Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: jimbobmccoy on 21 November 2008, 22:30:33
-
i have spent the last two weeks clearing malware of friends pc's.
two to look out for....internet anti virus and antivirus 2009.
both seem to be undetected by most antivirus programms and they also present them selve sin a way that looks like its a genuine windows warning.
Worth Googling and seeing what theyre about, as theyre a pain to get rid of, and to the unwary can look soo genuine you will fall for it.
Thought i'd let you all know, as they have a habit of defaulting your browser to their homepage, and that means no oofing, which just wouldnt do now, would it?!
-
i have spent the last two weeks clearing malware of friends pc's.
two to look out for....internet anti virus and antivirus 2009.
both seem to be undetected by most antivirus programms and they also present them selve sin a way that looks like its a genuine windows warning.
Worth Googling and seeing what theyre about, as theyre a pain to get rid of, and to the unwary can look soo genuine you will fall for it.
Thought i'd let you all know, as they have a habit of defaulting your browser to their homepage, and that means no oofing, which just wouldnt do now, would it?!
They are not viruses (they are malware), so not picked up by AV software.
But a bitch to get rid of, as its a self modifier. I usually go hard in the registry when I have to fix them (if its a desktop, I tend to burn and build).
-
i had internet antivirus and good advice on here got rid of it with a little help from malware malbytes :y
-
i have noticed sometimes whn page is loading once its done i just get a blank screen, any ideas ??
-
i put virus as the title as i thought it'd get more notice than malware, but your right.
the antivirus one is particularly nasty, as even after you clear the registry, there is a dll that remains, so when you log on, it hijacks google and can end up causing you to reinstall it.
to completely get rid of it you need to unregiser this dll.
i learned the hard way, i cleaned a mates pc, then it showed as a google tip and they reinstalled it.
i couldnt be angry with anyone but myself for not doing a thorough job in the first place.
-
i have spent the last two weeks clearing malware of friends pc's.
two to look out for....internet anti virus and antivirus 2009.
both seem to be undetected by most antivirus programms and they also present them selve sin a way that looks like its a genuine windows warning.
Worth Googling and seeing what theyre about, as theyre a pain to get rid of, and to the unwary can look soo genuine you will fall for it.
Thought i'd let you all know, as they have a habit of defaulting your browser to their homepage, and that means no oofing, which just wouldnt do now, would it?!
sorry, i hate being wrong. and it happens too often too pass up the chance to vindicate myself.
really petty i know, and i apologise again.
-
i put virus as the title as i thought it'd get more notice than malware, but your right.
the antivirus one is particularly nasty, as even after you clear the registry, there is a dll that remains, so when you log on, it hijacks google and can end up causing you to reinstall it.
to completely get rid of it you need to unregiser this dll.
i learned the hard way, i cleaned a mates pc, then it showed as a google tip and they reinstalled it.
i couldnt be angry with anyone but myself for not doing a thorough job in the first place.
A mates PC? I would have burn and build it...
-
i have noticed sometimes whn page is loading once its done i just get a blank screen, any ideas ??
is this on a particular site, or just in general?
-
Only worth clearing up on servers (particularly some of our Citrix servers that seem to get hit).
-
i'm stubborn, so to burn it would have been admitting defeat.
if i couldnt have cleaned it properly i would have had no choice but to do so, but i'm getting quite quick at it now, as i have done four different machines with it this week alone.
they've rereleased the old antivirus 2008 as a clone called 2009 hence the prevalance at the moment.
-
Only worth clearing up on servers (particularly some of our Citrix servers that seem to get hit).
as mentioned, having done several i reckon i can clean one in 20 minutes max, which is much quicker than a rebuild.
add 10 minutes to reducate the user, (or 1 hour for an office) and i can then get on the desk and do my victory dance :D :D ;)
-
i'm stubborn, so to burn it would have been admitting defeat.
if i couldnt have cleaned it properly i would have had no choice but to do so, but i'm getting quite quick at it now, as i have done four different machines with it this week alone.
they've rereleased the old antivirus 2008 as a clone called 2009 hence the prevalance at the moment.
Remember, its a bugger to clear, and stay cleared - it uses a lot of techniques to reappear after a while. You will struggle to find definative info, as its self modifying (if you look at code, some varients are actually quite clever with it).
