Just got a new one thrown at me. It causes a full screen BSOD, but I thought it was fishy because the font was larger than normal and on top of that AN AD SAYING I'VE WON SOMETHING started playing *if that doesn't get any tech's alarms going off they shouldn't be working* but anyway. That started after I'd already hit the power button, so it shut down. I'm getting ready to start it back up and see what's going on.

Just thought I'd share this with you all in case you see it in future repairs. :)

I saw this one earlier in the summer. I haven't heard much about it since then but I guess it's making its way back again.

I saw this one earlier in the summer. I haven't heard much about it since then but I guess it's making its way back again.
Ah, didn't realize it was that old. I'm just now starting the laptop back up to see what it's called and everything.

Working on 3 laptops simultaneously. lol Updates on one, fresh install of Windows XP home from Ubuntu, and virus removal. Yay for busy days. :) (no sarcasm there)

Working on 3 laptops simultaneously. lol Updates on one, fresh install of Windows XP home from Ubuntu, and virus removal. Yay for busy days. :) (no sarcasm there)

Awesome! I got a couple drop-offs today as well. Hopefully it continues!

Awesome! I got a couple drop-offs today as well. Hopefully it continues!
I'll second that. I love staying busy. It's boring sitting in an office for 8 hours with absolutely no work!

Quick question: did you manually remove this, or did you let a scanner take care of it?

Also, question for everyone:

I'm still trying to figure out how you manually remove these things. I always depend on MBAM, AVAST, SAS, Combo, and MSCONFIG. They've never let me down getting rid of the popups associated with malware / rootkits. I always do a bootscan with Avast. So what exactly is the argument against tools vs. manual removal? :\ Not being a jackass, just really wanting to know.

fresh install of Windows XP home from Ubuntu

Just curious - do you mean that someone now has Ubuntu, and is going back to XP? Any idea how they got Ubuntu in the first place? I would think that someone using Linux would be able to reinstall XP themselves. Again, just wondering.

I believe Combofix wiped that out for me but it's been awhile so I'm not 100% sure. In regards to tools vs. manual removal. You have to go with what you feel most comfortable with. There are some cases where manual removal is your only option. For me personally, I do both and I have nothing against going one way or another. Scanning tools were created to make things easier for us. If they are effective, I'm going to use them.

Just curious - do you mean that someone now has Ubuntu, and is going back to XP? Any idea how they got Ubuntu in the first place? I would think that someone using Linux would be able to reinstall XP themselves. Again, just wondering.
Ah, yeah. It's my aunt's computer. She's deaf and I had her using Ubuntu as she wasn't even familiar with Windows yet so it didn't matter which she used. It was a learning experience either way. She managed to screw it up so I decided I'll just put her on windows and image it after I'm done getting everything back up and working.

Thanks Nick, wasn't real sure why I always rants about people who use tools and don't manually remove. I've also heard it takes less time to manually remove if you know what you are doing, that's why I'd like to "know what I'm doing" to manually remove things - to save time.

Not sure if it's the same thing but I have had malware that fakes a BSOD using a custom screensaver. I runs the BSOD and an unconvincing windows loading bar, before bringing you back to your desktop.

Ah, yeah. It's my aunt's computer. She's deaf and I had her using Ubuntu as she wasn't even familiar with Windows yet so it didn't matter which she used. It was a learning experience either way. She managed to screw it up so I decided I'll just put her on windows and image it after I'm done getting everything back up and working.

Thanks Nick, wasn't real sure why I always rants about people who use tools and don't manually remove. I've also heard it takes less time to manually remove if you know what you are doing, that's why I'd like to "know what I'm doing" to manually remove things - to save time.
Ha! The piece of junk wouldn't let me run process explorer to terminate it. It's kinda nice the easiest work around on almost all the newest malware is to name your tools explorer.exe as the malware and rootkits don't close explorer.exe. :) Pretty sneaky trick for us techs to beat them with.

