Oh, God-- What To Do Now?

Perhaps I've said it before: I really hate Windows XP. I only use
because it came with my Dell D610 laptop which I bought cheap. What I
really HATE about XP is it's antivirus feature which occasionally
kicks in to make my life a living hell.

A week ago, something set it off and I kept getting a message about XP
Antivirus Program 2011; that I *needed* this program to get rid of
what it said was 12 infections. Maybe yes, maybe no-- but this message
became malware in itself because I could not get rid of it and it
literally held my laptop hostage until I paid nearly $60 and bought
the damn program! Once a number was keyed in, the program "cleaned" my
system and finally went a way, to lurk in the background like some
Mafia thug waiting to extort me again. I'm not kidding here.

When I tried to use my laptop, not one single program would work
except for the two M$oft programs, IE8 and Outlook express; everything
else I could click on until the cows came home and nothing would
happen-- except that damn AV program might pop up again. Oh yeah,
*that* worked too. But 95% of my programs didn't.

I had a vaguely similar problem before and went into safe mode, to see
what I could do. I couldn't do anything. Everything I tried resulted
in an almost total lockout to my programs. I even tried making new
accounts-- eight of them. Most of them would have the same problem:
the non-Microsoft programs wouldn't work, and the AV program would pop
up although it claimed there were no more infections.

I have been working at this for nearly a week, and now after the 9th
account, I finally got one that worked right. I came to within a hair
of doing a root canal and totally getting rid of WP and installing
something reliable like Windows 2K. But I had already spen $60 for the
Av program and I can't afford to bleed money for this stupid laptop. I
have no doubt that sooner or later, this kind of problem is going to
re-occur as long as it seems to be no way to truly get rid of the AV
program and the part of XP that controls it. I can't keep going
through accounts as this wates a lot of time and by accident, I
already lost a lot of my precious files when I deleted a "corrupt"
account. Does anyone know what to do about a problem like this. If so,
help!

Ron

 

On 4/16/2011 6:57 PM, Ron wrote:
> XP
> Antivirus Program 2011
You have a virus nothing to do with xp; see here.
http://www.spywareremove.com/removeXPAntiVirus2011.html

 

On Apr 16, 4:22 pm, Pen <> wrote:
> On 4/16/2011 6:57 PM, Ron wrote:>  XP
> > Antivirus Program 2011
>
> You have a virus nothing to do with xp; see here.http://www.spywareremove..com/removeXPAntiVirus2011.html

I've been a fan of Windows NT and to a lesser extent, Windows 2K; that
kind of crap couldn't happen on either of those two systems. They
happen on XP because the OS doesn't really give you the freedom of
choice to use whatever kind of firewall and Av programs you want to
use: it only recognizes certain programs or even just the one AV
program. Who designed such a totally deranged OS?

If I could, I would go back to Win2k in a heartbeat. Unfortunately, my
copy requires a disk drive to load in parts of Win2k and this laptop
has only a DVD/CD to load programs. Win2k was never all that cheap to
begin with, and it's more costly now than it ever was before, so I sem
to be stuck with XP but I don't like it. I'm not sure I would have
gotten the laptop from Amazon if I had known that XP was its operating
system.

But back to the matter at hand, that article doesn't say what to do
when your computer has been hijacked an you can run *any* other
program to even find the culprit at work or to get rid of it.We are
talking about total lock-down.

Ron

_____________
"People make mistakes. But it takes a computer to sriously **** up."

-- Anonymous --

 

In article <>,
Ron <> wrote:
>On Apr 16, 4:22 pm, Pen <> wrote:
>> On 4/16/2011 6:57 PM, Ron wrote:>  XP
>> > Antivirus Program 2011
>>
>> You have a virus nothing to do with xp; see
>here.http://www.spywareremove.com/removeXPAntiVirus2011.html
>
>I've been a fan of Windows NT and to a lesser extent, Windows 2K; that
>kind of crap couldn't happen on either of those two systems. They
>happen on XP because the OS doesn't really give you the freedom of
>choice to use whatever kind of firewall and Av programs you want to
>use: it only recognizes certain programs or even just the one AV
>program. Who designed such a totally deranged OS?
>
>If I could, I would go back to Win2k in a heartbeat. Unfortunately, my
>copy requires a disk drive to load in parts of Win2k and this laptop
>has only a DVD/CD to load programs. Win2k was never all that cheap to
>begin with, and it's more costly now than it ever was before, so I sem
>to be stuck with XP but I don't like it. I'm not sure I would have
>gotten the laptop from Amazon if I had known that XP was its operating
>system.
>
>But back to the matter at hand, that article doesn't say what to do
>when your computer has been hijacked an you can run *any* other
>program to even find the culprit at work or to get rid of it.We are
>talking about total lock-down.

