Jump to content

IT people... I really need help. Virtumonde


Vicious89x

Recommended Posts

My wife picked up some spyware and I was able to whack it with a system restore to about 3 days earlier.

-still gotta finde the executable on your HD and whack it.

-You'll lose any changes to local files..but you might not have many if your stuff gets saved on a server. (mail, shared docs etc).

Link to comment
Share on other sites

My wife picked up some spyware and I was able to whack it with a system restore to about 3 days earlier.

-still gotta finde the executable on your HD and whack it.

-You'll lose any changes to local files..but you might not have many if your stuff gets saved on a server. (mail, shared docs etc).

What do you mean by finding it on the HD and "whacking it". It seems to be one .dll that continually, no matter how many times it's identified, quarantined and "deleted" still finds a way to immediately replicate itself. Do you mean finding the actual file? Luckily I don't need and local files, just need to get this off my computer.

Link to comment
Share on other sites

i keep giving this advice that no one wants to hear

the only way to truly get rid of this crap is to reformat/reinstall

the mal ware bytes software is like valtrex it will supress symptoms but doesn't cure the disease

even if you "cure" the machine there is a big hole in the OS where the infected files used to live...

the more time you spend fixing it with stop gap measures is time you could have used rebuilding.

sorry that's always my advice... re-do. dont try to fix windows. start over.

Link to comment
Share on other sites

i keep giving this advice that no one wants to hear

the only way to truly get rid of this crap is to reformat/reinstall

the mal ware bytes software is like valtrex it will supress symptoms but doesn't cure the disease

even if you "cure" the machine there is a big hole in the OS where the infected files used to live...

the more time you spend fixing it with stop gap measures is time you could have used rebuilding.

sorry that's always my advice... re-do. dont try to fix windows. start over.

I would agree, but reformatting isn't an option (in this case) because it's a work machine....could be wrong though. From reading this virus seems really tricky and sneaky. Good luck.

Link to comment
Share on other sites

I would agree, but reformatting isn't an option (in this case) because it's a work machine....could be wrong though. From reading this virus seems really tricky and sneaky. Good luck.

It's a pain. I don't really want to go to IT. I swear on my kid I don't look at crap like porn at work, just sports blogs and JN. Absolutely zero clue as to how to get it off though.

Link to comment
Share on other sites

Vicious, run the Malwarebytes program in safemode.

I had a nasty malware attack my work computer earlier this month. Actually, it's a rogue anti-spyware program called "Paladin Antivirus".

It installs on your computer without permission and acts like an antivirus program. It shows alerts and everything and asks you to delete these "viruses". The viruses aren't really viruses, though. They're important programs on your computer. So the program is trying for you to ruin your computer without knowing it.

Getting rid of it is a pain. I was able to get rid of all the related programs (18+ in all installed). I downloaded Malwarebytes and the Paladin would force my computer to shut down before the antimalware program could complete the scan. I had to go into Safe Mode to complete the scan and remove these malicious programs.

Link to comment
Share on other sites

Vicious, run the Malwarebytes program in safemode.

I had a nasty malware attack my work computer earlier this month. Actually, it's a rogue anti-spyware program called "Paladin Antivirus".

It installs on your computer without permission and acts like an antivirus program. It shows alerts and everything and asks you to delete these "viruses". The viruses aren't really viruses, though. They're important programs on your computer. So the program is trying for you to ruin your computer without knowing it.

Getting rid of it is a pain. I was able to get rid of all the related programs (18+ in all installed). I downloaded Malwarebytes and the Paladin would force my computer to shut down before the antimalware program could complete the scan. I had to go into Safe Mode to complete the scan and remove these malicious programs.

Link to comment
Share on other sites

Vicious, run the Malwarebytes program in safemode.

I had a nasty malware attack my work computer earlier this month. Actually, it's a rogue anti-spyware program called "Paladin Antivirus".

It installs on your computer without permission and acts like an antivirus program. It shows alerts and everything and asks you to delete these "viruses". The viruses aren't really viruses, though. They're important programs on your computer. So the program is trying for you to ruin your computer without knowing it.

Getting rid of it is a pain. I was able to get rid of all the related programs (18+ in all installed). I downloaded Malwarebytes and the Paladin would force my computer to shut down before the antimalware program could complete the scan. I had to go into Safe Mode to complete the scan and remove these malicious programs.

Thats another good point, didn't nee to do that for VUndo, but that's another idea

Link to comment
Share on other sites

Vicious, run the Malwarebytes program in safemode.

