|
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Stephen <mcavoysAT@aolDOTcom> wrote:
> On Mon, 28 Apr 2008 11:24:41 EDT, "Chambers" <bdc### [at] yahoocom>
> wrote:
>
> >If anybody here could help me with some advice, I'd appreciate it.
>
> What flavour of Windows are you going to reinstall? :)
> Have you tried to restore?
> --
>
> Regards
> Stephen
:(
I'm dual booting to Linux anyway, maybe it's time to go cold turkey...
....Chambers
www.pacificwebguy.com
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 28 Apr 2008 12:38:36 EDT, "Chambers" <bdc### [at] yahoocom>
wrote:
>
>I'm dual booting to Linux anyway, maybe it's time to go cold turkey...
Maybe, indeed. But I would fix my Windows first. Just in case :)
--
Regards
Stephen
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Chambers <bdc### [at] yahoocom> wrote:
> I have both AVG Free AV and Antispyware
Did you run the antivirus and the spyware scanners from safe mode?
Have you tried with ad-aware and spybot s&d? It probably wouldn't hurt
to try.
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
From: Gilles Tran
Subject: Re: Help with possible malware infestation
Date: 28 Apr 2008 15:41:27
Message: <48162867@news.povray.org>
|
|
|
| |
| |
|
|
web.4815ec39b493a40f261d9700@news.povray.org...
> Has anybody here had a similar experience, and is able to comment?
Look for a rootkit
http://www.f-secure.com/blacklight/
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
My dad's laptop caught one once, it took me a couple of hours to understand
what was going on, but Blacklight took care of it immediately.
G.
--
**********************
http://www.oyonale.com
**********************
- Graphic experiments
- POV-Ray, Cinema 4D and Poser computer art
- Posters
Post a reply to this message
|
|
| |
| |
|
|
From: Sabrina Kilian
Subject: Re: Help with possible malware infestation
Date: 28 Apr 2008 20:14:45
Message: <48166875@news.povray.org>
|
|
|
| |
| |
|
|
On Mon, 28 Apr 2008 11:24:41 -0400, Chambers wrote:
> If anybody here could help me with some advice, I'd appreciate it.
>
> Lately, I've been getting crashes when Windows starts*, and something
> has been interfering with my web browsing.
>
> Searching with Google or Yahoo never finishes** (it just loads the page
> for several minutes, and then quits). Other functions of Google and
> Yahoo (ie, Google Webmaster Tools, or My Yahoo) work fine.
>
> Downloading files in Firefox gets interrupted (it asks me where to save
> the file, but never actually saves - or even begins downloading - it).
> Downloading in IE sometimes works, and sometimes doesn't.
>
> I get random popup ads and new tabs opened in both IE7 and Firefox 2,
> most of them advertising antimalware software (which I've never heard
> of, and don't trust).
>
> I *do* have Safari installed (just to try it out), but I haven't tested
> for these symptoms in it yet.
>
> I have both AVG Free AV and Antispyware, and ZoneAlarm firewall
> installed. I managed to install Avast last night, and performed a
> boot-time scan, which didn't yield any results.
>
> Before I left for work, I left the machine running complete scans from
> AVG (antivirus *and* antispyware), and from Avast. I'll check the
> results when I get home.
>
> Has anybody here had a similar experience, and is able to comment?
>
> BTW, the only software I've installed recently (other than Linux... heh)
> is MS Silverlight, which I've since uninstalled.
>
> ** These work fine in Linux, so I know its something with the machine
> and not the network.
>
> * By googling under Linux, I was able to determine that the crashing
> process belonged to Nero Scout, something I didn't even have installed
> (I only installed Burning ROM, with none of the extras). Just to be
> safe, I uninstalled Nero, but that hasn't changed anything.
>
> ....Chambers
> www.pacificwebguy.com
I got a similar problem caused by the latest version of Vundo, Vundo.D.
