EggXpert

A community site dedicated to Newegg shoppers.
Welcome to eggXpert.com. Sign in | Join | Help
in Search
Advanced Search
Home Forums Chat Blogs Deals Newsletter About
EggXpert » Product Support » Software & Media » Virus Help » Re: joke.blusod -- help!

joke.blusod -- help!

Last post 08-25-2008, 7:55 AM by Tallon41. 30 replies.
Page 2 of 2 (31 items)   < Previous 1 2
Sort Posts: Previous Next

  •  08-24-2008, 3:47 PM 380209 in reply to 379537

    Re: joke.blusod -- help!

    Byrel:
    Not sure what exactly is wrong, but it seems to be more on the rootkit end. I think it probably replaced some DLL. However, no DLLs have modified times in the last month, and I know that we were infected this morning.

    in "c:\windows\system32"

    right-click on the column headers, this will give you a list of all possible columns to "view" and check the one called "Date Created"

    the "modified date" is ok, but can be messed with easily, sort the new column in Reverse date oder, and see what has been added to that dir recently.

    Do the same with the "c:\windows\system32\drivers"  dir

    I have used gmer rootkit detector software for a number of years now and not been disappointed though you need to google everything it finds as not all are rootkits, some are part of device drivers for devices on your system.
     

    Tallon41 

    What weight does your Spirit have to be in order to be considered "heavy" ?
    ----------------------Me

  •  08-24-2008, 4:42 PM 380245 in reply to 380209

    Re: joke.blusod -- help!

    Nice.   I give you 5/5 cookies.

    Tallon...in your experience, what are the worst P2P sites for getting spyware/viruses etc....i.e. which sites should folks avoid?   Limewire?

    Same as it ever was...Same as it ever was

  •  08-24-2008, 4:56 PM 380260 in reply to 380245

    Re: joke.blusod -- help!

    PapaHomer:
    Nice.   I give you 5/5 cookies.

    Tallon...in your experience, what are the worst P2P sites for getting spyware/viruses etc....i.e. which sites should folks avoid?   Limewire?

    Yes.

    Limewire and

    Bearshare

    are the the top two and 95+% of the infections I see had that software installed, some had both.

    Tallon41 

    What weight does your Spirit have to be in order to be considered "heavy" ?
    ----------------------Me

  •  08-24-2008, 5:03 PM 380267 in reply to 380034

    Re: joke.blusod -- help!

    ileventh - thanks for the website link.  using Malwarebytes' Anti-Malware found the problem and took care of it and my computer is now clean.

     Tallon41 - thanks for all your help and effort.  much appreciated.

     

    can you guys suggest good AV software, anti-spyware software and firewall software?  i've decided to no longer use norton since it really didn't help me at all in this situation.  thanks.

  •  08-25-2008, 2:12 AM 380472 in reply to 380034

    Re: joke.blusod -- help!

    Thank you very much! That eliminated the problem.

    However, I think part of what the rootkit did prevented manual checking to see if those dlls were there.

    Just in case anyone looked for them and didn't find them.

    Thanks again,

    Byrel

     

  •  08-25-2008, 7:55 AM 380538 in reply to 380472

    Re: joke.blusod -- help!

    Byrel:

    Thank you very much! That eliminated the problem.

    However, I think part of what the rootkit did prevented manual checking to see if those dlls were there.

     

    Which is why techs create boot CDs (like XPE Bart etc,) that allow us to boot from outside the OS installed on the box.  Makes cleaning much easier and bit faster, though running Anti-malware scans will still take the bulk of the time and that will take the same time regardless lol.

    Tallon41 

    What weight does your Spirit have to be in order to be considered "heavy" ?
    ----------------------Me
Page 2 of 2 (31 items)   < Previous 1 2
View as RSS news feed in XML

 Home   Forums   Chat   Blogs   Deals   Newsletter   About 

 FAQ   Terms of Use   Privacy Policy   Contact Us 

©2008 Newegg, Inc. All rights reserved.