Jump to content



Photo

Need help removing virus/malware

fbi moneypak

  • Please log in to reply
37 replies to this topic

#16 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 18 November 2012 - 18:22

Secret....malware bytes doesn't remove everything. Their root kit detection piece is still in beta last time I checked. Malware bytes is not the end all be all.

I have been around a lot of malware, and I can tell you with 100% certainty that malware bytes doesn't remove all of it. Just a good portion. I run a min of three different removal utilities mwb being one of them when cleaning computers. Mwb isnt the first thing i run, it is the last. I do know its limitations.


#17 Secular Humanist

Secular Humanist

    Neowinian Senior

  • Joined: 17-June 09

Posted 18 November 2012 - 18:31

Secret....malware bytes doesn't remove everything. Their root kit detection piece is still in beta last time I checked. Malware bytes is not the end all be all.

I have been around a lot of malware, and I can tell you with 100% certainty that malware bytes doesn't remove all of it. Just a good portion. I run a min of three different removal utilities mwb being one of them when cleaning computers. I do know its limitations.

after servicing a couple thousand machines over the last couple years , i have had a 100% success ratio with malwarebytes when scanning in safe mode. Could you give me an example of malware that it can't remove? I would like to download it and see for myself.

note: i LOVE getting new stuff to test virus removal techniques. being serious.

#18 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 18 November 2012 - 18:33

Pick any root kit. The Remote Desktop attack 6months ago it couldn't detect (MSE was the first that did). Had problems finding, file name was close to a windows file name and I kept overlooking it.

I have been doing manual virus removal since late 90s. I have thousands over you. Hell, the hospital I was working at had a whole site infection over 10000 computers and hundreds of servers. Nightmare.

#19 Secular Humanist

Secular Humanist

    Neowinian Senior

  • Joined: 17-June 09

Posted 18 November 2012 - 18:40

Pick any root kit. The Remote Desktop attack 6months ago it couldn't detect (MSE was the first that did). Had problems finding, file name was close to a windows file name and I kept overlooking it.

I have been doing manual virus removal since late 90s. I have thousands over you. Hell, the hospital I was working at had a whole site infection over 10000 computers and hundreds of servers. Nightmare.

could you give me even just 1 name of a rootkit that you could not remove with it? the worst one in your mind/experiance

#20 ButteIrishProud

ButteIrishProud

    Neowinian

  • Joined: 17-November 12

Posted 18 November 2012 - 18:43

you could do what others said and waste your time, or do what will be the easiest. Download a 10 meg file mawarebytes.com from here (filehippo link) on to a usb key. Boot into safe mode, install, run a scan, let it remove it. Done. If you want to do it the hard way, follow the other posts above.

This. Why make the removal process difficult?

#21 Detection

Detection

    Detecting stuff...

  • Joined: 30-October 10
  • Location: UK
  • OS: 7 SP1 x64

Posted 18 November 2012 - 18:46

not exactly useful either. if it is not useful, it is useless IMO.



Huh? How is it not useful ?

What do you have against HJT ? It works, what more do you want ?

#22 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 18 November 2012 - 18:53

could you give me even just 1 name of a rootkit that you could not remove with it? the worst one in your mind/experiance


Is it that hard to google root kit names, like I said pick one any one. Pull any one out of a google search. Malware bytes is 100% ineffective against any root kit. It doesn't have the scan engine for it, therefore it can't detect or repair against this type of infection. Google redirect is one.

Here you go read through and you will see that the user running malware bytes has no effect against it. http://www.bleepingc...opic434638.html

Huh? How is it not useful ?

What do you have against HJT ? It works, what more do you want ?


I don't like doing things twice and skimming through information I have been through before.

#23 Detection

Detection

    Detecting stuff...

  • Joined: 30-October 10
  • Location: UK
  • OS: 7 SP1 x64

Posted 18 November 2012 - 18:58

Is it that hard to google root kit names, like I said pick one any one. Pull any one out of a google search. Malware bytes is 100% ineffective against any root kit. It doesn't have the scan engine for it, therefore it can't detect or repair against this type of infection. Google redirect is one. Here you go read through and you will see that the user running malware bytes has no effect against it. http://www.bleepingc...opic434638.html I don't like doing things twice and skimming through information I have been through before.


Ok, well each to their own, lets not hijackthis thread with our differences ;)

#24 Secular Humanist

Secular Humanist

    Neowinian Senior

  • Joined: 17-June 09

Posted 18 November 2012 - 19:40

Is it that hard to google root kit names, like I said pick one any one. Pull any one out of a google search. Google redirect is one.


Surprised you could not give one from your own extensive experiences and instead saying Google one. I am having no luck finding an .exe for the google redirect to infect myself with. Google is full of solution links and no actual download links (of course and expected). Do you know where i can get the .exe file? Or maybe a website that does give the infection?

#25 xendrome

xendrome

    In God We Trust; All Others We Monitor

  • Tech Issues Solved: 12
  • Joined: 05-December 01
  • OS: Windows 8.1 Pro x64

Posted 18 November 2012 - 19:45

Yeah Malwarebytes doesn't get Rootkits at all, I use TDSSKiller for that.. Along with Malwarebytes and Combofix to clean the rest.

#26 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 18 November 2012 - 19:54

I don't make it a habbit to self infect. I get enough examples that I don't need to search.



here is a sample file from 2011.

http://www.ziddu.com...4/TDL4.rar.html
Password : infected


another
http://download.soft...rootkit+sample/

do a search for rootkit sample file download

This guys site has a bunch but you need to contact him/her for the password
http://contagiodump....paj-sample.html
MilaParkour@gmail.com


You should know that there are many different sample files that you can get with all sorts of infections in them to see if your av/antimalware software can detect them. This is how many companies test the softwares capabilities as well as many third party companies rate new softwares, but they usually have internal lists and usually are pretty large.

Like I said google it and pick any, not my fault you don't know the search terms.

#27 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 18 November 2012 - 20:00

Yeah Malwarebytes doesn't get Rootkits at all, I use TDSSKiller for that.. Along with Malwarebytes and Combofix to clean the rest.

tdsskiller is pretty good, I use that with a quick scan of gmer afterwards (tdsskiller isn't 100% neither is gmer, the two together make a good team).

#28 redvamp128

redvamp128

    Neowinian Senior

  • Joined: 06-October 01

Posted 18 November 2012 - 20:18

Sounds like it had this-

http://youtu.be/_gILhDFqm4I

#29 +goretsky

goretsky

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 12-March 04
  • Location: Southern California

Posted 19 November 2012 - 07:18

Hello,

Is the message similar to the one mentioned here on the anti-malware vendor's support web site?

Regards,

Aryeh Goretsky

#30 smith.s

smith.s

    Neowinian

  • Joined: 06-November 12

Posted 19 November 2012 - 08:53

Windows Malicious Software Removal Tool would be ideal for removing malware from windows based systems.