Forums | Albums | Social Groups |
|
How To Fix It Place to post how to fix |
|
Thread Tools | Display Modes |
06-24-2011, 04:51 PM | #1 |
Maniac Drummer
Join Date: Feb 2008
Location: Florida
Posts: 3,017
|
Sites to help you remove Trojans and infections
I just helped a family member that had MS Removal Tool popup that would stop all programs from running. I had to use SAFE Mode.
Here are some sites I use to help my family and friends PC when they are infected. Seem to be weekly now with this crazy world. Microsoft® Windows® Malicious Software Removal Tool Updated Each Month Download here and scan http://www.microsoft.com/downloads/e...displaylang=en ------------------------------------------ Malwarebytes Make sure to keep Updated and the Pro version is worth $24.95 for life. http://www.malwarebytes.org/ ------------------------------------------ If you do not have a Anti- Virus program and you think you might have a Virus. Then here are the FREE online links to help you Each site has an Online Scanner. http://kaspersky.com/virusscanner http://microsoft.com/security/malwar...e/default.mspx http://bitdefender.com/scan8/ie.html http://housecall.trendmicro.com Here's a Free Anti Virus that works Avast Home 6 http://www.avast.com/free-antivirus-download Vipre Anti Virus http://www.vipreantivirus.com/ <<<<<< Vipre Rescue http://live.sunbeltsoftware.com/ <<<<<<
------------------------------------------- McAfee Stinger updates often. You will have to click on link each week and download the new version http://www.mcafee.com/us/downloads/f...s/stinger.aspx If you know what the Trojan is and need a Tool to remove it. http://home.mcafee.com/VirusInfo/VirusRemovalTools.aspx More Free Removal Tools http://www.mcafee.com/us/downloads/f...ols/index.aspx D7 Malware tool for PC Techs http://www.majorgeeks.com/D7_d6954.html Always looking out for my UGL Peeps
__________________
I am a USAF Veteran and LoveUSA Last edited by Doz; 11-08-2011 at 05:19 PM. Reason: fixing post |
06-28-2011, 08:58 PM | #2 |
Maniac Drummer
Join Date: Feb 2008
Location: Florida
Posts: 3,017
|
I try to find good sites to help everyone for when you get a virus or trojan then its time to fight back
__________________
I am a USAF Veteran and LoveUSA |
07-14-2011, 05:12 PM | #3 |
Maniac Drummer
Join Date: Feb 2008
Location: Florida
Posts: 3,017
|
Malwarebytes' Anti-Malware 1.51.2.1300
Issues Fixed: 1. Fixed minor updating issues. 2. Fixed issue with trials expiring too early. 3. Fixed GUI language bugs. 4. Fixed issue where Ignore List was not honored by the Protection Module. 5. Fixed issue where limited users were prompted to update an outdated database. They made it even better
__________________
I am a USAF Veteran and LoveUSA |
08-28-2011, 12:37 PM | #4 |
Maniac Drummer
Join Date: Feb 2008
Location: Florida
Posts: 3,017
|
Microsoft Security Bulletin MS11-065 - Important
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222) Published: August 09, 2011 http://www.microsoft.com/technet/sec.../ms11-065.mspx Server Admins need to Read: http://threatpost.com/en_us/blogs/ne...ows-pcs-082811 A new worm called Morto has begun making the rounds on the Internet in the last couple of days, infecting machines via RDP (Remote Desktop Protocol). The worm is generating a large amount of outbound RDP traffic on networks that have infected machines, and Morto is capable of compromising both servers and workstations running Windows. Info outgoing TCP 3389 connections. "Once you are connected to a remote system, you can access the drives of that server via Windows shares like \\tsclient\c and \\tsclient\d for drives C: and D:, respectively. Monto uses this feature to copy itself to the target machine. It does this by creating a temporary drive under letter A: and copying a file called a.dll to it. The infection will create several new files on the system including \windows\system32\sens32.dll and \windows\offline web pages\cache.txt. Morto can be controlled remotely. This is done via several alternative servers, including jaifr.com and qfsl.net." Process Explorer v15.03 By Mark RussinovichPublished: August 18, 2011 http://technet.microsoft.com/en-us/s...rnals/bb896653 Introduction Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded. The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
__________________
I am a USAF Veteran and LoveUSA |
10-06-2011, 11:15 AM | #5 |
Tech Toys
Join Date: May 2011
Posts: 111
|
This is how Windows get infected with malware
