MSMVPS.COM
The Ultimate Destination for Blogs by Current and Former Microsoft Most Valuable Professionals.
Mike's Window » Win32.Patched.gq

Win32.Patched.gq
Mike's Window

A commonly held 'view.. '

 "Well, it worked in Windows 95!"

MVP Award years

2005 - 2006 - 2007

2008 - 2009 - 2010

2011 - 2012 - 2013

The original MVP logo

My Favourite Utilities

Speedfan is a great hardware monitor which can automatically control fan speeds, warn when temperatures are rising in the case, and do a SMART scan of your hard drives. A 'must have'.. http://www.almico.com/speedfan.php 

Piriform Speccy tells you what is inside the box and with great accuracy.. http://www.piriform.com/speccy

Networx shows download/upload bandwidth used.. http://www.softperfect.com/products/networx/

Piriform Recuva is probably the best file recovery utility around and is free too.. http://www.piriform.com/recuva 

Treesize shows you what you have got, where it is, and how much space it is all using.. http://www.jam-software.com/freeware/index.shtml

Windows 8 alternative start menus.. Classic Shell.. http://classicshell.sourceforge.net/

Stardock Start8.. http://www.stardock.com/products/start8/

EaseUS Partition Manager is the best free utility of its type..   http://www.partition-tool.com/download.htm

YoWindow, a weather utility which appears to work with the Windows 8 desktop.. http://yowindow.com/

My Favourite Gadgets - Windows 7 and Vista only..

Gas Buddy.. http://www.londongasprices.com/VistaGadget.aspx

NetMeter.. http://addgadget.com/

Network Monitor.. http://samwtucker.com/

Asst'd gadgets.. http://gallery.djinngo.com/gallery/index.html

Weather fun.. http://yowindow.com/

Links

  • Click on the graphics for more information

    Locations of visitors to this page

Syndication

Recent Posts

Tags

View more

Archives

Blog Archive List

Apparently, this file does not exist, even though a computer might tell you that it does. Certainly, I couldn’t find it. I even removed the laptop hard drive and attached it to another system, just in case there was something hiding it in the host OS.

From what I can gather, it is a vestige left over from the installation of a rogue anti-virus program. Somebody had been working at removing the problem and, by the time that I was called in, the rogue AV program had gone.

Unfortunately, it left a trail of a destruction which no XP or free third party utility could fix.

  1. It disabled the incumbent AV program
  2. It prevented Windows Update or any other update which may have helped fix the problem
  3. It replaced core files and would not allow the replacements to be removed

There is no shortage of help to remove the infections. One of the sites was blocked by NOD32, and the others all want payment for the removal. Personally, I think that it is cheaper and more effective to back up important user files and start over, and that is what I did.

Sometimes it is not worth the time or cash cost to try to rectify virus/Trojan/worm infections.

Posted Mon, Aug 23 2010 10:38 by Mike Hall
Filed under: ,

Comments

Teckset wrote re: Win32.Patched.gq
on Mon, Aug 23 2010 10:12

Congratulations! You've probably got a rootkit (I'm thinking TDSS), some rogue registry keys and DNS redirector. Fun isn't?

Add a Comment

(optional)  
(optional)
(required)  
Remember Me?
If you can't read this number refresh your screen
Enter the numbers above:  

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems