close

Privacy guaranteed - Your email is not shared with anyone.

Welcome to Glock Talk

Why should YOU join our Glock forum?

  • Converse with other Glock Enthusiasts
  • Learn about the latest hunting products
  • Becoming a member is FREE and EASY

If you consider yourself a beginner or an avid shooter, the Glock Talk community is your place to discuss self defense, concealed carry, reloading, target shooting, and all things Glock.

Virus - rootkit removal?

Discussion in 'Tech Talk' started by vote Republican, Jul 17, 2011.

  1. vote Republican

    vote Republican White and nerdy Moderator

    10,661
    1,398
    Aug 23, 2002
    OAF Mecca, MD
    My father in law has an old XP computer. It got virused, and running from a AV boot CD it shows volsnap.sys has a rootkit. So I need to replace this file, not just delete it (important system file). Thoughts? I am gearing towards format/reinstall, but I'm just wondering if there's anything anyone has done here.

    When I run AV from the OS, it doesn't show this infection. Malwarebytes, Sophos show clean.
     
  2. eracer

    eracer Where's my EBT?

    6,711
    2
    Apr 5, 2011
    Tampa, FL
    Last edited: Jul 17, 2011

  3. GIockGuy24

    GIockGuy24 Bring M&M's

    4,037
    5
    Jul 14, 2005
    With Amber Lamps
    Kaspersky TDSSKiller is suppose to repair that one.

    http://support.kaspersky.com/downloads/utils/tdsskiller.zip

    More info

    http://support.kaspersky.com/faq/?qid=208283363
     
    Last edited: Jul 17, 2011
  4. GIockGuy24

    GIockGuy24 Bring M&M's

    4,037
    5
    Jul 14, 2005
    With Amber Lamps
    Ah the zip file version may be out of date.

     
    Last edited: Jul 17, 2011
  5. Pierre!

    Pierre! NRA Life Member

    3,990
    161
    Jun 20, 2003
    Lovin Sparks Nv!
    RootKits *suck*...

    I have always just 'Nuked Them From Space' so that I am sure... Particularly on Business systems in highly regulated industries.

    And, after the re-install, it's so much faster!

    It will be interesting to see if this gets effectively cleaned!

    Nice links GlockGuy24... looking to hear this fixes up nice and easy!
     
  6. vote Republican

    vote Republican White and nerdy Moderator

    10,661
    1,398
    Aug 23, 2002
    OAF Mecca, MD
  7. vote Republican

    vote Republican White and nerdy Moderator

    10,661
    1,398
    Aug 23, 2002
    OAF Mecca, MD
    100% agree for work computers, make an image & keep docs on a network drive. This is an old PC, not sure where all the CDs are even (I could probably find one if I had to).
     
  8. Pierre!

    Pierre! NRA Life Member

    3,990
    161
    Jun 20, 2003
    Lovin Sparks Nv!
    Thanks for letting us know how it went!

    I may have a new tool for the future, you too no doubt! :supergrin:

    Thanks, and I dig your 'Handle' - vote Republican - and vote em all out till further notice (LOL)

    Patrick
     
  9. vote Republican

    vote Republican White and nerdy Moderator

    10,661
    1,398
    Aug 23, 2002
    OAF Mecca, MD
    You've been around almost as long as I have, and you've never noticed? LOL
     
  10. srhoades

    srhoades

    2,799
    10
    Jul 14, 2000
    combofix is now pretty good at replacing infected system files.
     
  11. gemeinschaft

    gemeinschaft AKA Fluffy316

    2,202
    57
    Feb 7, 2004
    Houston, TX
    VR, I have a bunch of Windows OEM discs. As long as you still have a valid license key, you might be able to use another disk.

    What OS and who is the Manufacturer?