This is a fake antivirus. Among other things, it intercepts the handler
for .exe files and directs the requests to itself ... so any time you try
to run any program it executes the malware instead.

You need to terminate the process from Task Manager. You can then start
CMD.EXE by choosing FILE --> NEW TASK and ctrl-clicking on RUN. From
there, import the "exe file association fix" from the web site of your
choice and run your REAL antivirus to remove the malware. It typically
lives in the NETWORK SERVICE local settings folder.

 

On Sat, 16 Apr 2011 15:57:33 -0700 (PDT), Ron <>
wrote:

>Perhaps I've said it before: I really hate Windows XP. I only use
>because it came with my Dell D610 laptop which I bought cheap. What I
>really HATE about XP is it's antivirus feature which occasionally
>kicks in to make my life a living hell.

You got scammed, and you're trying to blame the OS?
That's pretty sad. Typically, it is something you did to
allow it to happen:

http://en.wikipedia.org/wiki/Rogue_security_software

http://www.howtogeek.com/howto/8693...s-live-and-other-roguefake-antivirus-malware/

BJ
--
I have nothing important to say...

 

On Apr 16, 7:51 pm, Ron <> wrote:
> On Apr 16, 4:22 pm, Pen <> wrote:
>
> > On 4/16/2011 6:57 PM, Ron wrote:>  XP
> > > Antivirus Program 2011
>
> > You have a virus nothing to do with xp; see here.http://www.spywareremove.com/removeXPAntiVirus2011.html
>
> I've been a fan of Windows NT and to a lesser extent, Windows 2K; that
> kind of crap couldn't happen on either of those two systems. They
> happen on XP because the OS doesn't really give you the freedom of
> choice to use whatever kind of firewall and Av programs you want to
> use: it only recognizes certain programs or even just the one AV
> program. Who designed such a totally deranged OS?
>
> If I could, I would go back to Win2k in a heartbeat. Unfortunately, my
> copy requires a disk drive to load in parts of Win2k and this laptop
> has only a DVD/CD to load programs. Win2k was never all that cheap to
> begin with, and it's more costly now than it ever was before, so I sem
> to be stuck with XP but I don't like it.  I'm not sure I would have
> gotten the laptop from Amazon if I had known that XP was its operating
> system.
>
> But back to the matter at hand, that article doesn't say what to do
> when your computer has been hijacked an you can run *any* other
> program to even find the culprit at work or to get rid of it.We are
> talking about total lock-down.
>
> Ron
>
> _____________
> "People make mistakes. But it takes a computer to sriously **** up."
>
> -- Anonymous --

To most, XP was/is the best OS made by MS (and it is based on NT).

 

On 4/16/2011 5:57 PM, Ron wrote:
> Perhaps I've said it before: I really hate Windows XP. I only use
> because it came with my Dell D610 laptop which I bought cheap. What I
> really HATE about XP is it's antivirus feature which occasionally
> kicks in to make my life a living hell.
>
> A week ago, something set it off and I kept getting a message about XP
> Antivirus Program 2011; that I *needed* this program to get rid of
> what it said was 12 infections. Maybe yes, maybe no-- but this message
> became malware in itself because I could not get rid of it and it
> literally held my laptop hostage until I paid nearly $60 and bought
> the damn program! Once a number was keyed in, the program "cleaned" my
> system and finally went a way, to lurk in the background like some
> Mafia thug waiting to extort me again. I'm not kidding here.

Sorry to say, you got scammed. You picked up a trojan virus which
pretended it was an antivirus program, and you got tricked into paying
an unknown party $60.

No offense, but I find it curious that you are computer savvy enough
to access USENET, but not savvy enough to recognize the fairly obvious
signs that you were being presented with a virus, not a legitimate
program. You should read up on basic security. Again, no offense.
Trying to help you out so this doesn't happen to you again.

