Security Tools 2009-2010

Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
Has anyone else noticed a major pickup in infections of this malware? I have fixed like 6 of these in the last week and two within the last 24 hours.

Comments

  • RobertKaucherRobertKaucher A cornfield in OhioMember Posts: 4,299 ■■■■■■■■■■
    Mmmmm. Does not bode well for my weekend then.
  • PashPash Member Posts: 1,600 ■■■■■□□□□□
    Yes and in paticular Win 2010 spyware removal tool hoaxes, these have been real pains to remove.
    DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me.
  • Hyper-MeHyper-Me Banned Posts: 2,059
    AV 2010 has been plaugeing our customers lately.

    We even had a real nasty booger that hijacked outlook and sent thousands of spam emails through exchange within a matter of 2-3 minutes. So many in fact that they got blacklisted in most of the major spam blocklist feeds.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Hyper-Me wrote: »
    AV 2010 has been plaugeing our customers lately.

    We even had a real nasty booger that hijacked outlook and sent thousands of spam emails through exchange within a matter of 2-3 minutes. So many in fact that they got blacklisted in most of the major spam blocklist feeds.

    That sucks.

    Malware looks more and more realistic with each passing year. I was browsing the interwebz the other day and a pop up came up stating that I had 63 infected objects on my machine and my credit card info was being sent to hijackers. It even had very realistic simulated "windows" screens. The only issue was that I was on my Ubuntu box. Still I can't blame Joe/Jane User for getting infected and in fact I encourage it (since it is currently bringing me some cash).
  • tbgree00tbgree00 Member Posts: 553 ■■■■□□□□□□
    I have seen a ton of these lately too. Last week I cleared four and I have two scheduled for this week. The most interesting thing is that last week one of my clients actually purchased the bogus protection. It left the registry key that kept his user account from runing exe files but it stopped any of the bogus malware's processes from loading on startup.

    What do you use to clean them? I generally go into safe mode and install malwarebytes. It seems to get rid of everything. If that doesn't work I do a backup of their documents, install combofix and run it. I do the backup just in case combofix causes problems. It doesn't often but I have had a machine fail to boot after runing it.
    I finally started that blog - www.thomgreene.com
  • pml1pml1 Member Posts: 147
    Fake Anti-Viruses have been plaguing our users. We've been seeing a handful of infections a week for the last few months. Usually a scan with malwarebytes takes care of it though.
    Excellence is never an accident; it is always the result of high intention, sincere effort, intelligent direction, skillful execution and the vision to see obstacles as opportunities.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    tbgree00 wrote: »
    I have seen a ton of these lately too. Last week I cleared four and I have two scheduled for this week. The most interesting thing is that last week one of my clients actually purchased the bogus protection. It left the registry key that kept his user account from runing exe files but it stopped any of the bogus malware's processes from loading on startup.

    What do you use to clean them? I generally go into safe mode and install malwarebytes. It seems to get rid of everything. If that doesn't work I do a backup of their documents, install combofix and run it. I do the backup just in case combofix causes problems. It doesn't often but I have had a machine fail to boot after runing it.

    Malwarebytes, combofix, win security essentials, spybox FTW.

    If that doesn't work I will just reimage the machine because chances are, even if I do go ahead and manually remove the virus, something will still come back and I don't want to deal with that bull. I tell people straight up,if this doesn't work, I will be calling you for the windows disc (and any apps disc that they have)
  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    I used spybot search and destroy on my cousins pc to get rid of antivirus 2009. She had given up using her pc because av2009 was locking up everything. I'm gonna have to try malwarebytes, is it free?
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
  • cgrimaldocgrimaldo Member Posts: 439 ■■■■□□□□□□
    earweed wrote: »
    I used spybot search and destroy on my cousins pc to get rid of antivirus 2009. She had given up using her pc because av2009 was locking up everything. I'm gonna have to try malwarebytes, is it free?


    Yes, it's free. It's a great program that has been successful in getting rid of the most popular malware to date. At least in my case.

    http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Our customers have been reporting a lot of infections recently. Generally we remote on, run a scan, and clean what we can. We explain that though we do the scan, we recommend the wipe and reload. If I am doing side work, I remove the hard drive and put it in an enclosure. I then run Malwarebytes and Symantec on it. I've found I get just about everything doing it that way. The other thing I do is run Bitdefenders bootable linux disc and that usually works pretty good. Boots Knoppix and if it detects the network card (only had one laptop not work) it will download the latest updates.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
Sign In or Register to comment.