Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Has anyone seen this thing? We have seen it at three different clients and two of our computers in the office within the past week. It happens after login and removes everything from the start menu.
One of the many varients of fake antivirus / antimalware / system repair / system fixer "utilities".
Whenever we see it, single pass DBAN to the drive and reinstall.
Why bother with dban when you're going to format anyway?
I remove it daily, it's not too hard. Boot into linux, look for randomly generated files under users/userfolder/appdata/local and under c:/programdata. Delete. Restart, run MBAM then unhide.exe & problem solved.
DBAN does a secure wipe doesn't it?
Secure wipes are for making sure someone couldn't recover the data from the HDD. I don't think any virus can survive a Windows Installation Reformat.
System Fix, run ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe and you'll be good. It's been running rampant along with the Zero Access rootkit.
Has anyone seen this thing? We have seen it at three different clients and two of our computers in the office within the past week. It happens after login and removes everything from the start menu.
]
Well, it's a waste of time. There's no need to do that kind of wipe, when simply killing the index will do the same thing ( ie: quick format ).Probably not but an abundance of caution in these situations generally isn't a bad thing to do.
I cannot get ComboFix to run in Safe mode. Also, it has done something strange to the HDD. When i view the drive there is nothing there but a link that takes you back to the Computer screen where you were before. Very strange.
Why bother with dban when you're going to format anyway?
To explain why we do what we do is easy. I needed a simplified procedure that any tech can follow and be assured that the malware or virus infection has been eliminated. By using DBAN, we eliminate any trace of any known or unknown infection.
Since most of our clients are in the financial and medical fields, we need to be absolutely sure that any infected system is returned back to service in a clean state.
If a machine is still infected or becomes "reinfected", we don't have to question whether our cleaning methods or tools missed anything.
Disregard what I said about just using ComboFix. This thing is a cluster fuck, a real nasty one too. Especially for business clients.
That works in business environments, and is recommended, but when you are dealing with end users' home machines, the landscape changes a bit.Ding ding ding...we have a winner. The part of any good system is having a known process which allows you to know where it broke. It doesn't matter if your process is 10% faster if when things go wrong you don't know where it went wrong.