Need help for virus

Message boards : Number crunching : Need help for virus
Message board moderation

To post messages, you must log in.

Previous · 1 · 2

AuthorMessage
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 959338 - Posted: 29 Dec 2009, 19:06:10 UTC - in response to Message 959335.  

I ran into a similar virus or blackmail just yesterday which resulted in:
1) "Your computer is infected" desktop background.
2) Internet Security 2010 was the name of the application that offered to remove the scam.


By coincidence, my dad got the same exact trojan on the family PC (my father lives with me). Fortunately, the account he uses is a limited Windows XP User account so the virus could not infect the entire system. I was able to log on with my administrator account, search for the malware name on the internet and was able to remove the single file and the two references in the Registry in a matter of minutes. Just to be safe, I ran my eSet AV and it found and cleaned 6 more files.

Now he's back up an running without issue.
ID: 959338 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 65821
Credit: 55,293,173
RAC: 49
United States
Message 959352 - Posted: 29 Dec 2009, 20:26:31 UTC - in response to Message 959337.  

Glad You aren't Champ, Me I use Avast, No way some extortionware will get Me, I'm extremely well protected here, even wireless @ 108Mbps I'm protected(I don't use WEP, WPA2 full encryption and MAC addressing).
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 959352 · Report as offensive
Profile Geek@Play
Volunteer tester
Avatar

Send message
Joined: 31 Jul 01
Posts: 2467
Credit: 86,146,931
RAC: 0
United States
Message 959390 - Posted: 29 Dec 2009, 22:27:02 UTC

I spent Sunday aftenoon formating the hard disk and reinstalling Windows XP. Also had to reset the bios to default values as something there got changed by the trojan and the laptop would randomly shut down by itself.

Laptop then ran for 12 hours without shutting down and then I downloaded all the updates to XP. Problem solved.

Thanks to all for your help and suggestions!
Boinc....Boinc....Boinc....Boinc....
ID: 959390 · Report as offensive
Juhis

Send message
Joined: 25 Feb 02
Posts: 3
Credit: 808,134
RAC: 0
Finland
Message 959491 - Posted: 30 Dec 2009, 6:33:00 UTC

For the next time a couple of suggestions:

http://www.f-secure.com/en_US/security/security-lab/tools-and-services/online-scanner/

and even better: http://www.f-secure.com/en_US/support/business/free-tools-and-services/rescue-cd/

br
Juhis[/url]
ID: 959491 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20437
Credit: 7,508,002
RAC: 20
United Kingdom
Message 960975 - Posted: 5 Jan 2010, 20:05:36 UTC

More of a question is what you can trust?

If your system has been compromised, how do you know that you can 'clean' everything up? And how do you know that you won't be exploited again?...

My advice if you wish to stay on Windows is to backup your personal data onto external media, reformat your HDD and then reinstall a clean version of Windows, run whatever antivirus/antimalware you have on a copy of your backups, and run from there.

You can give yourself a better chance of surviving various web exploits by using one of the other web browsers rather than IE. There's various technical reasons (ineffective sandbox, ActiveX, ...) why IE is more vulnerable than other browsers.


Or try Linux, or perhaps a Mac. So far they suffer no viruses.

Good luck,
Martin

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 960975 · Report as offensive
Profile Kg
Avatar

Send message
Joined: 19 Aug 99
Posts: 4
Credit: 3,845,150
RAC: 0
United States
Message 961298 - Posted: 6 Jan 2010, 21:03:00 UTC - in response to Message 960975.  



Or try Linux, or perhaps a Mac. So far they suffer no viruses.



Well, very few virus' are out in the wild (as you say, "so far") for Linux, and ostensibly for Mac. Most of what is out in the wild has been patched against, and most of the still effective ones are more geared towards servers than desktop installations.

In addition, with most of the recent popular distros you have to be "intentionally stupid" in order for one of these virus' to be installed; i.e., running as superuser as a matter of course, or running applications that access the Internet with superuser permissions.

Of course, a properly set up, administered, and run Windows installation has just as sufficient security as any other OS. The problem is that, up until Vista, Windows fairly well defaulted to an unsecured installation. You had to set it up for security or be very careful what you clicked on or downloaded. Though I never had any particular problems with it, I've read that XP was the worst offender in this area.

Even with Vista, it is much too easy to override security, but at least the security measures are default instead of the other way around. It is always to one's advantage to leave these security procedures in place. When you run certain programs or install, just answer that you trust the action that is about to take place. What is so onerous about that? And it may save your bacon.

I generally run Linux, but I maintain Windows in a dual- (or multi-) boot installation for various software that I just can't find a replacement for (or run) under Linux. I currently have Ubuntu, Fedora, OpenSUSE, and Sabayon installed on this laptop, in addition to Vista installed on this computer. Ubuntu for day-to-day, and the others for evaluation.
73 from Glenn - KG5UC
ID: 961298 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20437
Credit: 7,508,002
RAC: 20
United Kingdom
Message 961526 - Posted: 7 Jan 2010, 13:47:29 UTC - in response to Message 961298.  
Last modified: 7 Jan 2010, 13:54:24 UTC

Or try Linux, or perhaps a Mac. So far they suffer no viruses.

... I've read that XP was the worst offender in this area.

That's when I swapped to a Linux desktop. My development system was then upgraded from Windows 3.11WfW -> Linux. Beautiful improvements in many ways and a beautiful breath of fresh air for development work. (I'd already converted a load of stuff to run on WinXP... :-( ... The convert and run proved to be much quicker on Linux.)

... I generally run Linux, but I maintain Windows in a dual- (or multi-) boot installation for various software that I just can't find a replacement for (or run) under Linux. I currently have Ubuntu, Fedora, OpenSUSE, and Sabayon installed on this laptop, in addition to Vista installed on this computer. Ubuntu for day-to-day, and the others for evaluation.

I ran a couple of 'essential' Windows apps on WINE on Linux for about 6 months until I converted to alternatives for them. For all the rest of what Windows might offer, the swap over to Linux was far too easy.

At the time, I tried about three distros of the day before settling on Mandrake (Mandriva). Curiously, I use two distros for everyday use and usually keep up to date on two others, so you might say I've moved up to using 4.

Getting away from all the "registration" and "anti-virus" malarky saves a lot of time.


Perhaps the hardest part is to not run out of patience when fixing others' same old problems for whatever 'might have happened' to the Microsoft Windows on their machines...

Happy crunchin',
Martin
See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 961526 · Report as offensive
__W__
Avatar

Send message
Joined: 28 Mar 09
Posts: 116
Credit: 5,943,642
RAC: 0
Germany
Message 961532 - Posted: 7 Jan 2010, 14:24:44 UTC - in response to Message 959335.  

I ran into a similar virus or blackmail just yesterday which resulted in:
1) "Your computer is infected" desktop background.
2) Internet Security 2010 was the name of the application that offered to remove the scam.
...
Task manager and Internet Explorer do not work still.

Ugh!

Last month I cleaned up a system with the same malware. It's not enough to clean up with a windowsbased system because this malware use some files witch are not visible when booting an MS-system (even a clear one from a live-cd)!
I used a LINUX live-cd for the virusscan and magicly there are some more infected files to kill which i could not see under MS-boot.
Maybe this helps.

__W__
_______________________________________________________________________________
ID: 961532 · Report as offensive
Previous · 1 · 2

Message boards : Number crunching : Need help for virus


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.