Not sure if it's the same thing but I have had malware that fakes a BSOD using a custom screensaver. I runs the BSOD and an unconvincing windows loading bar, before bringing you back to your desktop.
Nah, pretty sure this wasn't a screensaver as it stayed up and I could hit the windows key as it was shutting down and the start menu came up WHILE the "screen saver" was activated. I think it's just using the same coding language that "full screen mode" uses on DVD software or Windows media player, etc. to cover everything including the task bar.

(yes, i know the programmers here will laugh at that remedial explanation of how the screen looks) lol I'm not a programmer. :P

It might just be a re-coding of the Sysinternals BSOD screensaver. Saw it on a machine in the summer of 08; system would give me a "BSOD" every time the av scanners got close to the malware. But I just hit enter or space and the system went on fine.

in the summer of 08

Just thought I was gonna hear a Bryan Adams song.... oh well...

I remember years ago someone made a fake bsod screensaver. We had a lot of fun with the other techs with that thing.

I remember years ago someone made a fake bsod screensaver. We had a lot of fun with the other techs with that thing.

I think it was Microsoft themselves who made this one. You should be able to find it on their website! ;)

In regards to tools vs. manual removal. You have to go with what you feel most comfortable with. There are some cases where manual removal is your only option. For me personally, I do both and I have nothing against going one way or another. Scanning tools were created to make things easier for us. If they are effective, I'm going to use them.

Working on 3 laptops simultaneously. lol Updates on one, fresh install of Windows XP home from Ubuntu, and virus removal. Yay for busy days. :) (no sarcasm there)

Nibs: I have been having a PM conversation with a few guys here about Manual vs. Automatic (tool) malware removal. I have come to the conclusion that the tools are effective if properly used but time consuming. If I am working on a few jobs at once in the shop, I am ok with just running the tools while attending to other jobs. If this is the only job, I would rather use my brain and learn something by manually attacking the varmint(s).

{Alternately, like today, I can use the time consuming tools and play COD/MW2 on my xBox.;)}

Nibs: I have been having a PM conversation with a few guys here about Manual vs. Automatic (tool) malware removal. I have come to the conclusion that the tools are effective if properly used but time consuming. If I am working on a few jobs at once in the shop, I am ok with just running the tools while attending to other jobs. If this is the only job, I would rather use my brain and learn something by manually attacking the varmint(s).

{Alternately, like today, I can use the time consuming tools and play COD/MW2 on my xBox.;)}
Yeah, I've been curious as to why some people will say you are an idiot if you use tools, but so far a year and a half in business, I've been using tools (although I'm researching "loading points" and printing a list THIS MINUTE) since I started my business and I'm already known as the "authority" to everyone that knows me in the computer repair area.

That's why I didn't understand how tools could be SOOOOOOOOOOOOO evil. :\ haha

Nice! on the COD comment ;) One of the perks of this job. Although sometimes I take too much time to goof off, I noticed lately because I forgot to order a power supply last week. :eek: Oh well, I overnighted it already so it should be in my office tomorrow. *crosses fingers*

Yeah, I've been curious as to why some people will say you are an idiot if you use tools, but so far a year and a half in business, I've been using tools (although I'm researching "loading points" and printing a list THIS MINUTE) since I started my business and I'm already known as the "authority" to everyone that knows me in the computer repair area.

That's why I didn't understand how tools could be SOOOOOOOOOOOOO evil. :\ haha

Nice! on the COD comment ;) One of the perks of this job. Although sometimes I take too much time to goof off, I noticed lately because I forgot to order a power supply last week. :eek: Oh well, I overnighted it already so it should be in my office tomorrow. *crosses fingers*

Essentially we are still using tools with manual virus removal apart from the standard "Sort by Date Added" method. AutoRun, ProcessExplorer and HijackThis are still software tools we use to remove malware. So what's the harm in letting MBAM, SAS and Dr.Web run?

Essentially we are still using tools with manual virus removal apart from the standard "Sort by Date Added" method. AutoRun, ProcessExplorer and HijackThis are still software tools we use to remove malware. So what's the harm in letting MBAM, SAS and Dr.Web run?

All of them are a tool, it is how much interaction with said tools that seem to be the deciding factor of which group they get placed. :)