Help - Need Virus Definitions

For system help, all hardware / software topics NOTE: use Coders Corner for all coders topics.

Moderators: Krom, Grendel

Post Reply
Unix
DBB Admiral
DBB Admiral
Posts: 1367
Joined: Fri Aug 20, 1999 2:01 am
Location: Omaha, Nebraska
Contact:

Help - Need Virus Definitions

Post by Unix »

I have a ★■◆●ing virus that is preventing me from visiting AVG's site or getting updates through their auto-updater.

It's forwards any request I make from google to pharmacy sites and blah blah it sucks.

Can someone host the little 11k def file somewhere where I can just save it instead of going through avg?

http://www.versiontracker.com/dyn/morei ... ditionalDL

There's the only place I can find to get it from, but it just sends me to avg's site anyways...

HELP!

Thanks :)
-Unix
My Music
User avatar
Krom
DBB Database Master
DBB Database Master
Posts: 16137
Joined: Sun Nov 29, 1998 3:01 am
Location: Camping the energy center. BTW, did you know you can have up to 100 characters in this location box?
Contact:

Post by Krom »

Try safe mode with networking, and check your hosts file while you are at it.
(C:\\Windows\\system32\\driver\\etc\\)
User avatar
CDN_Merlin
DBB_Master
DBB_Master
Posts: 9781
Joined: Thu Nov 05, 1998 12:01 pm
Location: Capital Of Canada

Post by CDN_Merlin »

Trend Micro also hasd a online free scanner.
User avatar
Krom
DBB Database Master
DBB Database Master
Posts: 16137
Joined: Sun Nov 29, 1998 3:01 am
Location: Camping the energy center. BTW, did you know you can have up to 100 characters in this location box?
Contact:

Post by Krom »

My guess is if AVG is blocked, the trend micro scanner is disabled as well. Although it is still worth a try.

Also some often overlooked tools like spybot search and destroy can rescue computers when virus scanners do little or nothing. But I would definitely try using safe mode with networking and check the host file. If none of that works, try a different browser (a portable firefox version could make all the difference).
User avatar
CDN_Merlin
DBB_Master
DBB_Master
Posts: 9781
Joined: Thu Nov 05, 1998 12:01 pm
Location: Capital Of Canada

Post by CDN_Merlin »

Could also boot from a Linux USB and browse that way. I find with virii, it's much easier to format and safer.
User avatar
fliptw
DBB DemiGod
DBB DemiGod
Posts: 6459
Joined: Sat Oct 24, 1998 2:01 am
Location: Calgary Alberta Canada

Post by fliptw »

Unix
DBB Admiral
DBB Admiral
Posts: 1367
Joined: Fri Aug 20, 1999 2:01 am
Location: Omaha, Nebraska
Contact:

Post by Unix »

There's the page I need, but this virus is smart. It won't let me download any files from that site. :x

So here's what I've done:

1. RegCure - fixed a bunch of ★■◆●, didn't help my problem.
2. Ran Hijack This - again fixed a bunch of ★■◆●, didn't help my problem.
3. Cried.
4. Tried each of these in regular as well as safe-mode. Looked through the system32 folder, but I've got no idea what I'm looking for. There's half a gig of ★■◆● in there...any thing more specific I should be searching for?

Thanks for the help btw.

edit: n/m hosting - i've got someone sending the files via AIM.
-Unix
My Music
User avatar
Octopus
DBB Captain
DBB Captain
Posts: 600
Joined: Wed Dec 03, 2008 3:49 am

Post by Octopus »

That's not good.
User avatar
BUBBALOU
DBB Benefactor
DBB Benefactor
Posts: 4198
Joined: Tue Aug 24, 1999 2:01 am
Location: Dallas Texas USA
Contact:

Post by BUBBALOU »

Ok your surfing through porntube has proved a bad idea

AVG - or any other A/V program is useless against this new breed

you need to download the following files preferably on another computer after downloaded you need to change their names cf120408.exe and mb120408.exe

These new malware programs have internal blacklists to prevent certain named exe's from running

-----------------------------------------

boot into safe mode

run Combofix

after that has completed it's cycle of fixes(do not stop it or run ANY other program until you see it spit out that text file)

then install and run Malwarebytes run a quick scan to get the rest off, later run full scan

i bet the files it deletes have some \"TSSD\" names or you got busted by smitfraud

ENJOY your sanity afterwards
Unix
DBB Admiral
DBB Admiral
Posts: 1367
Joined: Fri Aug 20, 1999 2:01 am
Location: Omaha, Nebraska
Contact:

Post by Unix »

I could hug you. Thanks!
-Unix
My Music
Post Reply