|
hyperborean posted:Actually, this just showed up on my brother's computer. What's the best tool suite for knocking this out?
|
# ¿ Dec 24, 2008 03:43 |
|
|
# ¿ Apr 25, 2024 15:25 |
|
FloorMatt posted:Superantispyware will probably take care of it. Thanks. On top of that, AVG is barfing alerts (he said he never thought it was important) he's got popups every 30 seconds, Firefox won't start, and he hasn't had automatic updates turned on since 2006. I hope I can get rid of this poo poo
|
# ¿ Dec 24, 2008 04:28 |
|
FloorMatt posted:Uninstall AVG and install Avira AntiVir. It's free and much better than AVG. I think that'll be the first thing I do after I get rid of the 235 viruses/trojans/shitwares SuperAntispyware found
|
# ¿ Dec 24, 2008 04:52 |
|
Are there any new viruses that can cause fake MCE BSODs in XP? My computer threw one earlier, but my system event log is clean and there's no memory file in my Windows folder. I have AVG scanning every morning, and it hasn't spotted anything outside of about the evils of tracking cookies. No, it's not Antivirus XP 2008.
|
# ¿ Jan 5, 2009 05:49 |
|
Cojawfee posted:I don't think people really go for infecting files anymore. It's mostly just install something, and try to get some money. If you're really clever, you'll encrypt their files and try to get money like the Russian extortion virus.
|
# ¿ Jan 7, 2009 18:48 |
|
Well, my brother's computer once again has caught the super-AIDS. It's got some new bastard version of Spyware Guard 2009 that won't let any antivirus programs run. SuperAntiSpyware just crashes, Malwarebytes spits up runtime errors, and I can't download any others because it redirects most common antivirus sites to 127.0.0.1. So I rebooted into safe mode and tried to run Malwarebytes. It scanned, the computer rebooted, and now it just sits at a black screen on startup. Safe mode with networking does the same thing, but regular safe mode still works. This is going to be a long day.
|
# ¿ Feb 8, 2009 20:18 |
|
deviant. posted:Format and reinstall. gently caress him if he can't be responsible. Well, after he broke that computer, he went to my mom's computer and did the same thing, so I kind of have to figure out how to fix it.
|
# ¿ Feb 8, 2009 21:23 |
|
Orange Juilius posted:There is a really good breakdown of Conficker up @ Somehow I'm not surprised hearing Conficker and Antivirus XP 2009 may have been made by the same people.
|
# ¿ Mar 1, 2009 07:58 |
|
Neat, Conficker.C has some super secret payload nobody can figure out scheduled to go off April 1. Will it blow up the internet like Slammer? Will it spawn 5 million "BUY ANTIVIRUS XP 2010!" windows on everyone's computer? Will it turn my toaster's dial to 7?
|
# ¿ Mar 24, 2009 19:18 |
|
Midelne posted:Antivirus 2009 has a new feature. Hope you like talking to people who paid $50 to recover a "corrupted" (encrypted) file from their My Documents folder, because ransomware is back. According to the writeup a few pages ago, Conficker and Antivirus XP are probably made by the same group. At least they both call home to the same city in Latvia or something. Test run?
|
# ¿ Mar 26, 2009 14:05 |
|
ZoneAlarm using 82% of your CPU time might be trying to tell you something. Are you it's not actively blocking anything, or you're transmitting a buttload of packets to keyloggers.ru or something?
|
# ¿ Mar 31, 2009 06:37 |
|
amirite posted:Is this a surefire sign of a virus? Anyone encountered anything like this before? The next thing I do is going to be a scan obviously but I'm curious if anyone else has had experiences like this. It just kept repeating... I don't know any PC viruses that do that offhand, but virus writers have been doing things like that since the olden days. quote:Name: Chopin Virus.
|
# ¿ Apr 25, 2009 21:19 |
|
This afternoon my brother used my computer to print out something for his school. As soon as he plugged in his USB stick it was like giving my computer the clap via autorun. I thought I had autorun turned off, but it was set to only disable CD-ROM autoplay I immediately started getting those "YOUR COMPUTER IS INFECTED!!!" popups. Checked with GMER and yep, I ended up with some horrible rootkit (UAC.Fake) that SuperAntiSpyware and MalwareBytes could see but not remove. It also injected itself into every running executable at the time. Thankfully it didn't modify any of them, it just masqueraded as a device driver and injected itself into every running program so you couldn't take it down. It also didn't help that the rootkit would crash them and delete the executable halfway through the scan. I was afraid to use a USB stick on this computer so I ended up setting up a Samba share between my Gentoo computer and the PC. I figured out that if you kill explorer.exe, firefox.exe, and iexplore.exe on bootup the virus goes dead. Downloaded ComboFix on the Gentoo computer, (the rootkit ate the one I had, of course), copied it to the PC and ran it. An hour later, my computer worked again. What would I do without you ComboFix
|
# ¿ Sep 24, 2009 05:56 |
|
|
# ¿ Apr 25, 2024 15:25 |
|
It never ends. My mom was browsing Facebook in IE and clicked on one of those "YOU HAVE TO SEE THIS!!!! https://www.virus.com" links. She said she didn't open anything, but IE says that an SSL certificate is invalid when she tries to click on the Facebook settings page making me think it was a drive-by SSL certificate exploit or something. IE, of course, won't tell me which certificate is the invalid one. GMER came up clean. Her solution was to go in in Firefox and change her password because Firefox didn't prompt her saying the certificate was invalid. I'm afraid of a man-in-the-middle attack that hijacks her account, but I don't know much about IE SSL exploits. How do I figure out which SSL certificate is invalid? Delete them all?
|
# ¿ Sep 29, 2009 23:20 |