There are NO legitimate antivirus programs out there that will charge
you to scan and clean your system. Either they won't monitor your
system at all, or they will not update the virus definitions. Again,
any antivirus that scans your system but insists on a payment to clean
is NOT legitimate.

Since you created so many accounts, all of which you let be infected
with this virus, you REALLY should wipe the entire hard drive and
reinstall Windows.

And, since it sounds like you weren't actually running any antivirus
software in the first place, I suggest you download one of the free
programs out there... Avast, AVG, etc. Also, download some anti
malware software... Superantispyware for example.

 

On Apr 17, 2:26 am, BJ <> wrote:
> On Sat, 16 Apr 2011 15:57:33 -0700 (PDT), Ron <>
> wrote:
>
> >Perhaps I've said it before: I really hate Windows XP. I only use
> >because it came with my Dell D610 laptop which I bought cheap. What I
> >really HATE about XP is it's antivirus feature which occasionally
> >kicks in to make my life a living hell.
>
> You got scammed, and you're trying to blame the OS?
> That's pretty sad.  Typically, it is something you did to
> allow it to happen:
>
> http://en.wikipedia.org/wiki/Rogue_security_software
>
> http://www.howtogeek.com/howto/8693/how-to-remove-antivirus-live-and-...
>
> BJ
> --
> I have nothing important to say...

The OS *made* it possible, dude. Funny how this virus only runs on
XP... Becasuse none of the past systems-- and especially a good one
like NT-- would rely on a certain AV or firewall program only. The
people who made this rogue program relied on and took advantage of a
stupid design flaw in XP. Yeah, I blame the OS and all th morons who
made it!

Ron

 

>
> To most, XP was/is the best OS made by MS (and it is based on NT).- Hide quoted text -
>

Based on NT the same way a 747 was based on the first Wright brother's
plane. There is nothing left of NT's security or structual integrity.
Windows 2k is a whole lot closer to NT and a much better program when
it comes to both stability and security. XP may have more cutesie
bells and whistles, but you pay for that dearly. But if it makes you
happy, go for it; I still think it's crap.

Ron

 

On 4/17/2011 8:22 PM, Ron wrote:
> On Apr 17, 2:26 am, BJ <> wrote:
>> On Sat, 16 Apr 2011 15:57:33 -0700 (PDT), Ron <>
>> wrote:
>>
>>> Perhaps I've said it before: I really hate Windows XP. I only use
>>> because it came with my Dell D610 laptop which I bought cheap. What I
>>> really HATE about XP is it's antivirus feature which occasionally
>>> kicks in to make my life a living hell.
>>
>> You got scammed, and you're trying to blame the OS?
>> That's pretty sad. Typically, it is something you did to
>> allow it to happen:
>>
>> http://en.wikipedia.org/wiki/Rogue_security_software
>>
>> http://www.howtogeek.com/howto/8693/how-to-remove-antivirus-live-and-...
>>
>> BJ
>> --
>> I have nothing important to say...
>
> The OS *made* it possible, dude. Funny how this virus only runs on
> XP... Becasuse none of the past systems-- and especially a good one
> like NT-- would rely on a certain AV or firewall program only. The
> people who made this rogue program relied on and took advantage of a
> stupid design flaw in XP. Yeah, I blame the OS and all th morons who
> made it!
>
> Ron
>
If you had read the link I sent you, you would have found
out the virus changes its name depending the system it is
on. It is NOT only on XP and your whining won't make it so.

 

On Apr 17, 8:14 am, "Ryan P." <> wrote:
> On 4/16/2011 5:57 PM, Ron wrote:
>
> > Perhaps I've said it before: I really hate Windows XP. I only use
> > because it came with my Dell D610 laptop which I bought cheap. What I
> > really HATE about XP is it's antivirus feature which occasionally
> > kicks in to make my life a living hell.
>
> > A week ago, something set it off and I kept getting a message about XP
> > Antivirus Program 2011; that I *needed* this program to get rid of
> > what it said was 12 infections. Maybe yes, maybe no-- but this message
> > became malware in itself because I could not get rid of it and it
> > literally held my laptop hostage until I paid nearly $60 and bought
> > the damn program! Once a number was keyed in, the program "cleaned" my
> > system and finally went a way, to lurk in the background like some
> > Mafia thug waiting to extort me again. I'm not kidding here.
>
>   Sorry to say, you got scammed.  You picked up a trojan virus which
> pretended it was an antivirus program, and you got tricked into paying
> an unknown party $60.
>
>   No offense, but I find it curious that you are computer savvy enough
> to access USENET, but not savvy enough to recognize the fairly obvious
> signs that you were being presented with a virus, not a legitimate
> program.  You should read up on basic security.  Again, no offense.
> Trying to help you out so this doesn't happen to you again.
>
>   There are NO legitimate antivirus programs out there that will charge
> you to scan and clean your system.  Either they won't monitor your
> system at all, or they will not update the virus definitions.  Again,
> any antivirus that scans your system but insists on a payment to clean
> is NOT legitimate.


