Rootkit. Reinstalling OS. Is this the right disc?

Rayne94 · 10-24-2011, 10:09 AM

I had a rootkit a couple months back.
I'm pretty sure there is something still there even though I paid to have it removed.
TDSSKiller finds nothing.
Avast! and Malwarebytes find nothing.
I think I need to reinstall the OS.
I have Windows XP, Home Edition, Service Pack 2
Is this the correct disc? http://www.amazon.com/Windows-Recovery-P…
If not can you show me the right one?

And, is reinstalling the OS self explanatory?

Thanks!

I like blue · 10-24-2011, 01:11 PM

The link doesn't seem to work...

**celegorm** · 10-24-2011, 01:43 PM

Nope, not working for me either.

Before you reinstall (or think more about it) have you tried combofix from bleepingcomputer.com?

Rayne94 · 10-24-2011, 03:32 PM

I'm sorry, will this link work now?
http://www.amazon.com/Windows-Recove...9488329&sr=8-6

@ celegorm; no I haven't. Could you post a link please? Can it remove all traces of a rootkit?

**celegorm** · 10-24-2011, 03:40 PM

Instructions and the download link are all here: A guide and tutorial on using ComboFix. I don't know the specifics on how much of anything it removes. All I know is that it has been my ace in the hole many times to remove stubborn viruses.

As for the disk, I don't trust that. It says windows XP, but then goes off to list Home Basic, Premium etc which XP didn't come in.

A very quick google search didn't give me any sites that I'd trust to buy, or even a legally free download for XP. You might need to contact the manufacturer of the system to get a disk if it comes to that.

Rayne94 · 10-25-2011, 03:43 PM

Thanks. First let me tell you exactly what was (and is) going on.
I was using my computer and it started freezing up really bad, then those pop-ups saying I'm infected and need to download their anti-virus to fix myself kept coming up. (No, I didn't click them.) I tired different scanners in safe mode and got rid of those, but my computer was giving me the blue screen of death, freezing, etc.
I took the computer to get fixed, was told I had a nasty rootkit, and paid to have it removed.
For a few days later: My computer would turn on, load the wallpaper, and not load the icons for 5 mins later. It also redirected my google.
Those two problems went away, now however my computer turns on at a normal speed...but takes five minutes for my icon tray, local area connection, etc to load; volume control doesn't load at all even though it's always set to show.
Maybe there's an easy fix to this? There are two other computers connected to the modem (one is wireless) and neither have this problem.

Rayne

I run frequent scans of Avast! and Malwarebytes, they don't seem to find anything. Last week a scan of TDSSKiller with changed parameters to include "Detect TDLFS File System" found this:

Threats detected:

TDSS File System
Physical Drive: \Device\Harddisk0\Dr0
Suspicious Object - Medium Risk

Which I had it delete. If that bit of info is useful.

Captain Pooka · 10-25-2011, 04:33 PM

I want to second ComboFix. I love it, use it all the time. If you can not download ComboFix, simply run it from a jump drive. (download it on another computer)

-Q

10-24-2011, 10:09 AM	#1
Rayne94 Beta Member Join Date: Oct 2011 Posts: 4	Rootkit. Reinstalling OS. Is this the right disc? I had a rootkit a couple months back. I'm pretty sure there is something still there even though I paid to have it removed. TDSSKiller finds nothing. Avast! and Malwarebytes find nothing. I think I need to reinstall the OS. I have Windows XP, Home Edition, Service Pack 2 Is this the correct disc? http://www.amazon.com/Windows-Recovery-P… If not can you show me the right one? And, is reinstalling the OS self explanatory? Thanks!

10-24-2011, 01:11 PM	#2
I like blue Solid State Member Join Date: May 2011 Posts: 15	Re: Rootkit. Reinstalling OS. Is this the right disc? The link doesn't seem to work...

10-24-2011, 01:43 PM	#3
celegorm Site Team Join Date: Sep 2006 Posts: 9,084	Re: Rootkit. Reinstalling OS. Is this the right disc? Nope, not working for me either. Before you reinstall (or think more about it) have you tried combofix from bleepingcomputer.com? __________________ "as a fanboy i refuse to admit it and will pull countless things out of my butt to disprove it" Team Thelegorm! Total Kills: 21 (i iz in uor profile, editsing your sigz)

10-24-2011, 03:32 PM	#4
Rayne94 Beta Member Join Date: Oct 2011 Posts: 4	Re: Rootkit. Reinstalling OS. Is this the right disc? I'm sorry, will this link work now? http://www.amazon.com/Windows-Recove...9488329&sr=8-6 @ celegorm; no I haven't. Could you post a link please? Can it remove all traces of a rootkit?

10-24-2011, 03:40 PM	#5
celegorm Site Team Join Date: Sep 2006 Posts: 9,084	Re: Rootkit. Reinstalling OS. Is this the right disc? Instructions and the download link are all here: A guide and tutorial on using ComboFix. I don't know the specifics on how much of anything it removes. All I know is that it has been my ace in the hole many times to remove stubborn viruses. As for the disk, I don't trust that. It says windows XP, but then goes off to list Home Basic, Premium etc which XP didn't come in. A very quick google search didn't give me any sites that I'd trust to buy, or even a legally free download for XP. You might need to contact the manufacturer of the system to get a disk if it comes to that. __________________ "as a fanboy i refuse to admit it and will pull countless things out of my butt to disprove it" Team Thelegorm! Total Kills: 21 (i iz in uor profile, editsing your sigz)

10-25-2011, 03:43 PM	#6
Rayne94 Beta Member Join Date: Oct 2011 Posts: 4	Re: Rootkit. Reinstalling OS. Is this the right disc? Thanks. First let me tell you exactly what was (and is) going on. I was using my computer and it started freezing up really bad, then those pop-ups saying I'm infected and need to download their anti-virus to fix myself kept coming up. (No, I didn't click them.) I tired different scanners in safe mode and got rid of those, but my computer was giving me the blue screen of death, freezing, etc. I took the computer to get fixed, was told I had a nasty rootkit, and paid to have it removed. For a few days later: My computer would turn on, load the wallpaper, and not load the icons for 5 mins later. It also redirected my google. Those two problems went away, now however my computer turns on at a normal speed...but takes five minutes for my icon tray, local area connection, etc to load; volume control doesn't load at all even though it's always set to show. Maybe there's an easy fix to this? There are two other computers connected to the modem (one is wireless) and neither have this problem. Rayne I run frequent scans of Avast! and Malwarebytes, they don't seem to find anything. Last week a scan of TDSSKiller with changed parameters to include "Detect TDLFS File System" found this: Threats detected: TDSS File System Physical Drive: \Device\Harddisk0\Dr0 Suspicious Object - Medium Risk Which I had it delete. If that bit of info is useful.

10-25-2011, 04:33 PM	#7
Captain Pooka Daemon Poster Join Date: Oct 2006 Posts: 1,083	Re: Rootkit. Reinstalling OS. Is this the right disc? I want to second ComboFix. I love it, use it all the time. If you can not download ComboFix, simply run it from a jump drive. (download it on another computer) -Q

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode