Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A fix for the no sound/phishing filter virus thanks to Eolath!


  • This topic is locked This topic is locked
1 reply to this topic

#1 sprout4me

sprout4me

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:26 AM

Posted 13 July 2010 - 12:00 AM

Earlier today Eolath posted a link to here : http://www.esagelab.com/resources.php?s=bootkit_remover
Thanks to Eolath, the bootkit was removed...and now I have sound and the phishing filter does not pop up anymore

He said there was a risk, so I didn't want do really do it. But, I was desperate and didn't think my computer could last a few days before the mods reviewed my logs. So I took a shot. The readmefile is not really specific and detailed, so I had to experiment.

This is what I did for it to work:
First, download the bootkit remover...then extract remover.exe to desktop

Then,

1. Press "start" on your taskbar
2. Go to run and type in cmd.exe
3. type in "cd desktop"
4. type in "remover.exe"
5. If it says that there is a unknown bootkit or if there is an infection, type in remover.exe fix PhysicalDrive0
6. Click yes to restart the computer...That's it!




However, when i clicked yes to restart my laptop, it went to the windows booting screen, but it didn't load. So, I just turned it off and turned it back on and now there have been 0 problems. I already restarted the computer twice and everything seems to be OK.


Edit: I can't guarantee you this will work and the mods will probably say that you should probably post the logs and let the mods figure it out. But, if you have these symptoms of no sound and a microsoft phishing filter pop up, and your computer looks like it is getting worse and everything is starting to freeze up...I think it is worth a shot.

Important: my taskbar would freeze in regular windows mode and safe mode didn't work...So I actually got into safe mode by pressing f8 repeatedly right after startup. I went to "repair directory services" and it actually got me into safe mode and the taskbar was working.



I was so frustrated these past two days and I am doing this to help others who might be in this situation.

Edited by sprout4me, 13 July 2010 - 12:17 AM.


BC AdBot (Login to Remove)

 


#2 Pandy

Pandy

    Bleepin'


  • Members
  • 9,559 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:26 AM

Posted 13 July 2010 - 12:59 AM

sprout4me,

We are really glad you were able to use the directions and fix your computer. The simple truth is though, you were lucky something worse did not happen. We can be glad that it worked out though. I have to wonder myself if it had not worked out how you would feel. It was at your own risk that you did try it, we are glad you lucked out. You took a chance and it paid off. Someone else reading this topic might take the same chance you did and not be so lucky and end up with a unusable computer. We appreciate the fact you want to help people and share knowledge. It is important to remember that all computers are not the same even if the issues sound the same.

This forum here, Am I Infected? is not meant for indepth malware removal.. it is a sort of triage area. Our forum only allows people we know of, that are qualified for malware removal to do so.

Please take note

See here

Posting instructions for the use of the following by non-staff members is prohibited in this area, as well as in all other areas of the forums. This list contains tools and procedures that are forbidden, the instructions for using similar tools or procedures should not be posted here, or elsewhere on Bleeping Computer forums, without prior Staff approval.

  • Manual file removal instruction
  • ComboFix instructions or discussion
  • Registry instruction
  • Automated registry cleaners
  • HiJackThis and /or DDS instructions (logs are for review only)
  • Custom scripts, batch files
  • Other specialized fix tools the BC Staff deems untrained members should not recommend for use.
Note: This list is not limited and we may add to it as necessary. These restrictions are in place to ensure that only safe and effective methods are given to members seeking help with a malware problem.


First of all, Esage Bootkit remover is a very unreliable tool, as it directly interacts with the MBR (master boot record) of the harddisk. If something goes wrong, you will have an unusable computer.


For everyone who suspects having this infection, please follow the steps in this guide

:thumbsup: Attempting to fix a rootkit like this one on your own is at your own risk!

I am closing this topic as there is no request for actual help here. Thank you.

Do not anticipate trouble, or worry about what may never happen. Keep in the sunlight.

Hide not your talents. They for use were made. What's a sundial in the shade?

~ Benjamin Franklin

I am a Bleeping Computer fan! Are you?

Facebook

Follow us on Twitter





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users