Golly, gee; I kinda figured that out.

However, I sat for over a week trying to find a way out of a bad
situation, and for reasons unknown, I couldn't even post to Google
Groups for a couple of days. My system was totally locked up and my
number of options could be counted on one finger--

So since you are obviously much more informed than poor stupid me,
what would *you* do when absolutely NOTHING else worked? I'd like to
know.


>   And, since it sounds like you weren't actually running any antivirus
> software in the first place, I suggest you download one of the free
> programs out there...  Avast, AVG, etc.  Also, download some anti
> malware software...  Superantispyware for example.

You don't get it, do you? I have anti-virus programs. I USE anti-virus
programs. But NOTHING will run when the system is totally locked up.

Note that I said NOTHING in big large letters.... My only regret is
that they weren't flamng letters just to be totally clear about this.

If you ever find yourself in such a situation you might be a little
less smug.

Ron

 

Somewhere on teh intarwebs Ron wrote:
> On Apr 17, 2:26 am, BJ <> wrote:
>> On Sat, 16 Apr 2011 15:57:33 -0700 (PDT), Ron <>
>> wrote:
>>
>>> Perhaps I've said it before: I really hate Windows XP. I only use
>>> because it came with my Dell D610 laptop which I bought cheap. What
>>> I really HATE about XP is it's antivirus feature which occasionally
>>> kicks in to make my life a living hell.
>>
>> You got scammed, and you're trying to blame the OS?
>> That's pretty sad. Typically, it is something you did to
>> allow it to happen:
>>
>> http://en.wikipedia.org/wiki/Rogue_security_software
>>
>> http://www.howtogeek.com/howto/8693/how-to-remove-antivirus-live-and-...
>>
>> BJ
>> --
>> I have nothing important to say...
>
> The OS *made* it possible, dude. Funny how this virus only runs on
> XP... Becasuse none of the past systems-- and especially a good one
> like NT-- would rely on a certain AV or firewall program only. The
> people who made this rogue program relied on and took advantage of a
> stupid design flaw in XP. Yeah, I blame the OS and all th morons who
> made it!

Pull yer head in Ron! You can run any of about a dozen or more AV programmes
on XP just fine. Your ignorance is what got you into this mess and it's
stopping anyone from helping you...... Unless you're a troll?
--
Shaun.

"He who fights with monsters might take care lest he thereby become a
monster. And if you gaze for long into an abyss, the abyss gazes also
into you." Friedrich Wilhelm Nietzsche

 

On Mon, 18 Apr 2011 21:05:07 +1200, "~misfit~"
<> wrote:

>Somewhere on teh intarwebs Ron wrote:
>> On Apr 17, 2:26 am, BJ <> wrote:
>>> On Sat, 16 Apr 2011 15:57:33 -0700 (PDT), Ron <>
>>> wrote:
>>>
>>>> Perhaps I've said it before: I really hate Windows XP. I only use
>>>> because it came with my Dell D610 laptop which I bought cheap. What
>>>> I really HATE about XP is it's antivirus feature which occasionally
>>>> kicks in to make my life a living hell.
>>>
>>> You got scammed, and you're trying to blame the OS?
>>> That's pretty sad. Typically, it is something you did to
>>> allow it to happen:
>>>
>>> http://en.wikipedia.org/wiki/Rogue_security_software
>>>
>>> http://www.howtogeek.com/howto/8693/how-to-remove-antivirus-live-and-...
>>>
>>> BJ
>>> --
>>> I have nothing important to say...
>>
>> The OS *made* it possible, dude. Funny how this virus only runs on
>> XP... Becasuse none of the past systems-- and especially a good one
>> like NT-- would rely on a certain AV or firewall program only. The
>> people who made this rogue program relied on and took advantage of a
>> stupid design flaw in XP. Yeah, I blame the OS and all th morons who
>> made it!
>
>Pull yer head in Ron! You can run any of about a dozen or more AV programmes
>on XP just fine. Your ignorance is what got you into this mess and it's
>stopping anyone from helping you...... Unless you're a troll?


