|
At our shop the WinAntivirus2008 etc and it's variants are old hat by now, not even an issue. One that DID give us a heart attack the other day was this: csrsc.exe Registers itself as a service "WinSpoolerService" and lists it's publisher as Microsoft. We had to quickly kill the process, then delete the file on disk and a registry key, and if you weren't fast enough then it would run again and you couldn't delete the file. the scary part was when I took my flash drive with the tools out of that computer and plugged it into another computer, and all of a sudden that person's windows defender wanted to know if it was ok to attach csrsc.exe to like every drat startup process. Apparently this virus actually a. copies itself to removable media b. creates an autorun that c. fucks your poo poo up in about 3 seconds when you connect it to your computer.
|
# ¿ Dec 18, 2008 18:16 |
|
|
# ¿ May 17, 2024 19:51 |
|
Hillridge posted:It's like people forget every bit of common sense when on the internet. If a guy came up to these people on the street (or rang their doorbell) and told them that their house had problems, and they needed his product to fix it, 99% of these people would tell him to gently caress off. But SIR! There are *17* spy cameras installed in your house! Including 3 in your bathroom! Also if you don't defragment your waterheater, it will EXPLODE. Pay ME eleventy dollars and I will fix ALL those problems and keep ANYTHING bad from happening again.
|
# ¿ Dec 19, 2008 16:06 |
|
tadashi posted:Antivirus 2009 isn't that nasty of a virus, it's just that it's everywhere. I've had people at work call me because they visit what looks to be a reliable link off of different search engines and it turns out the page is infected with AV2009. It's not that hard to get rid of if you catch it in time and can remove the System32 files and the registry entries. You just have to catch it before it installs to much other junk. Yeah, I all I've ever seen it do is demand money to register it. I don't think it actually mines data or makes spam or anything.
|
# ¿ Dec 22, 2008 23:58 |
|
Toshi posted:I'm having major trouble with Trojan.bho , I've run malwarebytes and superantispyware, vundofix, combofix and they all catch it and say it's been removed. After a restart and rescan it's back. Short of wiping this install anyone else have an idea? Seems to be coming from my registry. I would post about it in the tech support forum. You probably need to delete some DLL files or registry entries using recovery console or a live CD.
|
# ¿ Dec 23, 2008 18:50 |
|
Hillridge posted:Crap, still seeing goougly links in google. All you have to do is find what's starting up and running via hijackthis or the silent runners vbscript, then pull the power, boot the computer to the recovery console, and delete or replace the affected files. If you need to remove registry entries, use BartPE or similar, they have offline registry editors.
|
# ¿ Dec 26, 2008 02:17 |
|
Hillridge posted:I'd still like to find the guy who wrote this browser hijack and punch him in the sack though. Wouldn't we all...
|
# ¿ Dec 27, 2008 21:52 |
|
Cojawfee posted:Well, they will bitch at each other. It is best to have one antivirus, and a few antispywares. Actually, it's best not to download stupid poo poo. I could run NO antivirus software at all, because I don't download crap from limewarez or whatever.
|
# ¿ Jan 3, 2009 04:49 |
|
I didn't say that I DON'T run antivirus software, or that you should recommend people to do so. I'm just saying that with the help of common sense you can avoid most problems.
|
# ¿ Jan 3, 2009 06:04 |
|
|
# ¿ May 17, 2024 19:51 |
|
Cojawfee posted:*Backpedal* *backpedal* Fine. I'll uninstall AVG and run for 1 year without it or any other antivirus software.
|
# ¿ Jan 3, 2009 07:27 |