Or at least public flogging! On Fri, Dec 4, 2009 at 9:46 AM, Mike Sullivan <[email protected]> wrote:
> Man, these malware creators are evil! I vote we bring back public > hangings! > > > On Fri, Dec 4, 2009 at 6:39 AM, John Aldrich <[email protected] > > wrote: > >> I was at a seminar yesterday put on by Sunbelt and during a break I had >> a chance to talk to one of the presenters and told him of a recent malware >> incident I’d cleaned up. He’d never heard of such a trick before so I >> thought I’d bring it to y’all’s attention so you can be on the lookout for >> it. Basically it was the same old malware that’s been going around with the >> Antivirus Pro sort of stuff, but the twist was that even using Malware Bytes >> we were not able to get rid of it. After I was poking around a bit, (I don’t >> recall why I was looking at the root of C:, but I was) I noticed a batch >> file in the root of the C: drive that, when I opened it and looked at it, it >> created a bunch of scheduled tasks to re-download the malware/adware. I >> wised up and deleted that file, then went into the Scheduled Tasks and >> deleted all the malware-created scheduled tasks. Then I was able to >> successfully clean the stuff out! >> >> What really got us was that Malware Bytes would clean it, then say it >> needed to reboot to finish, and then as soon as we came back, the fake >> antivirus was right back there. What I believe it was doing was >> re-downloading itself from the internet each time we cleaned it. So, anyway, >> if you guys ever have a problem like this, it wouldn’t hurt to check the >> scheduled tasks! >> >> >> >> [image: John-Aldrich][image: Tile-Tools] >> >> >> >> >> >> >> >> > > > -- > Mike Sullivan > [email protected] > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
<<image002.jpg>>
<<image001.jpg>>