Give it up guys...

Ron is either a troll, or simply and ignorant Ass. Neither deserves
any more help.

 

On 4/17/2011 7:57 PM, Ron wrote:

> If you ever find yourself in such a situation you might be a little
> less smug.

I've been in the situation. I've had to reinstall Windows due to a
virus/malware that wouldn't go away (or that I didn't trust was truly gone).

Here's a tip for you in the future... Obtain a bootable CD image from
some place you trust with an antivirus program on it. If you ever get
locked out from running software again on your hard drive, you can run
the antivirus software from DVD.

 

responding to
http://www.1-script.com/forums/Oh-God-What-To-Do-Now-article53768--25.htm
schotty456 wrote:
There is a relatively easy fix for this problem... I run a computer repair
business, and problems like this are one of the most common things that I
run into... Follow the steps below, and I assure you that you will be
right back to enjoying your functional computer in no time at all. If you
have any questions, feel free to email me at

1-Google the name of the Fake antivirus program that is popping up on your
system and figure out what the Process Name is.

2-Open up the task manager (Ctrl+Alt+Del) and go to the processes tab,
find the name of the process from step 1, right click it, click "kill
process tree".

3-Download and install the Free version of AVG, www.free.avg.com

4-Update the virus database and run AVG, and get rid of all the infections
that it finds.

5-Clean up the mess of user accounts that you created... Don't
accidentally delete any more of your files.

6-Restart your computer, and Run AVG again, just to be sure.

7-Set up AVG to run automatically once a week, at a time that you never
use your computer.

8-Set up your power settings so that your computer doesn't go to sleep or
shut down when you leave it on.

9-Leave your computer turned at the time you set for AVG to do it's weekly
inspection.

10-Enjoy your wonderful and error free WinXP machine!

~Schotty

 

On Apr 19, 10:29 am, (schotty456)
wrote:
> responding tohttp://www.1-script.com/forums/Oh-God-What-To-Do-Now-article53768--25...schotty456 wrote:
>
> There is a relatively easy fix for this problem... I run a computer repair
> business, and problems like this are one of the most common things that I
> run into... Follow the steps below, and I assure you that you will be
> right back to enjoying your functional computer in no time at all. If you
> have any questions, feel free to email me at
>
> 1-Google the name of the Fake antivirus program that is popping up on your
> system and figure out what the Process Name is.
>
> 2-Open up the task manager (Ctrl+Alt+Del) and go to the processes tab,
> find the name of the process from step 1, right click it, click "kill
> process tree".
>
> 3-Download and install the Free version of AVG,www.free.avg.com
>
> 4-Update the virus database and run AVG, and get rid of all the infections
> that it finds.
>
> 5-Clean up the mess of user accounts that you created... Don't
> accidentally delete any more of your files.
>
> 6-Restart your computer, and Run AVG again, just to be sure.
>
> 7-Set up AVG to run automatically once a week, at a time that you never
> use your computer.
>
> 8-Set up your power settings so that your computer doesn't go to sleep or
> shut down when you leave it on.
>
> 9-Leave your computer turned at the time you set for AVG to do it's weekly
> inspection.
>
> 10-Enjoy your wonderful and error free WinXP machine!
>
> ~Schotty

Good advice. If your business is "Schotty Repair"...I would change it!
JK

 

