Author Topic: HIDEOUS VIRUS!!! (Read 13524 times)

Industrial Cafe · « **on:** January 22, 2010, 05:43:32 PM »

I just received the nastiest virus I've gotten in a long time.

It started by emulating the windows live virus scanner, then it would tell me everything I clicked was infected. and if I clicked check for viruses it would check very quickly and tell me I had key loggers trojans and many other "horrible" things that weren't there.
I couldn't start up my AVG scanner, start up menu, task manager, or share my C:\ drive (so I could check for viruses from the laptop) because it would tell me it was infected.

I noticed it wouldn't start the fake virus scanner until midway through loading everything in the system tray so I opened the task manager before the "virus" loaded up. IT WORKED!!! I shut down 3 programs before it started up- I don't know what they were called but I knew I didn't recognize them... they were something like "jkqs... something like that. I'm now running AVG in hopes that it finds it. I'll report back the results.

mlinder · « **Reply #1 on:** January 22, 2010, 05:58:39 PM »

Download this:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

to your desktop.

Restart in safe mode. Run it.

Industrial Cafe · « **Reply #2 on:** January 22, 2010, 06:00:05 PM »

will do sir

mlinder · « **Reply #3 on:** January 22, 2010, 06:02:32 PM »

AVG won't fix this.
It's a combination of the virtumond rootkit and smitfraud. Very bad stuff. combofix should clean it up mostly, then run malwarebytes or some crap like that after combofix is done. If it's still nto out, I'll walk you through some other things you need to do.

Duke McDukiedook · « **Reply #4 on:** January 22, 2010, 06:03:58 PM »

You couldn't reboot in safe mode and run AVG?

Industrial Cafe · « **Reply #5 on:** January 22, 2010, 06:04:11 PM »

I forgot to mention, it won't start in safe mode either, just locks up and after a half hour I tried the method described above.

I'll keep workin on it though, thanks M

Duke McDukiedook · « **Reply #6 on:** January 22, 2010, 06:05:16 PM »

Damn IC, you must be looking at some serious porn, or someone sent you some nasty stuff in those torrents you've been downloading lately.

Industrial Cafe · « **Reply #7 on:** January 22, 2010, 06:07:25 PM »

I guess, I download torrents all the time and never have problems. I make sure they have been verified on torrent forums first.

I was on blogspot.com looking at bicycle blogs when it all started I was looking at linked pictures.

edit: but it could be one of those time delay malware programs.

Duke McDukiedook · « **Reply #8 on:** January 22, 2010, 06:12:12 PM »

What browser are you running?

Industrial Cafe · « **Reply #9 on:** January 22, 2010, 06:14:33 PM »

firefox.

also, it kept opening a website called laptopvirusscan.com, adult.com, and porn.com on my E internet explorer. (which I didn't know was still installed)

Kframe · « **Reply #10 on:** January 22, 2010, 06:18:33 PM »

I've had some good luck with Malwarebytes.
It can find and clean a lot of stuff.

If not, give up and do what I did - switch to Linux.
-K

Industrial Cafe · « **Reply #11 on:** January 22, 2010, 06:18:45 PM »

hey, I found the program in my startup menu.
C:\Documents and Settings\Gaming\Local Settings\Application Data\oaxifo\jbtisysguard.exe

Damfino · « **Reply #12 on:** January 22, 2010, 06:37:04 PM »

I had that about two weeks ago. Believe it or not, all I did was a system restore and that got rid of it.

Industrial Cafe · « **Reply #13 on:** January 22, 2010, 07:00:50 PM »

thanks mlinder, combofix found and deleted it fast.
it also found an ass load of other things.

WOOOO!!!!

MRieck · « **Reply #14 on:** January 22, 2010, 07:47:01 PM »

Stay off of the porn or get a Mac.

Industrial Cafe · « **Reply #15 on:** January 22, 2010, 08:02:35 PM »

but I love porn so much!

Inigo Montoya · « **Reply #16 on:** January 22, 2010, 08:40:01 PM »

Ah skip mac and go to linux!
Anyways, remember that malwarebytes uses its own installer so installs in safe mode, safe mode networking and safe mode command prompt.
Another one called spyware terminator installs in safe mode too.
There is an a/v program called bit defender which you can burn to disk and then boot from said disk. Very good scanner as it does not load windows at all.

If it comes right down to it and you have a second pc, take out the hdd and hook it up through usb and scan it that way.

mkramer1121 · « **Reply #17 on:** January 22, 2010, 08:44:00 PM »

Just fixed this on a computer at work today 'cause the IT guy couldn't do it and refused to use google...Worked great, follow this tutorial: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-live

Sorry didn't read all the posts, glad you got it IC...

Duke McDukiedook · « **Reply #18 on:** January 22, 2010, 08:46:51 PM »

What do you guys recommend for spyware and antivirus for a Linux computer?

After I get all the old stuff off the Gateway I plan on installing Linux.

Industrial Cafe · « **Reply #19 on:** January 22, 2010, 08:49:04 PM »

Duke McDukiedook · « **Reply #20 on:** January 22, 2010, 09:04:05 PM »

Hmmmm.... interesting sounding software- No.

Have to check into this...

CBJoe · « **Reply #21 on:** January 22, 2010, 09:15:14 PM »

I love Ubuntu ..... I'm not too quick on the uptake and it's still easy for me to use.

Been running it on most of my machines for 3 years and have NEVER had a single issue. My Suse box (server) has been running since 2006 without any issues whatsoever.

I'm done with windows..... (still cant get my wife to run anything but XP)... Maybe I should go run combofix

mlinder · « **Reply #22 on:** January 22, 2010, 09:31:57 PM »

Quote from: Dukiedook on January 22, 2010, 08:46:51 PM

What do you guys recommend for spyware and antivirus for a Linux computer?

After I get all the old stuff off the Gateway I plan on installing Linux.

You don't need any.

Duke McDukiedook · « **Reply #23 on:** January 23, 2010, 01:34:52 AM »

C'mon, the haxors have to make up some viruses for the script kiddies to pass around to Linux systems, right?

Maybe they don't want to #$%* where they eat.... $:-\$

Bob Wessner · « **Reply #24 on:** January 23, 2010, 02:55:03 AM »

Quote from: mlinder on January 22, 2010, 09:31:57 PM

Quote from: Dukiedook on January 22, 2010, 08:46:51 PM
What do you guys recommend for spyware and antivirus for a Linux computer?

After I get all the old stuff off the Gateway I plan on installing Linux.

You don't need any.

Well, can't agree with that. There may not be as many because it is a relatively small segment (target) of the OS world, but there are Linux viruses. I would install anti-virus software on any OS.

News:

Author Topic: HIDEOUS VIRUS!!! (Read 13524 times)