New Very Nasty Malware/Rootkits ????

busenbust

Drone31 wrote: »

I also don't feel the situation is helped, when people new to the whole spyware/malware etc situation, do some research, go to download something along the lines of Ad Aware for the first time from a download site, and end up downloading something like "super ultra registry cleaner" by mistake, due to the utterly misleading placement of download links which open in an endless stream of new tabs.

:rotfl:...how many times have i seen that happen!!

S0litaire

Also if you're really stuck try grabbing a Linux LiveCD and using ClamAV to scan the Windows partition.
Since Win OS won't be loaded any rootkits should stand out since they can't use the OS to hide..

their is a windows version if you're not to keen on Linux

http://www.clamav.net/lang/en/about/win32/

busenbust

on a related note: we are seeing the same thing with surreptitious malware/spyware (toolbars) -- which u need to untick -- when doing an install of, say, ccleaner, Chrome etc. the onus is on the user to read and uncheck.

Drone31

busenbust wrote: »

on a related note: we are seeing the same thing with surreptitious malware/spyware (toolbars) -- which u need to untick -- when doing an install of, say, ccleaner, Chrome etc. the onus is on the user to read and uncheck.

The whole 'opt out' issue is a real bugbear of mine; t's such a tricksy tactic. People will always tick a box to state what they want, but there's always a chance they'll neglect to untick something they don't notice. I hate any corporation who employs that tactic... and even outside of computing, how on earth the whole opt out culture is a legal thing to do in any capacity is beyond me.

I see it as the equivalent of "I've bought you this ten thousand pound car you never indicated you wanted. It's your responsibility to tell me if you don't want it mind, and I need to know soon; the onus is on you to turn it down".

GunJack

S0litaire wrote: »

Also if you're really stuck try grabbing a Linux LiveCD and using ClamAV to scan the Windows partition.
Since Win OS won't be loaded any rootkits should stand out since they can't use the OS to hide..

their is a windows version if you're not to keen on Linux

http://www.clamav.net/lang/en/about/win32/

will clam work with puppy ??? If I have to use linux, it's my preferred quick up'n'running CD...

(as you may tell, I'm not a linux buff, it's just handy every now'n'again )

23n1th

If you're going down the linux route I'd suggest the persistent install to a usb thumb drive booting for that.

GunJack

23n1th wrote: »

If you're going down the linux route I'd suggest the persistent install to a usb thumb drive booting for that.

I run puppy from a CD, might give that a go.

I'll update tomorrow after I've been back to #2 and see what the good dr. came up with .......

S0litaire

it should run from Puppy
Depends on what Flavour of Linux it's based on, Worst comes to the worst compile the source ^_^ lol

aliEnRIK

You dont want to post the combofix log?

GunJack

aliEnRIK wrote: »

You dont want to post the combofix log?

I may well do mate... I've just called owner of #2 in lunch break, and we've got progress :j Dr web got shut of 11-12 bits, and now it'll restart in normal mode without shutting itself down and restarting We'll see what develops when I go round there this evening...

..see signature for closing comment