2011-09-27 10:28:11 | Peter Kruse When a Microsoft Windows machine gets infected by viruses/malware it does so mainly because users forget to update the Java JRE, Adobe Reader/Acrobat and Adobe Flash. This is revealed by a survey conducted by CSIS Security Group A/S. Basis of the study CSIS has over a period of almost three months actively collected real time data from various so-called exploit kits. An exploit kit is a commercial hacker toolbox that is actively exploited by computer criminals who take advantage of vulnerabilities in popular software. Up to 85 % of all virus infections occur as a result of drive-by attacks automated via commercial exploit kits. The purpose of this study is to reveal precisely how Microsoft Windows machines are infected with the virus/malware and which browsers, versions of Windows and third party software that are at risk. We have monitored more than 50 different exploit kits on 44 unique servers / IP addresses. Our figures come from the underlying statistical modules, thereby ensuring an as precise overview of the threat landscape as possible. The statistical material covers all in all more than half a million user exposures out of which as many as 31.3 % were infected with the virus/malware due to missing security updates. The thousands of users who unknowingly have been exposed to drive-by attacks have used the following web browsers: Info Here = http://www.csis.dk/en/csis/news/3321 Here a Link to download the New Spybot Search and Destroy 2.2 http://www.safer-networking.org/spybot2-own-mirror-1/ Last edited by Techman; 10-18-2013 at 06:21 PM. |
10-14-2011, 12:27 PM | #6 |
Maniac Drummer
Join Date: Feb 2008
Location: Florida
Posts: 3,017
|
Thank you
I got your PM and fixed your name. Nice Avatar I made it so others can use it
__________________
I am a USAF Veteran and LoveUSA |
10-23-2011, 08:56 PM | #7 |
Maniac Drummer
Join Date: Feb 2008
Location: Florida
Posts: 3,017
|
World's most sophisticated rootkit is being overhauled
New variants don't make obvious modifications to the MBR By Lucian Constantin, IDG News Service October 21, 2011 10:05 AM ET Sponsored by: Experts from security vendor ESET warn that TDL4, one of the most sophisticated pieces of malware in the world, is being rewritten and improved for increased resilience to antivirus detection. "ESET researchers have been tracking the TDL4 botnet for a long time, and now we have noticed a new phase in its evolution," announced David Harley, the company's director of malware intelligence. IN THE NEWS: Botnet army being assembled, awaiting orders "Based on the analysis of its components we can say that some of those components have been rewritten from scratch (kernel-mode driver, user-mode payload) while some (specifically, some bootkit components) remain the same as in the previous versions," he noted. Harley and his colleagues believe this suggests a major change within the TDL development team or the transition of its business model toward a crimeware toolkit that can be licensed to other cybercriminals. TDL, also known as TDSS, is a family of rootkits characterized by complex and innovative detection evasion techniques. Back in July, malware analysts from Kaspersky Lab called TDL version 4 the most sophisticated threat in the world and estimated that the number of computers infected with it exceeds 4.5 million. There are many things that make TDL4 stand out from the crowd of rootkits currently plaguing the Internet. Its ability to infect 64-bit Windows systems, its use of the public Kad peer-to-peer network for command purposes and its Master Boot Record (MBR) safeguard component are just some of them. However, according to ESET's researchers, changes are now being made to the way TDL4 infects systems and ensures its hold on them. Instead of storing components within the MBR, the new variants create a hidden partition at the end of the hard disk and set it as active. This ensures that malicious code stored on it, including a special boot loader, gets executed before the actual operating system, and that the MBR code checked by antivirus programs for unauthorized modifications remains untouched. The TDL4 authors have also developed an advanced file system for the rogue partition, which allows the rootkit to check the integrity of components stored within. "The malware is able to detect corruption of the files stored in the hidden file system by calculating its CRC32 checksum and comparing it with the value stored in the file header. In the event that a file is corrupted it is removed from the file system," the ESET researchers explain. In April, Microsoft released a Windows update that modified systems to disrupt the TDL4 infection cycle. The rootkit's authors responded half a month later with an update of their own that bypassed the patch. This kind of determination to keep the malware going suggests that its return on investment is significant. The code quality and the sophisticated techniques are certainly indicative of professional software development. Several antivirus vendors like Kaspersky, BitDefender or AVAST, offer free stand-alone tools that can remove TDSS and similar rootkits. However, in order to avoid getting infected in the first place users should install an antivirus solution that provides advanced layers of protection, like those analyzing software behavior. Source info = http://www.networkworld.com/news/201...2.html?hpg1=bn
__________________
I am a USAF Veteran and LoveUSA |
12-02-2011, 08:23 PM | #8 |
Maniac Drummer
Join Date: Feb 2008
Location: Florida
Posts: 3,017
|
For when you see SPAM or peeps trying to hack your site
Here a link to report and send info. Let Big brother go after them http://www.ic3.gov/default.aspx
__________________
I am a USAF Veteran and LoveUSA |
Currently Active Users Viewing This Thread: 2 (0 members and 2 guests) | |
Thread Tools | |
Display Modes | |
|
|
Powered by vBulletin® Version 3.8.1 Copyright ©2000 - 2024, Jelsoft Enterprises Ltd. |