|
Luck of the draw I guess, but this morning I got hit with malware or something on my windows xp64 workstation for the first time ever [first time since 95 when I switched to windows]. I guess I was overdue at one point but I never use email on my machine or click on stupid bullshit. I'm currently using avast! 4.8 and it usually catches things once in awhile but this morning was different. Avast started freaking out about malware, and the next thing I know, windows firewall crashes, and IE fires up right away and starts shooting up pages and pages of banner ads. I swear, I'd be laughing my rear end off if it wasn't happening to me. It was just so sudden and random. I turned off my machine and left it for the evening when I could look at it but honestly I'm scratching my head here. I tried to get avast to run in safe mode, but because I run a high resolution desktop, the avast scan window opens off screen and I wind up having to switch to normal boot in order run it. I'm currently running the scanner now and it did find a few things [Its still scanning I can't bring up a verbose list] but most seen to be gen.exe or some form of trojan that's sitting on a old backup drive with files dating back years. I created a new profile [one with admin and one plain user account] and noticed it just happened again. I'm 83% on my current scan, and just a minute ago I get IE trying to open, but its asking me if I want to make it the default explorer first [since it was never run on this profile], I killed it in the task manger. Is avast crap? Or is it because I'm running the 64bit version and won't pick up things running under 32bit? And is there a way for me just to ensure IE will never ever run? I'm trying to figure out if I'm getting hit by something coming in over the network or something thats running as a service. /edit Avast just blocked something online called antivirusscanneronline but it closed before I could hit edit.. it's still scanning and I can't bring up a log file yet until it's done scanning .. sigh. I'm checking my hosts file and system32 folder to see if theres anything afoot there. /edit #2 downloading process explorer Last time I had to troubleshoot viruses was boot sector amiga poo poo back in the old days. Oh Saddam virus, so funny and topical back in 1991. Big K of Justice fucked around with this message at 07:16 on Jan 1, 2009 |
# ¿ Jan 1, 2009 06:44 |
|
|
# ¿ Apr 20, 2024 02:17 |
|
I'll do that tonight, I"m guessing its sitting somewhere in 32bit space since it seems to want to run IE 32. Avast scanner picked up 3 or 4 items, but on very old files. It couldn't scan a bunch of jpegs but that was it.
|
# ¿ Jan 1, 2009 16:17 |
|
Thinks for the super anti spyware recommendation. I found the malware that was causing IE to go bonkers at random: Adware-Prun via PRUNNET.EXE in my system folders.. It's the only thing that was picked up and the time stamp on the files seem to be around 2-3 days ago, right when my firewall crashed. I'm still trying to figure out how I got it, my guess an MSN/messanger exploit or something else. Adware really really doesn't dig it when you change the home url default for IE, which I think how it works. SuperAntiSpyware seems to play nice with Avast 64, so I'm ordering the commercial versions for the extra features.
|
# ¿ Jan 2, 2009 16:00 |
|
ab0z posted:I didn't say that I DON'T run antivirus software, or that you should recommend people to do so. I never had a virus since 1991 on an Amiga. Until last week when, out of the blue, via no prompt or action on my own, avast flips out with 2-3 error messsages, crashes, followed by the firewall crashing and IE launching and firing up all sorts of ads. Common sense can only help so much, what happens if some joker uses a jpeg exploit and hotlinks it to a thread?
|
# ¿ Jan 3, 2009 11:02 |