I had a nasty malware attack my work computer earlier this month. Actually, it's a rogue anti-spyware program called "Paladin Antivirus".

It installs on your computer without permission and acts like an antivirus program. It shows alerts and everything and asks you to delete these "viruses". The viruses aren't really viruses, though. They're important programs on your computer. So the program is trying for you to ruin your computer without knowing it.

Getting rid of it is a pain. I was able to get rid of all the related programs (18+ in all installed). I downloaded Malwarebytes and the Paladin would force my computer to shut down before the antimalware program could complete the scan. I had to go into Safe Mode to complete the scan and remove these malicious programs.

Thats another good point, didn't nee to do that for VUndo, but that's another idea

Link to comment
Share on other sites

Vicious, run the Malwarebytes program in safemode.

I had a nasty malware attack my work computer earlier this month. Actually, it's a rogue anti-spyware program called "Paladin Antivirus".

It installs on your computer without permission and acts like an antivirus program. It shows alerts and everything and asks you to delete these "viruses". The viruses aren't really viruses, though. They're important programs on your computer. So the program is trying for you to ruin your computer without knowing it.

Getting rid of it is a pain. I was able to get rid of all the related programs (18+ in all installed). I downloaded Malwarebytes and the Paladin would force my computer to shut down before the antimalware program could complete the scan. I had to go into Safe Mode to complete the scan and remove these malicious programs.

smc- thanks brother. Here's my issue, I can't log into safe mode without having my network running. Would safe mode w/network do the trick or am I better off just unplugging from my network and running mwb? Once I ran mwb it chilled out with the pop ups
Link to comment
Share on other sites

Vicious, run the Malwarebytes program in safemode.

I had a nasty malware attack my work computer earlier this month. Actually, it's a rogue anti-spyware program called "Paladin Antivirus".

It installs on your computer without permission and acts like an antivirus program. It shows alerts and everything and asks you to delete these "viruses". The viruses aren't really viruses, though. They're important programs on your computer. So the program is trying for you to ruin your computer without knowing it.

Getting rid of it is a pain. I was able to get rid of all the related programs (18+ in all installed). I downloaded Malwarebytes and the Paladin would force my computer to shut down before the antimalware program could complete the scan. I had to go into Safe Mode to complete the scan and remove these malicious programs.

smc- thanks brother. Here's my issue, I can't log into safe mode without having my network running. Would safe mode w/network do the trick or am I better off just unplugging from my network and running mwb? Once I ran mwb it chilled out with the pop ups
Link to comment
Share on other sites

smc- thanks brother. Here's my issue, I can't log into safe mode without having my network running. Would safe mode w/network do the trick or am I better off just unplugging from my network and running mwb? Once I ran mwb it chilled out with the pop ups

If still a problem I'd unplug from the network and run malwarebytes in safe mode.

The network isn't the issue. If it was, then that's your job's IT person's problem, not yours because the problem may be in the server.

For your PC, restart and press F8 repeatedly as the computer reboots. Then in safe mode run the program.

For me the program actually froze up after awhile, but I was able abort the scan and then delete the programs that they found.

In my problem the program found 21 malicious programs in my computer when doing the scan in regular mode but then the system would crash. So when I did the scan in safemode I waited till it found 18 programs then aborted. I then had malwarebytes delete the bad programs and rebooted. I did another scan and all the bad programs were gone.

Sorry for the wordiness. But remember: unplug from the network, then go to safe mode to do the scan.

Link to comment
Share on other sites

smc- thanks brother. Here's my issue, I can't log into safe mode without having my network running. Would safe mode w/network do the trick or am I better off just unplugging from my network and running mwb? Once I ran mwb it chilled out with the pop ups

If still a problem I'd unplug from the network and run malwarebytes in safe mode.

The network isn't the issue. If it was, then that's your job's IT person's problem, not yours because the problem may be in the server.

For your PC, restart and press F8 repeatedly as the computer reboots. Then in safe mode run the program.

For me the program actually froze up after awhile, but I was able abort the scan and then delete the programs that they found.

In my problem the program found 21 malicious programs in my computer when doing the scan in regular mode but then the system would crash. So when I did the scan in safemode I waited till it found 18 programs then aborted. I then had malwarebytes delete the bad programs and rebooted. I did another scan and all the bad programs were gone.

Sorry for the wordiness. But remember: unplug from the network, then go to safe mode to do the scan.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...