In
news:,
Ron wrote:
> On Apr 17, 8:14 am, "Ryan P." <> wrote:
>> On 4/16/2011 5:57 PM, Ron wrote:
>>
>>> Perhaps I've said it before: I really hate Windows XP. I only use
>>> because it came with my Dell D610 laptop which I bought cheap. What
>>> I really HATE about XP is it's antivirus feature which occasionally
>>> kicks in to make my life a living hell.
>>
>>> A week ago, something set it off and I kept getting a message about
>>> XP Antivirus Program 2011; that I *needed* this program to get rid
>>> of what it said was 12 infections. Maybe yes, maybe no-- but this
>>> message became malware in itself because I could not get rid of it
>>> and it literally held my laptop hostage until I paid nearly $60 and
>>> bought the damn program! Once a number was keyed in, the program
>>> "cleaned" my system and finally went a way, to lurk in the
>>> background like some Mafia thug waiting to extort me again. I'm not
>>> kidding here.
>>
>> Sorry to say, you got scammed. You picked up a trojan virus which
>> pretended it was an antivirus program, and you got tricked into
>> paying an unknown party $60.
>>
>> No offense, but I find it curious that you are computer savvy enough
>> to access USENET, but not savvy enough to recognize the fairly
>> obvious signs that you were being presented with a virus, not a
>> legitimate program. You should read up on basic security. Again, no
>> offense. Trying to help you out so this doesn't happen to you again.
>>
>> There are NO legitimate antivirus programs out there that will charge
>> you to scan and clean your system. Either they won't monitor your
>> system at all, or they will not update the virus definitions. Again,
>> any antivirus that scans your system but insists on a payment to
>> clean is NOT legitimate.
>
>
> Golly, gee; I kinda figured that out.
>
> However, I sat for over a week trying to find a way out of a bad
> situation, and for reasons unknown, I couldn't even post to Google
> Groups for a couple of days. My system was totally locked up and my
> number of options could be counted on one finger--
>
> So since you are obviously much more informed than poor stupid me,
> what would *you* do when absolutely NOTHING else worked? I'd like to
> know.
>
>
>> And, since it sounds like you weren't actually running any antivirus
>> software in the first place, I suggest you download one of the free
>> programs out there... Avast, AVG, etc. Also, download some anti
>> malware software... Superantispyware for example.
>
> You don't get it, do you? I have anti-virus programs. I USE anti-virus
> programs. But NOTHING will run when the system is totally locked up.
>
> Note that I said NOTHING in big large letters.... My only regret is
> that they weren't flamng letters just to be totally clear about this.
>
> If you ever find yourself in such a situation you might be a little
> less smug.

Hi Ron! I don't know how you paid that 60 bucks by, but if it was by
credit card, I would call the credit card company and tell them what
happened if it isn't too late.

And once a computer is badly compromised, it is best to pull the hard
drive out and scan it with a clean computer. My nephew brought over his
laptop for me to work on. And that is how I removed 18 rootkits that was
on his computer.

Some people say once a computer has been badly compromised, you would be
much safer to wipe everything clean and reinstall all over again. And
while it is more work, it would be the safest approach.

And just to let you know where I am coming from, I've been using Windows
since '93. And so far I haven't got one single virus yet (knock on
wood).

--
Bill
Gateway M465e ('06 era) - OE-QuoteFix v1.19.2
Centrino Core Duo 1.83G - 2GB - Windows XP SP3

 

In article <>,
Ron <> wrote:
>
>The OS *made* it possible, dude. Funny how this virus only runs on
>XP... Becasuse none of the past systems-- and especially a good one
>like NT-- would rely on a certain AV or firewall program only. The
>people who made this rogue program relied on and took advantage of a

I think you're pretty far off base here. First of all, XP doesn't
require any particular firewall or AV program. Second of all, why do you
think NT or 2000 were any more (or less) secure than XP? Is it that NT and
2000 tended to be run in corporate situations where much of the environment
could be controlled centrally? You can lock down XP, too: check out the
NIST or DISA STIGs. Technically XP is MUCH more secure because it's patched
against well-known exploits but 2K isn't supported any more.

>stupid design flaw in XP.

Other than forcing everyone to run as administrator what flaws are
you thinking about?

Well, that and making the GUI effectively part of the kernel...

And that bogus cooperative multitasking crap... But anyway...

 

In article <>,
Ron <> wrote:
>
>what would *you* do when absolutely NOTHING else worked? I'd like to
>know.

Formatted the drive and restored from yesterday's backup.

 

In article <b2b2a$4dadaa3d$cf3aab60$>,
schotty456 <> wrote:
>
>problems like this are one of the most common things that I
>run into... Follow the steps below, and I assure you that you will be

IMHO you can't trust a single file, especially executable programs,
after such an incident. You can choose to trust certain data files if the
cost of restoring known good copies is too high (it shouldn't be. This is
why Ghu, the great, invented incremental backups) but you cannot "clean" the
compromised OS installation. Remove it and start from known good copies, or
you may find savings account withdrawls from ATM's in Kazhikistan on your
statements.