|
Phobophilia posted:I'm pretty late to the thread. I've been using AVGfree and MBAM together, is that okay? AVG is also extremely resource intensive compared to others, especially MSE. It will bring an older machine to it's knees. From my experience it doesn't protect any better. quote:Came across another one of those drat Google redirect virus. Is it redirecting you to NewsFudge? I've had 2 machines on the bench this week with this virus. Your hosts file is most likely modified. Try combofix.
|
| # ¿ Jun 12, 2012 22:26 |
|
|
|
| # ¿ May 21, 2013 06:02 |
|
|
I reinstalled Win 7 3 months ago onto my new SSD and never installed Java. I haven't ran into a single site or application that absolutely required it. Uninstall it, you'll be fine. It's a security hole the size of Texas, and every infected-to-hell machine I have to work on has Java on it, because I see that goddamn orange icon in the taskbar telling me it needs to be updated. I saw someone on the last page had problems getting TDSSkiller to run. Try renaming the TDSS executable.
|
| # ¿ Aug 30, 2012 13:08 |
|
|
Hex Darkstar posted:Doesn't work, I tried & usually do try that or changing the extension to another executable type but whatever method that SST uses to detect and terminate TDSSKiller & aswMBR is really solid at blocking them from running despite name, location, user executed as etc... drat, sounds like they are getting pretty smart about blocking AV tools. Have you tried a Kaspersky cd? I've been having good luck lately removing the nastiest of the nasties using their rescue disk.
|
| # ¿ Aug 30, 2012 18:23 |
|
|
Forgive me if this virus has been discussed ad nauseum, but this one is new to me. One of our clients calls up and says there are porn.exe files all over the server shares and that every directory on there has an .exe on it. Despite my desires to keep the virus contained at the client, my boss had me go pick up an infected workstation and bring it in to the shop. No biggie, as long as someone else doesn't connect it to the network when I'm not here, despite my warnings (they will). Anywho, I get it back here and stick a flash drive in it. The virus instantly changed my folder names to .exe extensions and sexy.exe, porn.exe, and x.mp4 files suddenly appeared. Neat! After a little investigating, it turns out the virus simply copies the existing files, changes their file names, and hides the original files. It probably attaches the hook to every file so that unsuspecting users double click the new .exes and the hook is reinstalled. Not terribly sophisticated. However, since so many files on the server have been altered, I am concerned about 1. data loss and 2. reinfection. Wiping the workstations is only an option if I feel like spending the 12 hours per computer installing iTunes, spotify, toolbars, printers, etc, basically making it exactly like it was before (they are clients, I am not their boss. Otherwise I would wipe with extreme prejudice). Anyone fought this thing before? Any tips?
|
| # ¿ Apr 29, 2013 20:59 |
|