Burn and build its quick and conclusive resolution for desktop - but if you want to do manually for learning, thats fine :y
-
Only worth clearing up on servers (particularly some of our Citrix servers that seem to get hit).
as mentioned, having done several i reckon i can clean one in 20 minutes max, which is much quicker than a rebuild.
add 10 minutes to reducate the user, (or 1 hour for an office) and i can then get on the desk and do my victory dance :D :D ;)
Burn and build should only take 30-45mins for XP + office etc, less if you use unattend.txt, as you don't have to look over it, just kick it off and come back later.
In a business environment, you should be using build tools - MS RIS, Altiris, or even simple imaging such as Ghost. So 20mins max. And, in addition, you end up with a cleaner, faster PC.
Even small businesses, such as my brother's, around 8-10 PCs - downtime is money, esp if its one of his tills. He knows if one of his machines starts misbehaving, he immediately reboots of one of 2 DVDs (for right model PC) to put a Ghost - 2 mins to reapply Ghost image with drivers etc, then boot up (he has to provide PC name at this point), it reboots, then Group Policy comes along on next reboot and applies any software that machine should be running. That means his Tills can be back up in 5 mins from initial problem, back-of-house PCs about 10-12mins (MS Office takes about 5mins to deploy on its own).
He knows to do this at the first sign of any misbehaving, in case it is a viral outbreak, less chance of it spreading within his networks.
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
-
Interesting. I picked up that 2009 Anti-Virus malware last weekend.
I was doing a search for a driver and clicked on a link thrown up
by Windows 'Live Search.' I got a pop-up, similar to an AVG anti virus
screen, and it started to pretend to search my computer and tell me
that I had 59 virus/malware/trojan etc.. on my computer.
I pulled the internet connection from the cable modem as soon as
I saw it, but it continued doing the pretend search and exhorting me
to download it's anti-virus program.
My genuine AVG program belatedly picked it up and popped it into
quarantine. I emptied the quarantine and deleted all temporary
internet files, where it had loaded itself.
I've not had any more problems, so far, but reading the informed
replies on this thread, it would seem that there is a possibility that
it may have 'transmogrified' :) itself and be sitting somewhere else,
waiting to have another pop at me.
Would it be worth formatting drive C and reinstalling? I've done this
several times on computers before, so it doesn't hold any qualms
for me. I have the genuine discs/ drivers/ product keys/ program
discs/ recovery discs etc..
-
Interesting. I picked up that 2009 Anti-Virus malware last weekend.
I was doing a search for a driver and clicked on a link thrown up
by Windows 'Live Search.' I got a pop-up, similar to an AVG anti virus
screen, and it started to pretend to search my computer and tell me
that I had 59 virus/malware/trojan etc.. on my computer.
I pulled the internet connection from the cable modem as soon as
I saw it, but it continued doing the pretend search and exhorting me
to download it's anti-virus program.
My genuine AVG program belatedly picked it up and popped it into
quarantine. I emptied the quarantine and deleted all temporary
internet files, where it had loaded itself.
I've not had any more problems, so far, but reading the informed
replies on this thread, it would seem that there is a possibility that
it may have 'transmogrified' :) itself and be sitting somewhere else,
waiting to have another pop at me.
Would it be worth formatting drive C and reinstalling? I've done this
several times on computers before, so it doesn't hold any qualms
for me. I have the genuine discs/ drivers/ product keys/ program
discs/ recovery discs etc..
if its working OK , dont touch ;D :y
-
I had antivirus 2009 hit me last week. :'( Luckily my mate has his own pc business. 2 days later he had fully wiped and rebooted or whatever you call it my pc. he did try and get rid of it first but as said it kept popping up as different things :o
-
Warning!: Off at a tangent post......
Singular: Virus....
Plural: Virii....
......but which is the plural possessive?
Virus`s, Virii`s.....or.....????
....grammarians, please step forward! ;)
-
Warning!: Off at a tangent post......
Singular: Virus....
Plural: Virii....
......but which is the plural possessive?
Virus`s, Virii`s.....or.....????
....grammarians, please step forward! ;)
Plural of virus is viruses :y
-
Warning!: Off at a tangent post......
Singular: Virus....
Plural: Virii....
......but which is the plural possessive?
Virus`s, Virii`s.....or.....????
....grammarians, please step forward! ;)
Plural of virus is viruses :y
Would that make the plural possessive; "Viruses`s" then? :-/
-
Debs, it would be viruses'.
So it would appear in the following sentence:
"The common cold and influenza are both caused by similar viruses. However, studying the viruses' behaviour, one can identify marked differences in their potency...."
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
-
Debs, it would be viruses'.
