Jump to content

Giving Up

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I'd like to put my 2 cents in on this. What you said is absolutely right. However, there's a new breed of trojan/virus/malware that makes the ability launch MBAM from a linux OS in order to scan a Windows partition so important. I am currently experiencing and trying to recover from the worst malware attack I have ever experienced. I don't know exactly how it got in, but I do know that the strain that I have actively compromises all popular virus and spyware scanners that I have thrown at it. Let me give a rundown of what has happened to my system in the past week: [sTART OF RANT] All symptoms that I describe below started IMMEDIATELY following a windows update. (Of course seeing what this thing can do, that was probably a spoofed windows update). -At first, getting multiple, persistent, fake trojan alerts and nags to buy fake spyware removal programs (Antivirus Pro 2010). Created a spoofed Windows security center to back up its claims -Random FAKE bluescreen of death. You can tell its fake because you can exit out of it with Alt-TAB. Uses a terminal emulator to look genuine. Bluescreen message has misspellings. Also implores you to "check your antivirus" -Disables and corrupts ALL malware/spybot/virus scanners. Got into my system with nary a peep from Mcafee antivirus/firewall. In the case of spydoctor it appears to work WITH it to give the system a clean bill of health when there are still obvious signs of infection. The one program that seems suited to remove this malware (according to all forums in months past) is Malware Bytes. Malware Bytes can't open, can't reinstall, and can't uninstall. Manual removal of all files shows that the trojan is occupying one of its DLLs from the moment windows starts up and won't let it go. - An active session AVAST antivirus (which also seemed to detect at least part of it according to forum posts in the past) became immediately unavailable when the trojan acted up. -All of this is STILL active in all forms of windows safemode. -Redirects Explorer, Opera and Firefox (all that I've tried) away from antimalware sites and to random advertising sites. All direct clicks in google results get redirected. URLs can still be typed in manually. -After manually deleting all dll's, sys, vbs, and other files known to associate w the Antivirus Pro 2010 trojan (and anything else that looked suspicious), I installed a freeware firewall (Commando I think). Although getting many error messages of multiple files trying to call to the dlls that I deleted, the spoofed virus warnings were gone. I figured it was time to rest. -About 45 minutes after I supposedly blocked the malware (with the intent of figuring out how to get rid of its remains)... MY COMPUTER STARTED PLAYING AUDIO COMMERCIALS!!! The commercials have been for dish detergent, video games and movies... and have been interspersed with periods of about 30 seconds of what sounds like random conversation at a party... [END OF RANT] I have come to the conclusion that my only resort at this time is to blank the drive and reinstall Windows. At the moment I am using an old spare 30gig drive on which I have installed PCLinuxOS 2009.2. Now I definitely like Linux, I like the idea behind it... I like its security and its relatively untouched status as far as malware goes (probably subject to change as soon as Linux has a larger user base). But Windows is what everybody releases stuff for. Windows is what all my electronic gizmos support. I don't want to nuke windows... to quote The Tick "You can't destroy the EARTH... thats where I keep all my STUFF!!!" I need a Malwarebytes to be released for Linux, so there is a safe place for the program to stand while its trying to save Windows.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.