Daily Archives: Monday 09/01/2012

Little Mini Disasters My Life 09 JAN 2012

Sigh, so many little negative things to start the year off with, so I may as well list them here, why not?

The first not so lekker thing is of course the creché being closed for a month and only reopening in the middle of January, meaning that Jessica is now staying over with the Montgomery Clan back in Bellville. Sure it’s nice to get a mini break from the little carpet crawler, but to be very honest, two weeks is far, far too long to be away from my bubbly little girl, and after the second evening without seeing her, it was simply too much! I miss my Jessie!! :(

Another little negative start to the year is the official looking piece of post that arrived and which was addressed to me, one which when Chantelle saw it, she laughed, and then handed over to me with an evil grin. It turns out that the section of the N2 leading up to the Sir Lowry’s road turn-off after the Broadlands turn-off is not really the N2 after all. Speed limit is 80 km/h, not 102 km/h as my little Getz was travelling. Bam, R200 fine right there! (Luckily it was only a 102 km/h on that stretch. Normally that’s a 120 km/h piece for me and pretty much everyone else on the road!)

Ugh, and my training shoes finally went and gave in – I managed to walk them completely through with all my road training, so much so that I could poke my finger pretty much through the bottom of the shoe and tickle the underside of my foot! So another purchase that needed to be made – thankfully though Power running shoes aren’t exactly the most expensive on the shelves! :)

Sigh, not monetary this one, but probably the most depressing of them all, my weight completely exploded over the two and a bit weeks that I was on holiday, completely knocking off all the gains I had finally started to make and putting me well, well back behind step 1 even. Sigh, definitely not very happy about that one!

Linked to this is the next negative little thing to hit, namely my knees. I played one morning of badminton at the Church with the folks and friends during my break, and all of a sudden my knees can’t recover and I’m struggling with them each time I sit down or get up now. Sigh, not cool, not cool.

Now for pretty much the biggest negative wave to hit us at the start of the year – in short, Chantelle’s eyes are pretty much buggered. We’ve gotten two opinions now from two different optometrists, but the diagnosis is the same. Her eyes which are a lot poorer than mine and also suffer from astigmatism, are now rejecting contact lenses and the blood vessels that are growing into her eye to try and increase oxygen flow are overtaking everything. With the rapidly deteriorating sight combined with her already poor eyesight makes spectacle wear cumbersome and not really practical, and with contact lenses out of the picture, both optometrists suggest we start speaking to people regarding Lasik surgery to try and correct the problem.

And that as we all know, that costs pretty much over the R20,000 mark, and is NOT covered by medical aid, so will have to come out of our funds somehow.

So I guess it is just as well that the guy hasn’t been available yet to come around and take my bonus money so that he can redo our kitchen cupboards such that we can finally have bought a dishwasher for the house. Oh well, such is life.

Sigh, surely these are far too many little negative niggles to start the year off with? O.o

How to Remove the Google Search Results Redirect Virus using Kapersky Lab’s TDSSKiller Rootkit Remover CodeUnit 09 JAN 2012

I picked up a nasty virus infection on my main work development PC, running Windows Vista Business. I don’t know where or how it got picked up, but in all likelihood it was from a poisoned web page running some nasty Javascript payload that got in past a lax Microsoft Security Essentials.

I noticed something amiss when all Google Image Search results stopped scrolling past page one of its ajax-loaded image results listing – across ALL my browsers! Then I began to notice that every now and then when I clicked on a Google search result, I would be automatically redirected to some or other advert site (like Groupon for example), instead of the search result on which I had clicked! And to top it all off, all of a sudden my machine became a lot more non-responsive than what it used to be, plus I was struggling to download and install certain Windows updates!

Something was definitely up in other words!

Scans from Microsoft Security Essentials and AVG turned up nothing, meaning I had to turn to Google with little more than the search term “google search results redirect virus” to go on.

Luckily for me, this was more than enough.

After a fair bit of research, I learned that the most likely culprit was a rootkit infection and to that extent I would need to try and sort it out using a different set of tools from what I had currently been making use of.

The most visible rootkit killers available to me was GMER and Kaspersky Lab’s TDSSKiller, but seeing as TDSSKiller worked for me first time around, I can’t really comment on GMER effectiveness.

At the start of the clean up process I quickly learned that another little nasty trick the rootkit had pulled was to remove the Safe Mode boot option from the system, preventing me from thus loading Windows without loading the troublesome rootkit along with it. Also, it automatically killed any attempts to run TDSSKiller (or GMER for that matter!) from a normal Windows login, highly annoying as you can well imagine!

Luckily Kaspersky is aware of this problem and have released via their support forum a cleaned version of TDSSKiller which doesn’t identify itself and thus blocks the rootkit from stopping it from loading up in the first place! (Again, thank you Google Search)

You can download the modified TDSSKiller from: http://forum.kaspersky.com/index.php?showtopic=212719 (Note, you’ll have to register in order to grab the download)

From there it is a simple matter of extracting and launching the tiny application and running a scan. In my case the tool quickly uncovered a Rootkit.Boot.SST infection which I promptly deleted. A quick reboot and the machine now appears to be running fine again.

Just to be safe though, I did run a couple of additional scans with the latest TDSSKiller, GMER, Microsoft Security Essentials and Malwarebytes Anti-Malware, all of which turned up nothing.

So for now, I reckon I can safely say, “Done”. Stupid annoying virus writers… :(

(Oh, and another tip for if you can’t get either TDSSKiller or GMER to run, RootRepeal gets a nice little picture tutorial via http://en.kioskea.net/faq/18862-rootkit-boot-sst . Useful.)