Page 1 of 1
Help - Need Virus Definitions
Posted: Mon Dec 01, 2008 1:04 am
by Unix
I have a ★■◆●ing virus that is preventing me from visiting AVG's site or getting updates through their auto-updater.
It's forwards any request I make from google to pharmacy sites and blah blah it sucks.
Can someone host the little 11k def file somewhere where I can just save it instead of going through avg?
http://www.versiontracker.com/dyn/morei ... ditionalDL
There's the only place I can find to get it from, but it just sends me to avg's site anyways...
HELP!
Thanks
Posted: Mon Dec 01, 2008 8:52 am
by Krom
Try safe mode with networking, and check your hosts file while you are at it.
(C:\\Windows\\system32\\driver\\etc\\)
Posted: Mon Dec 01, 2008 9:17 am
by CDN_Merlin
Trend Micro also hasd a online free scanner.
Posted: Mon Dec 01, 2008 11:56 am
by Krom
My guess is if AVG is blocked, the trend micro scanner is disabled as well. Although it is still worth a try.
Also some often overlooked tools like spybot search and destroy can rescue computers when virus scanners do little or nothing. But I would definitely try using safe mode with networking and check the host file. If none of that works, try a different browser (a portable firefox version could make all the difference).
Posted: Mon Dec 01, 2008 12:04 pm
by CDN_Merlin
Could also boot from a Linux USB and browse that way. I find with virii, it's much easier to format and safer.
Posted: Mon Dec 01, 2008 12:10 pm
by fliptw
Posted: Mon Dec 01, 2008 12:31 pm
by Unix
There's the page I need, but this virus is smart. It won't let me download any files from that site.
So here's what I've done:
1. RegCure - fixed a bunch of ★■◆●, didn't help my problem.
2. Ran Hijack This - again fixed a bunch of ★■◆●, didn't help my problem.
3. Cried.
4. Tried each of these in regular as well as safe-mode. Looked through the system32 folder, but I've got no idea what I'm looking for. There's half a gig of ★■◆● in there...any thing more specific I should be searching for?
Thanks for the help btw.
edit: n/m hosting - i've got someone sending the files via AIM.
Posted: Wed Dec 03, 2008 4:44 am
by Octopus
That's not good.
Posted: Wed Dec 03, 2008 11:10 pm
by BUBBALOU
Ok your surfing through porntube has proved a bad idea
AVG - or any other A/V program is useless against this new breed
you need to download the following files preferably on another computer after downloaded you need to change their names cf120408.exe and mb120408.exe
These new malware programs have internal blacklists to prevent certain named exe's from running
-----------------------------------------
boot into safe mode
run
Combofix
after that has completed it's cycle of fixes(do not stop it or run ANY other program until you see it spit out that text file)
then install and run
Malwarebytes run a quick scan to get the rest off, later run full scan
i bet the files it deletes have some \"TSSD\" names or you got busted by smitfraud
ENJOY your sanity afterwards
Posted: Thu Dec 04, 2008 6:53 pm
by Unix
I could hug you. Thanks!