.. without stopping, and coughing up something no one wants to see!!
come virus us.. err visit us, at the Computer Medic Services Website
..Tomorrow, How bad is it?!
Subscribe to:
Comments (Atom)