Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sneaky little nasties!


  • Please log in to reply
6 replies to this topic

#1 connectedcr

connectedcr

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 03 September 2010 - 11:18 AM

Vista x64 system. I'm not really looking for an expert to fix my system because I gonna nuke and pave it anyway just to be safe, but just wanted to tell what's happened. Maybe someone had the same issue or have some insight. Anyway...I've never had any problems with virus on this machine until recently. I noticed computer running slow and lots of traffic going on. Ran lots of scanners. From bootcd's I ran superspyware, spybot s & d, bitdefender and sophos root kit. I had networking so it update to newest database. I found lots of scanners are not compatable with x64. In safe mode ran malwarebytes but it kept crashing. Ran superspy and comodo in normal mode. Comodo picked up about 2. For security I have comodo, adaware, and superspy. proabably ran some others but forgot. After running all that I did hijackthis and it picked up quite a bit of nasties. Cleaned them and the computer seemed to be back to normal. So I read about the rootkits now being able to work on 64 bit systems. Maybe becuase it's relativley new the scanners did not pick it up? And if that is the case sounds like a good 'ol nuke n pave my be the safest solution. Thanks for any comments or insight.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:46 AM

Posted 03 September 2010 - 07:45 PM

Well truthfully with most rootkits it is the best policy to Nuke and repave.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 connectedcr

connectedcr
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 04 September 2010 - 12:53 PM

Yeah, I'm starting to adhear to this. Some people say only pizza techs nuke and pave, but the pro's manually remove. It's seems that the way virus has advanced, either it will take you forever to clean or you'll miss something. With keyloggers and such, I don't think I want to risk that. But what do I know. thanks for the response

#4 CStew23

CStew23

  • Members
  • 1,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:46 AM

Posted 04 September 2010 - 01:13 PM

as viruses get more and more sophisticated I fear the nuke and refomat will become all to common
Please don't send help request via PM, unless I am already helping you. Use the forums!
If you have not heard from me in 48 hours please use this and send me a PM reminder.

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:46 AM

Posted 04 September 2010 - 02:28 PM

There are no guarantees or shortcuts when it comes to malware removal, especially when dealing with backdoor Trojans, Botnets, IRCBots or rootkit components that can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Infections will vary and some will cause more harm to your system then others as a result of it having the ability to download more malicious files. Security tools that claim to be able to remove rootkits cannot guarantee that all traces of it will be removed as they may not find all the remnants.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Your decision as to what action to take should be made by reading and asking yourself the questions presented in these articles:This is what Jesper M. Johansson at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

The only way to clean a compromised system is to flatten and rebuild. Thatís right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).


Edited by quietman7, 04 September 2010 - 02:41 PM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 connectedcr

connectedcr
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 04 September 2010 - 06:11 PM

Thanks for the read. Very good.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:46 AM

Posted 05 September 2010 - 06:37 AM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users