Go Back   Technibble Forums > Technical Discussions > Security, Viruses and Trojans

  Technibble Sponsor

Reply
 
Thread Tools Display Modes
  #11  
Old 01-01-2012, 11:36 PM
bluefalcon bluefalcon is offline
 
Join Date: Nov 2011
Posts: 34
bluefalcon is an unknown quantity at this point
Default

Quote:
Originally Posted by MisterMalware View Post
What I'd like to know is the exact configuration(s) these PCs had before they got infected.
Both of the ones I fixed didn't have service pack 1 installed. Basically the customer turned off the automatic updates (They told me they did because it was slowing down their internet connection).
Reply With Quote
  #12  
Old 01-02-2012, 12:07 AM
MisterMalware's Avatar
MisterMalware MisterMalware is offline
 
Join Date: Jul 2011
Posts: 18
MisterMalware is an unknown quantity at this point
Default

Thanks for the reply bluefalcon.
Reply With Quote
  #13  
Old 01-02-2012, 03:39 AM
callthatgirl's Avatar
callthatgirl callthatgirl is offline
VIP
 
Join Date: Jan 2010
Location: Minnesota
Posts: 3,410
callthatgirl is a jewel in the roughcallthatgirl is a jewel in the roughcallthatgirl is a jewel in the rough
Default

Yep, saw more calls in December for sure. In November we had 20 virus calls and Dec was 31. Last week we had 11 alone.
Reply With Quote
  #14  
Old 01-03-2012, 10:40 PM
bytebuster bytebuster is offline
 
Join Date: Oct 2009
Location: Sacramento, CA
Posts: 401
bytebuster is on a distinguished road
Default

Quote:
Originally Posted by Bobscomputerservice View Post
well i guess its not just me....it sucks for EUs but really helped a slow week. i crushed my goal for December because of these. So far they totally disable anything in the machine to fix it. Makes it great for us techs. These are real nasty ones. every customer had up to date antivirus software. Well i guess if you make $100.00 milllion and the US goverment only makes you pay 8 million in damages i would set up shop again too. We are all in the wrong business i guess, lol!
I personally am not advertising right now because the yellow pages isn't due until March and I really don't want to swim in cheese with the pizza techs on CL. If anybody has a better idea, let me know. Anyway, it seems that the only way to defeat these is by booting into a VM and doing manual removal, right? I know that before I went on hiatus I was seeing fake AV's that would stop any scan of any antivirus software, even from a VM, and "eat" whatever real AV was on the target PC. I suppose we'll eventually have fake AV's that eat the hard drive. I know that the Russians tried a virus that literally encrypted everything, and they didn't give out a key to unencrypt it if you paid, they just ran up your card. Judging from the rage on forums like these they realized they crossed the line, if you totally destroy data and leave no method of retrieval, you will get a bunch of enraged Yankees.
__________________
ByteBuster Mobile iPhone Repair of Sacramento
Specializing in 4 Series iPhones
(916) 708-0609 9am-5pm 7 days a week
http://www.bytebustermcr.com/
Reply With Quote
  #15  
Old 02-03-2012, 12:51 AM
tekgeek's Avatar
tekgeek tekgeek is offline
 
Join Date: Mar 2009
Location: Nashua, IA
Posts: 40
tekgeek is an unknown quantity at this point
Default

Quote:
Originally Posted by bytebuster View Post
I personally am not advertising right now because the yellow pages isn't due until March and I really don't want to swim in cheese with the pizza techs on CL. If anybody has a better idea, let me know. Anyway, it seems that the only way to defeat these is by booting into a VM and doing manual removal, right? I know that before I went on hiatus I was seeing fake AV's that would stop any scan of any antivirus software, even from a VM, and "eat" whatever real AV was on the target PC. I suppose we'll eventually have fake AV's that eat the hard drive. I know that the Russians tried a virus that literally encrypted everything, and they didn't give out a key to unencrypt it if you paid, they just ran up your card. Judging from the rage on forums like these they realized they crossed the line, if you totally destroy data and leave no method of retrieval, you will get a bunch of enraged Yankees.
on systems in which I can not get around the rogue virus I usually pop in a SARDU cd and run Bitdefender which cleans out the major culprit and then I run all the usual stuff in windows to do a thorough cleaning and to check everything out
Reply With Quote
  #16  
Old 02-03-2012, 02:47 AM
Gary Orner Gary Orner is offline
 
Join Date: Jan 2012
Posts: 59
Gary Orner is an unknown quantity at this point
Default

I did 21 of these in the month of JAN. but have not seen one in the last 4 days. It was really weird just out of the blue it was like everyone had it.
Reply With Quote
  #17  
Old 02-03-2012, 04:23 AM
'putertutor's Avatar
'putertutor 'putertutor is online now
 
Join Date: Oct 2011
Posts: 994
'putertutor has a spectacular aura about'putertutor has a spectacular aura about
Default

I had one come in a couple of days ago (see this thread: http://www.technibble.com/forums/sho...d=1#post268889) and then 3 more calls just today! I haven't checked my voicemail yet, but I am hoping there are more on there as well. Sounds kind of creepy to be happy about problems like this, but I guess even a doctor needs sick people to pay his bills.

@mistermalware
My most recent was on a laptop, vista sp2, running up to date mse. Like I mentioned in the thread linked above, the malware laughed at rskill, tdsskill, and mbam, forcing me to manually delete - which I am not as strong at as I wish I was.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:34 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Technibble.com is based out of MELBOURNE, AUSTRALIA.