Nasty little trojan horse, I realized it was there when normally sane
sites opened several pop-ups. AVG missed it, Trend Micro's Housecall
found 2 dlls it was using but it recreated those when I rebooted. I know
how it got in, I was stupid and trusted a file I shouldn't. It wasn't
communicating out on it's own, so the fire wall never saw it.
Not saying that's what got to your PC, but the symptoms sound very
similar.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Sabrina Kilian <ykg### [at] SUCKSvtedu> wrote:
> I got a similar problem caused by the latest version of Vundo, Vundo.D.
> Nasty little trojan horse, I realized it was there when normally sane
> sites opened several pop-ups. AVG missed it, Trend Micro's Housecall
> found 2 dlls it was using but it recreated those when I rebooted. I know
> how it got in, I was stupid and trusted a file I shouldn't. It wasn't
> communicating out on it's own, so the fire wall never saw it.
>
> Not saying that's what got to your PC, but the symptoms sound very
> similar.
How did you remove it?
....Chambers
www.pacificwebguy.com
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
"Chambers" <bdc### [at] yahoocom> wrote:
> How did you remove it?
>
> ....Chambers
> www.pacificwebguy.com
Never mind, I think I've fixed the problem. After trying several products, AVG
8 seems to have finally killed the infestation.
Definitely not a good advertisement for AVG 7, though, letting the virus on to
begin with.
Now I'm *definitely* thinking of switching OSs permanently.
....Chambers
www.pacificwebguy.com
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 28 Apr 2008 22:46:37 -0400, Chambers wrote:
> "Chambers" <bdc### [at] yahoocom> wrote:
>> How did you remove it?
>>
>> ....Chambers
>> www.pacificwebguy.com
>
> Never mind, I think I've fixed the problem. After trying several
> products, AVG 8 seems to have finally killed the infestation.
>
> Definitely not a good advertisement for AVG 7, though, letting the virus
> on to begin with.
>
> Now I'm *definitely* thinking of switching OSs permanently.
>
> ....Chambers
> www.pacificwebguy.com
I didn't remove it, I can't find the third (or forth or eighth) dll that
keeps recreating the first two. I'm backing everything up, since I duel
boot Linux it isn't that difficult, and then wiping that partition out.
I made the mistake of rebooting to safe mode when I found the first two,
removing them, then rebooting. Now it's registered as my proxy and
prevents me from updating AVG or getting to Housecall.
Eh, I needed to clean this windows install anyways.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Chambers wrote:
> If anybody here could help me with some advice, I'd appreciate it.
>
> Lately, I've been getting crashes when Windows starts*, and something has been
> interfering with my web browsing.
>
> Searching with Google or Yahoo never finishes** (it just loads the page for
> several minutes, and then quits). Other functions of Google and Yahoo (ie,
> Google Webmaster Tools, or My Yahoo) work fine.
>
> Downloading files in Firefox gets interrupted (it asks me where to save the
> file, but never actually saves - or even begins downloading - it). Downloading
> in IE sometimes works, and sometimes doesn't.
>
> I get random popup ads and new tabs opened in both IE7 and Firefox 2, most of
> them advertising antimalware software (which I've never heard of, and don't
> trust).
>
> I *do* have Safari installed (just to try it out), but I haven't tested for
> these symptoms in it yet.
Then try it, and see what comes up.
The symptom of unwanted windows and new tabs is a classic malware sign.
I had an infection which would take me to certain sites at five minute
intervals. If IE was not open at the time, the malware would start it.
A complete reinstall of WinXP got rid of the beastie. A complete
install of Ubuntu probably would have gotten rid of it as well.
Regards,
John
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
John VanSickle <evi### [at] hotmailcom> wrote:
> Chambers wrote:
> > I *do* have Safari installed (just to try it out), but I haven't tested for
> > these symptoms in it yet.
>
> Then try it, and see what comes up.
Safari worked fine. So the malware writers were specifically targeting both IE
and Firefox.
However, it appears that I still wasn't able to clean it completely. I was
still getting random virus detections.
....Chambers
www.pacificwebguy.com
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|