Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: malware/virus

  1. #1
    Senior Member
    Join Date
    Jun 2003
    Posts
    349

    malware/virus

    Hi All,
    Just got a call from friend and went to look his pc.
    Message was to activate Malware protection , pc on the start goes into scanning with this malvare program and shows infections of w32.wormblast and on the end says you have to activate Malvare protection and submit email address and password.
    I could not start anything:windows task manager, command prompt etc. all was disabled including his antivirus program.
    I went home and downloaded the tool to remove it from Symantec.
    I disconnected modem.
    Started pc in safe mode and managed to start the removal file from cd.
    Pc turned off after probably 8 minutes.Could not log any more in the safe mode.If i log normally windows would start but off course you couldn't use it.
    Any suggestions.Sorry if you need more info i might look into it with more details tomorrow.Let me know what info you need.
    I tried to run the file from cd in safe mode but that switched of the pc too.
    Thanks.

  2. #2
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    I would use a LiveCD to get important files off the disks, scan the saved files on a separate machine to make sure they aren't infected. Wipe the disks and clean install.

    The "fix it" game get's old quick, imo. Too much hassle.
    Every now and then, one of you won't annoy me.

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    A live CD (Non-Windows) should let you deal with it. I personally just slave the drive.....no boot, no game?

    Otherwise you might try going into BIOS and Windows and turning off all screensavers and power saving. Then try safe mode, or get into control panel real quick.

    You didn't say what version of Windows......................?????, or if you have CD/DVD, USB, floppy.

    A HijackThis log is frequently useful with these problems, as you don't say what the particular form of scareware is.

    A method I have used is to just give it a fake plausible e-mail and password......... chances are they are so greedy they won't pass the opportunity because you are not on the internet?...........that might buy you the time.

    Good luck!

  4. #4
    Senior Member
    Join Date
    Jun 2003
    Posts
    349
    Hi Guys,
    Thanks for a prompt replies.
    Sorry Nihill was just posting details too quickly and forgot to add version of windows etc.
    Done the clean install.
    Funny things is that Pc was switching off as it was overheating.Picked up straightaway but didnt pay enough attention.Cleaned the fans and pc went from 86c to 43.
    All good now.
    Thanks

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Hi,

    Download our SAFE CD: http://www.pandasecurity.com/resourc...andaSafeCD.iso , burn to disk. Boot up the machine, let it get an IP via DHCP or give it a static one. Choose official signature file (it will begin downloading it) and then scan for you.

    This is all out of a windows environment and works best for things like Sality which is a file infector and can only be cleaned outside of a windows OS.

    PM me if you need more help or you can adopt the lazy strat :P:P:P and jsut backup and format ... but where is this fun in this?
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi unvi$ible,

    Seems I was wrong again

    You might look at this:

    http://www.almico.com/speedfan.php

    You have to launch it each session, but it tries to read your MoBo and HDD sensors. I don't let it try to manage fan speeds...... I am an old fart

    Just mouseover the icon in your system tray and you will see the critical temps.

    86C !!!!! .............................

    Hell man! why didn't you tell me..............you could have fried my breakfast for me

  7. #7
    Administrator Steve R Jones's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    390
    Give this new puppy a try:

    Microsoft Standalone System Sweeper Beta
    A recovery tool that can help you start an infected PC and perform an offline scan to help identify and remove rootkits and other advanced malware.
    http://connect.microsoft.com/systemsweeper

  8. #8
    Junior Member
    Join Date
    Jul 2011
    Posts
    2
    AVG has a boot disk too - you're going to need a boot disc that detects that ish

    http://www.avg.com/us-en/avg-rescue-cd

  9. #9
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    That Microsoft Standalone System Sweeper Beta looks cool. WIll give it a crack with a USB.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  10. #10
    Administrator Steve R Jones's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    390
    The MS scanner seems to be pretty good but takes HOURS to scan. For example - it scans each mail inside Outlook Express's dbx files...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •