Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Spoof anti-virus software
New Posts  All Forums:Forum Nav:

Spoof anti-virus software - Page 6

post #51 of 92
Quote:
Originally Posted by mikepahl318 View Post
My advice? offer to install Malwarebytes pro on their PC and enabled 1/week quick scan and daily updates.
They will never see a virus again.
This. I prescribe the same for repeat offenders. I'm sure the common denominator with all the infected machines is that they are using IE, no?
post #52 of 92
Quote:
Originally Posted by edgemaster191 View Post
a lot of these fake Av's are infecting the MBR, and disabling key system functions such as regedit, task manager etc. i consider that to be virus activity.

also not saying everyone who has a problem is an idiot my experience is the educated ppl usually know what they did or what happened and realize it was a mistake. the ppl who keep coming back because they keep going to the same 2 websites or keep trying to open the same email attachment over and over again never putting two and two together.
The big one going around right now (XX Anti-Virus 2011) disables the ability to run anything with an .exe extension through some registry trickery. If it can run with Administrator privileges, then it can very quickly balloon into a problem the user can't fix themselves even with software. This is why the Pro version of Malwarebytes is crucial for non-techies. It *prevents* many of these initial attacks from spyware..

My point was that it sounds like your users are covered when it comes to viruses, but not spyware. I would recommend Malwarebytes Pro for your repeat offenders. It would be very difficult to find out where they are getting the Fake-AV from after the fact, unless you know what your doing. I certainly don't, but I don't care so much, I just clean it up.
Edited by thenutty1 - 4/1/11 at 2:21pm
GALACTUS
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 1.312 VID Gigabyte EP45-UD3P ATI 7850 1GB 2x2GB G.Skill DDR1000 
Hard DriveOptical DriveOSMonitor
2x WD Black 640GB RAID 0 DVD Burner Windows 7 x64 Dell E228WFP 
KeyboardPowerCaseMouse
Saitek Eclipse Corsair HX520 Antec Nine Hundred Logitech G9x 
Mouse Pad
None 
  hide details  
Reply
GALACTUS
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 1.312 VID Gigabyte EP45-UD3P ATI 7850 1GB 2x2GB G.Skill DDR1000 
Hard DriveOptical DriveOSMonitor
2x WD Black 640GB RAID 0 DVD Burner Windows 7 x64 Dell E228WFP 
KeyboardPowerCaseMouse
Saitek Eclipse Corsair HX520 Antec Nine Hundred Logitech G9x 
Mouse Pad
None 
  hide details  
Reply
post #53 of 92
there are other ways to remove a virus then simple safe mode or normal boot options to run an av scanner
P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
post #54 of 92
Quote:
Originally Posted by Greensystemsgo View Post
there are other ways to remove a virus then simple safe mode or normal boot options to run an av scanner
Half the techs at the shop I worked at did not believe so.

Luckily I did the quality control and I would say What did you do?

You can't just run

Combofix - External AV/AS - Windows updates and call it a day!
post #55 of 92
Quote:
Originally Posted by NitroNarcosis View Post
Half the techs at the shop I worked at did not believe so.

Luckily I did the quality control and I would say What did you do?

You can't just run

Combofix - External AV/AS - Windows updates and call it a day!
i have no idea what you just said

but yeah, many times virus' block out safe mode so you must use a live disc of some sort. me and my buddy use one we tweaked ourselves based off of one we found online.
P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
post #56 of 92
Quote:
Originally Posted by Greensystemsgo View Post
i have no idea what you just said

but yeah, many times virus' block out safe mode so you must use a live disc of some sort. me and my buddy use one we tweaked ourselves based off of one we found online.
Correct, live discs ftw
post #57 of 92
Sorry, let me clarify.

The n00bs at my old job would run

Combofix

then

AVAST! external scan

then

Malware bytes External scan

then

Run windows updates

and

Then call the computer clean and ready to go back to the customer

without checking the integrity of anything.

I would then load up the PC and check everything out with errors at desktop start up, the AV that was previously installed would be totally hosed still, hell even sometimes the updates were not done, etc...

Scrubs
post #58 of 92
k kids. if anyone is interested, here is the windows anti virus i just found


Code:
http://antivirus-program.cw.cm/fast-scan/
P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
post #59 of 92
open a command prompt and type

mrt.exe, dont do the quick scan...

all done..
MuchoIdiot II
(9 items)
 
MEDIASERVER 2
(14 items)
 
 
CPUMotherboardGraphicsRAM
core i7 7700k Asus maximus IX hero Gigabyte GTX1080Ti G.SKILL TridentZ RGB Series 32GB (4 x 8GB) 288-... 
Hard DriveCoolingOSPower
Samsung 960 EVO m.2 Corsair H115i Windows 10 Pro Corsair HX1000i 
Case
Corsair 750D Airflow 
CPUMotherboardGraphicsRAM
AMD FX8350 Asus M4A785-M none 8GB DDR2 800Mhz 
Hard DriveOptical DriveCoolingOS
16x LP 2/3TB Seagate Asus External Corsair H70 Windows 10 
MonitorKeyboardPowerCase
none none Corsair TX750W Antec 1200 
MouseMouse Pad
none none 
CPUMotherboardGraphicsGraphics
Pentium 2 300Mhz pd440fx 3DFX VooDoo 2 3DFX VooDoo 
Hard DriveOptical DriveOSMonitor
Crucial C300 LightScribe DVD writer Windows 98SE Westinghouse LCM22W3 
KeyboardPowerCaseMouse
Keytronic Corsair CX500 Micron Millennia XRU Logitech PS/2 Optical mouse 
Audio
Soundblaster 16bit ISA 
  hide details  
Reply
MuchoIdiot II
(9 items)
 
MEDIASERVER 2
(14 items)
 
 
CPUMotherboardGraphicsRAM
core i7 7700k Asus maximus IX hero Gigabyte GTX1080Ti G.SKILL TridentZ RGB Series 32GB (4 x 8GB) 288-... 
Hard DriveCoolingOSPower
Samsung 960 EVO m.2 Corsair H115i Windows 10 Pro Corsair HX1000i 
Case
Corsair 750D Airflow 
CPUMotherboardGraphicsRAM
AMD FX8350 Asus M4A785-M none 8GB DDR2 800Mhz 
Hard DriveOptical DriveCoolingOS
16x LP 2/3TB Seagate Asus External Corsair H70 Windows 10 
MonitorKeyboardPowerCase
none none Corsair TX750W Antec 1200 
MouseMouse Pad
none none 
CPUMotherboardGraphicsGraphics
Pentium 2 300Mhz pd440fx 3DFX VooDoo 2 3DFX VooDoo 
Hard DriveOptical DriveOSMonitor
Crucial C300 LightScribe DVD writer Windows 98SE Westinghouse LCM22W3 
KeyboardPowerCaseMouse
Keytronic Corsair CX500 Micron Millennia XRU Logitech PS/2 Optical mouse 
Audio
Soundblaster 16bit ISA 
  hide details  
Reply
post #60 of 92
dunno what all this is capable of,

Also, this is obviously a keylogger!

Code:

http://www.farrtbook.com/1/login6.php 

P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
P50
(15 items)
 
   
CPUGraphicsRAMHard Drive
Intel Core i7-6700HQ NVIDIA Quadro M1000M 4GB Gskill 32gb 4x8gb DDR4 2300mhz Samsung 850 PRO - 1TB SSD m2 
Hard DriveOptical DriveOSOS
Seagate 2TB w/ 128MB Cache (ST2000LM007) Pioneer External USB-C Blu-Ray Burner Fedora 25 Win 10 LTSB 
MonitorMonitorMonitorPower
15.6" 1920x1080 IPS BenQ GL2460HM 24" LED BenQ GL2460HM 24" LED Lenovo 170w Power adapter 
MouseOther
MX-580 or Razor bluetooth something or other Docking station 40A50230US 
CPUMotherboardRAMHard Drive
i7 3770k BIOSTAR TH67+ 32gb 4x8 Corsair Vengence 1600 1x 256gb m2 
Hard DriveOSPowerCase
6x Seagate 2.5" 3tb > ~8.5tb raid 10 OpenSuse Seasonic G 550w Silverstone SG11B 
Other
Raid card 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Spoof anti-virus software