Privicy centre

[jimllfixit]

Just come back from work with a bit of malware not seen by us before. Its called privicy centre. In noraml mode and safe mode this pops up and by the looks of it kills all the process's bar a few. The best way that we found to remove it was run a virtual windows then a combofix the HDD, then Ccleaner. Then we were able to get to windows in safe mode and finish up.

Just though I'd let it known to people.

 

[LunchBox]

The best way that we found to remove it was run a virtual windows then a combofix the HDD, then Ccleaner. Then we were able to get to windows in safe mode and finish up.

Just though I'd let it known to people.

Do you mean. You have a virtual machine. The host is infected. You run the cleaner to scan the host PC? You mean you shared the drive to the virtual PC?

 

[purple_minion]

I'm guessing he slaved the drive on another system, much like you could do by booting UBCD I bet. Otherwise I have NO idea what he said.

 

[LunchBox]

I'm guessing he slaved the drive on another system, much like you could do by booting UBCD I bet. Otherwise I have NO idea what he said.

Yeah, after I typed my entry I thought about slaving but it didn't really make sense the way he typed it.

I had a nastry viruses 2 weeks ago. I would not install any exe, and any AV already installed would not even run. The admin right the account had became useless. Because I was working remotely I just had my nephew do a reinstall. I really wanted to work on this one. It was by far the nasties I have come across.

 

[jimllfixit]

No sorry, I meant that using Hierns boot CD we can use virtual windows on the infected pc and then run fixing tools from there.