1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can you say, "Badly infected"?

Discussion in 'General Security' started by tomdkat, Apr 22, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    The owner of the system I scanned with SUPERAntiSpyware certainly can. :D LOL

    Here is a condensed version of the SAS log:
    Most of the 1412 threats were tracking cookies (like 1100+). I had never seen SAS detect so many different threats. Malwarebytes detected more leftovers after SAS was done. LOL

    Anyway, I just wanted to share this with you. :)

    Peace...
     
  2. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,892
    First Name:
    Frank
    Yikes! :eek:

    I'd call it a "Major Epidemic". :eek:

    --------------------------------------------------------------
     
  3. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    You can say that again. LOL

    The funny (funny to me at least) thing is the computer owner called me and told me she thought she had a virus on her computer. I asked her what made her think her system was infected and she said she kept getting popups. I didn't ask about the nature or quantity of popups since her getting popups, alone, was enough to think her system was infected with something. I just had absolutely no idea it was infected with almost everything. :D LOL

    I'm not laughing at the system owner, I'm laughing at the assortment and severity of the infection. We'll see what anti-virus and anti-spyware software was installed, if any.

    Peace...
     
  4. perfume

    perfume Banned

    Joined:
    Sep 12, 2008
    Messages:
    2,011
    Dear tomdkat,
    Oh mon dieu! I counted 20 trojans including one " Trojan.RootKit/Gen ". Not for nothing is SAS called the "Swiss Army knife" and you've got a major surgery to perform:D:eek:! Have you a Lion's heart and lady's fingers, because that distinguishes a "great surgeon" from a "normal surgeon"?. I guess one of your assisting surgeons will be an ANTI-ROOTKIT! :rolleyes::rolleyes:
     
  5. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    I've got something far more effective.. and it's NOT one of the rings of Mordor.

    I've got the much coveted "Rubber Chicken", which when unveiled causes ALL malware to disintegrate instantly!

    That's right, malware, "prepare to meet oblivion!" :D LOL

    Peace...
     
  6. Stoner

    Stoner Banned

    Joined:
    Oct 26, 2002
    Messages:
    44,931
    That's some list, Tom :D

    Are you going to 'clean' or reinstall?
     
  7. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    Well, I just confirmed that there isn't any important data worth saving on the box so I'll probably nuke the box if recovery CDs are available, etc.

    Generally, I prefer to clean than to nuke but given this laundry list I might go the nuke route. We'll see how it goes. :)

    By the way, I generated that list by scanning the infected hard drive from a known clean system. That's why there were no registry entries detected as being infected. I know all hell will break loose when I actually boot the system and that's when I'll make the decision to nuke or not.

    Peace...
     
  8. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Can you say Format C! :D
     
  9. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,756
    First Name:
    Karen
    With the virut infection, you really have to format. It injects code in system files, executables, screen savers and others and even if they are cleaned they are left corrupt.

    Back up the least things possible, documents, pictures, music should be OK.
     
  10. perfume

    perfume Banned

    Joined:
    Sep 12, 2008
    Messages:
    2,011
    Dear cookiegal,
    tom says he's got a rubber chicken, which may blow the entire city he lives in:D! He's clever,and says "peace" ( i would have said that, but he was a senior and thus beat me to it!) These are dangerous times we live in!:confused:
     
  11. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    Yeah, I've read about a Virut infection being nasty and have read about reformatting being the only real way to effectively remove it and be SURE it's been removed.

    Here's a question: I've read the above with regard to a virut virus being detected. Since SUPERAntiSpyware detected a virut trojan would this be considered a different "strain" of virut or would it be the same or similar to the virus strains I've generally read about? I apologize if this isn't an appropriate question to ask. :)

    Peace...
     
  12. win2kpro

    win2kpro

    Joined:
    Jul 19, 2005
    Messages:
    11,670
    When I get a machine in that is infected such as the machine you have the solution is simple. Zero fill the drive and reinstall Windows and the applications.
     
  13. antech

    antech Banned

    Joined:
    Feb 23, 2010
    Messages:
    1,427
    Really BADLY INFECTED!
    But NOT more than me a 2 years ago.....
    Kaspersky found about 1500 infected dll's !
    Some were trojans,other spywares,jokewares,adwares viruses and some even pornwares!

    I was just testing the depth of the viruses downloaded from the closed down site trojanfrance.com
     
  14. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,756
    First Name:
    Karen
    Hi Tom,

    Technically it's considred a virus, a polymorphic file infector, but can also be classified as a trojan as well as it opens a backdoor to download other malware via IRC.

    Here's a link to a blog by one of our most respected colleagues in the malware removal community, miekiemoes, explaining more about it:

    http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html
     
  15. Rich-M

    Rich-M

    Joined:
    May 3, 2006
    Messages:
    22,443
    The only way I ever got through that was with booting to Erd Commander to hit System Restore and then Combofix as fast as I could restored back a month ago. Then Mbam a few times and all was well but using E.R.D and Mbam alone was not fast enough and I failed to boot.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/918559

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice