1 2
Wally
Wally SuperDork
4/28/11 12:56 p.m.

In reply to AngryCorvair:

Twin_Cam
Twin_Cam SuperDork
4/28/11 3:38 p.m.
MCarp22 wrote:
JoeyM wrote:
Twin_Cam wrote: What's a virus?
A nucleic acid core, with a protein capsule around it. Possibly a membranous envelope from the host cell. If it is a retrovirus it will have the enzyme reverse transcriptase packed inside with the core.....never mind.
The punchline of that should be "but that's not important right now"

Win!

AngryCorvair
AngryCorvair SuperDork
4/29/11 9:46 a.m.
Wally wrote: In reply to AngryCorvair:

i'm honored! knowing i made Wally laugh makes my day.

AngryCorvair
AngryCorvair SuperDork
4/29/11 9:48 a.m.

and now a serious question: when i give it the vulcan nerve pinch and go to the processes tab, what name(s) am i looking for? i told my wife about this 2 days ago, and she just called me to tell me that she got a suspicious "windows error" pop-up. she's in task manager but doesn't know what to do from there.

EastCoastMojo
EastCoastMojo SuperDork
4/29/11 9:54 a.m.

From task manager I would just choose the applications tab and close the browser. It it hangs or refuses to close the browser then shut down (listed at the top of task manager, not a tab).

JoeyM
JoeyM SuperDork
4/29/11 6:36 p.m.
EastCoastMojo wrote: From task manager I would just choose the applications tab and close the browser. It it hangs or refuses to close the browser then shut down (listed at the top of task manager, not a tab).

That may, or may not, work....it all depends on the variant of the malware you get. Quoting myself from my earlier thread about this:

JoeyM said: At this point I was suspicious, and decided to shut down all applications through task manager and run some antivirus scans.....the machine was frozen, and task manager would not start....I shut off the power with the plan that I would run a scan after rebooting.....and the machine would not boot. We took it to our local PC repair guy, one who I trust and have dealt with for years, and he quickly figured out that malware had disabled the the hard drives; this machine had two hard drives, one for the OS, one for data. He wiped the OS drive and reinstalled, figuring that would solve the problem.....but then he found out that the malware had also affected the data hard drive.

This is how I got the data back http://www.howtogeek.com/howto/windows-vista/use-ubuntu-live-cd-to-backup-files-from-your-dead-windows-computer/

thummmper
thummmper Reader
4/29/11 7:14 p.m.

I run nod 32--eset antivirus--havent seen it or anything else--it's the nerds favorite, and now mine too.

confuZion3
confuZion3 SuperDork
4/30/11 12:13 p.m.

I got it at work two weeks ago. It put me out for an entire day. My company has a E36 M3ty IT vendor who we are supposed to contact by setting up a "work ticket", but they A.) never showed up to fix it and B.) knew nothing about my work ticket when I saw them roaming the halls at my office the next day and did nothing to help me. Here's what the virus did.

It started with a popup window for a cellphone ad that I couldn't close. I rebooted and it immediately loaded a program called Windows Repair which looked convincing except that it was wearing a Windows 7 / Windows Vista skin and stood out like a sore thumb in Windows XP. I shrugged it off, hit the X to close it without asking it to clean my computer, and intended to run anti-virus. It told me I had hard drive issues. Phony Windows XP error messages started popping up telling me I had expereinced a hardware failure. It went further: my Start menu was blank and my desktop had changed to a blank blue background. It looked convincing--like I had a hardware failure. So I rebooted, got a blue screen (another indicator of a hard drive failure) and was forced to try one more time out of desparation (did I get beaten by a virus!?).

I got into Windows in Safe Mode, ran Symantec Anti Virus (which I could still find, fortunately, since it was in my unaffected system tray (by the clock)). It immediately stopped, closed, and quarantined the bastard. I had to run it a few more times because it kept reinstalling itself when I loaded Windows but I finally killed it.

The damage: It changed the properties for all files and folders and made them hidden (which made it look like there was nothing on my hard drive). I had to "show hidden folders" and unhide the folders one-by-one. Then I did a little research on Symantec's site about this virus and got all of the registry codes that it creates. One of them disabled Task Manager (The button was gray and I could not click it to kill the program manually). Another causes my computer to try to access websites constantly: presumably so it can download itself again.

It took me a full day to lick this thing and the computer is still not 100%. I keep getting script errors like something is trying to activate a website. I also plugged in my headphones to listen to music one day (which I never do) and apparently, there were commercials running simultaneously in the background--I could hear them, but not see them. It's the most creative virus I've ever seen. And it has a purpose. You buy the product, they steal some money from you, and then it presumably reverses all the damage that it did to your computer--you never even know it's a scam if you aren't really savvy.

If you get a program like this, and someone said it above my post, do not click the X or any other button it offers you. Just because it says "Cancel" does not mean the code behind it stops that operation. Clicking "Cancel" might do something else--in fact, every button on the face could very well do the same thing--ruin your day. Just ignore it, try to find it in your task manager, and kill the E36 M3 out of it with an anti-virus program.

friedgreencorrado
friedgreencorrado SuperDork
4/30/11 5:29 p.m.

In reply to confuZion3:

Thanks for this. I just replaced our old computer because I thought we'd had hardware failure (wouldn't even run Windows in safe mode) after the big storm. After hearing about all those "fake" BSOD you had, I think I'll grab one of my IT buddies and see if he can bring the old one back.

confuZion3
confuZion3 SuperDork
4/30/11 7:06 p.m.
friedgreencorrado wrote: In reply to confuZion3: Thanks for this. I just replaced our old computer because I *thought* we'd had hardware failure (wouldn't even run Windows in safe mode) after the big storm. After hearing about all those "fake" BSOD you had, I think I'll grab one of my IT buddies and see if he can bring the old one back.

Be cautiously optimistic. If you cannot even load your operating system, you may not have a virus or something else could be wrong. I had an actual hardware issue a year ago and it stemmed from some memory that I had installed. I took the faulty RAM chip out and it was back to normal (of course, I accidentally reformatted the wrong hard drive in the process, bricked my iPhone, and the other hard drive all at the same time and lost all of my data in the process--thankfully, I had my iPod set up to back up all of my valuable data except phone contacts).

Think back a little while to any upgrades that you may have done and make sure they are installed properly in their receptacles. New hard drive? Try unplugging it and then plugging it back in. Same with RAM and processors.

JoeyM
JoeyM SuperDork
4/30/11 7:27 p.m.
confuZion3 wrote: it immediately loaded a program called Windows Repair which looked convincing except that it was wearing a Windows 7 / Windows Vista skin and stood out like a sore thumb in Windows XP. I shrugged it off, hit the X to close it without asking it to clean my computer, and intended to run anti-virus. It told me I had hard drive issues. Phony Windows XP error messages started popping up telling me I had expereinced a hardware failure. It went further: my Start menu was blank and my desktop had changed to a blank blue background. It looked convincing--like I had a hardware failure. So I rebooted, got a blue screen (another indicator of a hard drive failure) and was forced to try one more time out of desparation (did I get beaten by a virus!?).

Yup, that's exactly the the thing I was dealing with a few weeks ago.

I got into Windows in Safe Mode, ran Symantec Anti Virus (which I could still find, fortunately, since it was in my unaffected system tray (by the clock)). [.....] I had to run it a few more times because it kept reinstalling itself when I loaded Windows but I finally killed it.

I think some variants on this malware do more....I couldn't get it to reboot afterwards.

One of them disabled Task Manager (The button was gray and I could not click it to kill the program manually). Another causes my computer to try to access websites constantly: presumably so it can download itself again.

Same.....I tried to use Task Manager to kill it, and could not open task manager. That's when I tried rebooting. (Which, as noted above, didn't work.)

It's the most creative virus I've ever seen. And it has a purpose. You buy the product, they steal some money from you, and then it presumably reverses all the damage that it did to your computer--you never even know it's a scam if you aren't really savvy.

Yup. Our PC repair guy told me the exact same thing. Unfortunately, he couldn't get the data off the drive. I got it back using this tutorial and an Ubuntu Linux Live installation disk.

Curmudgeon
Curmudgeon SuperDork
4/30/11 7:38 p.m.

Got the kid's laptop into Safe mode and opened Task Manager, I then found this damn thing calls itself aod.exe*32. I still haven't gotten rid of it. In regular mode, it doesn't show and won't let you into TM or regedit, you have to get into Safe mode to get that far. It also will launch itself when I click the Malwarebytes icon, even in Safe mode. If I ever meet this guy...

1 2

You'll need to log in to post.

Our Preferred Partners
03ZXDyAja3cYlEHQ2rh4xhvYWmHU61r8ZyZQdTVbDQTidgGbBwARjkhzTgiN06bH