| Nasty Devil This new phase of malware is nasty. One cannot goto one of the 100 or so sites to get software or removal tools for these (Ad-Aware, Avast, Spybot, Hijackthis, etc) as the DNS points to another IP or to the local system itself. Makes it difficult when one can't install the software on an infected system in regular or safe mode.
After a while of playing around I finally transferred spybot s&d (fully updated) from another system to a flash drive, copied the folder over to the infected system and ran it. It cleaned it somewhat, but enough to install Avast and Adaware (eventhough DNS was still being redirected). I had to manually download the definitions for Avast and Adaware to a flash drive then import them into the infected system.
Finally a ton of success and I also ran Hijackthis and the online version of trend and panda once the DNS got fixed.
It had a mix of Zlob, Virtumondo, and AV 2008.
Anyone who gets caught for making this stuff should be in prison (in the USA) or if they are from a different county, punish the county by not allowing DNS resolution to US territory (thus preventing access or limited access to US networks) until they can resolve the issue. |
|
1 edit | I have to ask whats the point of spending countless hours attempting to clean a system up? I mean can you ever be 100% certain that the system is clean?
Wouldn't it make more sense to just reinstall from an original backup or to just preform a clean install? |
|
 Smith6612Premium,MVM
join:2008-02-01
North Tonawanda, NY
kudos:21
 ·Frontier Communi..
·Verizon Online DSL
1 edit | That can be a pain for many users who don't know a thing about the Windows Setup Utility (or OEM PCAngel craps out on them). Last month I had to do this twice for people, and since I do in-home work, I ended up spending 3-5 hours installing Windows, moving their files back up, updating their box, and doing some before I leave work on the machine at their home. |
|
| I do this for a living too, and have for 20 years. I would love to re-install everything for a client. I take pride in trying to keep as much as possible, esiecially when a client has important software they may or may not have the keys for.
Upon cleaning, I get a backup of the data and let the client know I can not gurantee the outcome. If it happens within so many days again, I have the client gather as much info as possible and I factory restore the system for them. |
|
|
|
Smith6612Premium,MVM
join:2008-02-01
North Tonawanda, NY
kudos:21 | I actually do quite a bit of computer work just for fun, so it's not for a living in my case. I get called in for jobs mainly during the summer and winter months when everyone is online. |
|