So it would appear in the following sentence:
"The common cold and influenza are both caused by similar viruses. However, studying the viruses' behaviour, one can identify marked differences in their potency...."
:y Thanks Nickbat; `funny old language isn`t it! ;)
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
-
I've had this tinker of malware and it is nasty. You can download a programme called Malwarebytes anti-malware for free and it does sort it out. :y
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
Legally, you cannot reuse. I don't think its available in retail any more, I believe its still available in OEM chain.
I'm surprised that your software will run under Linux but not Windows :-/. Have you tried it under Vista compatibility mode? There is very little app software I have come across that doesn't.
Vista will likely run better than XP on decent Core2 hardware.
-
I've had this tinker of malware and it is nasty. You can download a programme called Malwarebytes anti-malware for free and it does sort it out. :y
Their are hundreds of 'clean up' tools for this one. If you find one that works, all good. I've yet to find one that is reliable and covers more than 1 of the hundreds of variants of this piece of nasty
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
Legally, you cannot reuse. I don't think its available in retail any more, I believe its still available in OEM chain.
I'm surprised that your software will run under Linux but not Windows :-/. Have you tried it under Vista compatibility mode? There is very little app software I have come across that doesn't.
Vista will likely run better than XP on decent Core2 hardware.
If I can't run my software might as well have a free O/S ::)
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
Legally, you cannot reuse. I don't think its available in retail any more, I believe its still available in OEM chain.
I'm surprised that your software will run under Linux but not Windows :-/. Have you tried it under Vista compatibility mode? There is very little app software I have come across that doesn't.
Vista will likely run better than XP on decent Core2 hardware.
One of the first things given up on no VESA 2 graphics mode so DOS graphics are stuffed (yes I did write a it if SW for me to use and I can't be bothered to port it)
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
Legally, you cannot reuse. I don't think its available in retail any more, I believe its still available in OEM chain.
I'm surprised that your software will run under Linux but not Windows :-/. Have you tried it under Vista compatibility mode? There is very little app software I have come across that doesn't.
Vista will likely run better than XP on decent Core2 hardware.
If I can't run my software might as well have a free O/S ::)
Most server class Linux distrubutions cost more than Windows Server ;)
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
Legally, you cannot reuse. I don't think its available in retail any more, I believe its still available in OEM chain.
I'm surprised that your software will run under Linux but not Windows :-/. Have you tried it under Vista compatibility mode? There is very little app software I have come across that doesn't.
Vista will likely run better than XP on decent Core2 hardware.
If I can't run my software might as well have a free O/S ::)
Most server class Linux distrubutions cost more than Windows Server ;)
How come?
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
Legally, you cannot reuse. I don't think its available in retail any more, I believe its still available in OEM chain.
I'm surprised that your software will run under Linux but not Windows :-/. Have you tried it under Vista compatibility mode? There is very little app software I have come across that doesn't.
Vista will likely run better than XP on decent Core2 hardware.
If I can't run my software might as well have a free O/S ::)
Most server class Linux distrubutions cost more than Windows Server ;)
How come?
Redhat, for example, is something like £400 per year per server.
So over the standard 3yr life of a server, Windows 2008 server works out much cheaper.
-
I have been collecting serials and disks ready for a rebuild, (new MB CPU HDDs keep DVD drive FDD case).
THis AV2000 or whatever I was attacked in the last week and AVG7 stopped it dead
remember, your oem xp is NOT transferrable (legally) ;)
I am NOT transferring - same case, DVD and FDD :y
Thats a transfer - its a significantly different system.
It may be 50:50 if it activates again, but the licence for OEMs is quite clear :-X
Well I have choices, reuse licence, sell me XP Pro, or Linux, rather not do the last one, I run some non Vistable software (CA-Clipper in VGA graphics mode)
Legally, you cannot reuse. I don't think its available in retail any more, I believe its still available in OEM chain.
I'm surprised that your software will run under Linux but not Windows :-/. Have you tried it under Vista compatibility mode? There is very little app software I have come across that doesn't.
Vista will likely run better than XP on decent Core2 hardware.
If I can't run my software might as well have a free O/S ::)
Most server class Linux distrubutions cost more than Windows Server ;)
How come?
Redhat, for example, is something like £400 per year per server.
So over the standard 3yr life of a server, Windows 2008 server works out much cheaper.
That is another possibility
-
Windows 2008 server works out much cheaper.
That is another possibility
Isn't that on the Vista kernel? Just run Vista :-X