Free Republic
Browse · Search
General/Chat
Topics · Post Article

Any help is appreciated!
1 posted on 12/02/2012 10:10:07 AM PST by Rebelbase
[ Post Reply | Private Reply | View Replies ]


Navigation: use the links below to view more comments.
first 1-2021-28 next last
To: Rebelbase

Don’t know how the title got hosed. Correct file name for this trojan is OMG1000.exe.


2 posted on 12/02/2012 10:11:13 AM PST by Rebelbase
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase
Install Linux. ;)

/johnny

4 posted on 12/02/2012 10:14:44 AM PST by JRandomFreeper (Gone Galt)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase
Restore Windows to a previous point in time before the infection occurred.

http://technet.microsoft.com/en-us/library/bb457025.aspx

5 posted on 12/02/2012 10:15:21 AM PST by E. Pluribus Unum (Labor unions are the Communist Party of the USA.)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase
http://www.tekrum.net/19/kill-windows-trojan-viruses-effectively-using-linux/
6 posted on 12/02/2012 10:18:56 AM PST by Bikkuri (Hope for Conservative push in the next 2-4 years..........)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

https://www.drwebhk.com/en/virus_techinfo/Trojan.DownLoader7.24299.html


7 posted on 12/02/2012 10:20:05 AM PST by HangnJudge
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

Down losd Avast and do a boot scan.


8 posted on 12/02/2012 10:20:26 AM PST by RetSignman ("A Republic if you can keep it"....)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase
From a site that purports to offer solutions to virus infections (Dr. Web Anti-Virus): Trojan.DownLoader7.24299 ------------------------- Malicious functions: Creates and executes the following: %TEMP%\omg1000.exe %TEMP%\omg1000.exe (downloaded from the Internet) Executes the following: \ping.exe -n 3 -w 250 127.0.0.1 \cmd.exe /c %TEMP%\afgstyw.bat Modifies file system : Creates the following files: %TEMP%\omg1000.exe %TEMP%\afgstyw.bat %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].2387591943 %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].0357167227 %TEMP%\~ip.tmp Deletes the following files: %TEMP%\~ip.tmp Deletes itself. Network activity: Connects to: 'fr######eaming.zapto.org':80 'fr######eaming.hopto.org':80 'ch####p.dyndns.org':80 'www.wh###smyip.com':80 TCP: HTTP GET requests: fr######eaming.zapto.org/videos/sky3/skydl.php?ci############################################################# fr######eaming.hopto.org/videos/sky2/skydl.php?ci########################################################### ch####p.dyndns.org/?rn######################################### www.wh###smyip.com/?rn######################################### UDP: DNS ASK fr######eaming.zapto.org DNS ASK fr######eaming.hopto.org DNS ASK ch####p.dyndns.org DNS ASK www.wh###smyip.com
9 posted on 12/02/2012 10:21:10 AM PST by RitchieAprile (the obsteperous gentleman..)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

Really? You’ve never heard of Combofix?

Good Grief

http://www.bleepingcomputer.com/download/combofix/


11 posted on 12/02/2012 10:26:29 AM PST by eyedigress ((zOld storm chaser from the west)/?)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: sauropod

mark


12 posted on 12/02/2012 10:27:42 AM PST by sauropod (I will not comply)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

First, spank your girlfriend’s son for watching porno, then download one of the free programs suggested, or others which are available and reviewed on cnet.com, run it (them) and install an anti-virus on the machine to run permanently.


13 posted on 12/02/2012 10:32:20 AM PST by Revolting cat! (Bad things are wrong! Ice cream is delicious!)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

Assuming the computer is running vista or later, with another computer download windows defender offline. create a boot dvd or thumb drive and boot from it. Let it scan. It picks up everything including root kits. Surest way to disinfect.

If the computer has XP, but is vista or 7 compatible your good.


14 posted on 12/02/2012 10:32:38 AM PST by waynesa98
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

The virus probably makes a restore worthless.

Backup personal Office, photos, music and videos. Load a restore disk to wipe everything,and reinstall Windows. If you don’t have a restore disk and you can’t make one now (likely), contact the computer manufacturer.

The last option is something I’ve done sucessfully in the past. The manufacturer burned a disk for my discontinued machine and mailed it to me.


15 posted on 12/02/2012 10:36:51 AM PST by cicero2k
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase
Run TDSSkiller, then restart. Then download and run Malwarebytes anti-malware utility. Restart again.

Those two should wipe out most anything.

16 posted on 12/02/2012 10:55:30 AM PST by TonyInOhio
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

bkm


17 posted on 12/02/2012 10:58:05 AM PST by skinkinthegrass (Anger a Conservative by telling a lie; Anger a Liberal by telling the truth....RWR 8-)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

SuperAntiSpyware has provided good results for me when trying to remove difficult malware.

http://www.superantispyware.com/

The free version is fully capable for detecting and removing.
If you run a complete scan and find more than cookies, delete the quarantine and run it again until clean. Might take 3 times.


19 posted on 12/02/2012 11:02:02 AM PST by GOPBiker (Thank a veteran, with a smile, every chance you get. You do more good than you can know.)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

Do what reply 15 says. I gave up on Windows because my machines were rendered useless after 2 years.


20 posted on 12/02/2012 11:03:08 AM PST by Havisham
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

Got to watch it.. Some websites off free download but it will cost you to remove the malware software!!!

http://www.avira.com/en/avira-free-antivirus#tab2

I have been using this one for years!!!!


21 posted on 12/02/2012 11:22:28 AM PST by tallyhoe
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

Bookmark


22 posted on 12/02/2012 11:24:42 AM PST by Newtoidaho (Fight organized crime. Vote out all incumbent Democrats!)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

When all else fails, use this: http://www.surfright.nl/en/hitmanpro/

I was about ready to reformat my hard drive when I stumbled across this. Good luck


23 posted on 12/02/2012 11:30:02 AM PST by Arthurio
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Rebelbase

At McAffee world headquarters, research has been proceeding to develop a line of automation products that establishes new standards for quality and technological leadership in virus and malware removal excellence. With customer success as our primary focus, work has been proceeding on the crudely conceived idea of a virus/malware removal tool that would not only provide inverse reactive current for use in unilateral phase detractors, but would also be capable of automatically synchronizing cardinal grammeters.

Such an instrument comprised of Reliance operating system deviance detectors, Allen-Bradley software controls, and all monitored by Rockwell First Step Detection Software is McAffee’s new product offering the Retro-Encabulator.

Now basically the only new principle involved is that instead of power being generated by the relative motion of conductors and fluxes to establish bimodal detection of a virus, it’s produced by the modial interaction of magneto reluctance and capacitive duractance. The original machine had a base plate of pre-famulated amulite surmounted by a malleable logarithmic casing in such a way that the two spurving bearings ran in a direct line with the panametric fan.

The line-up consisted simply of six hydrocoptic marzul vanes so fitted to the ambaphascient lunar wain shaft that side fumbling was effectively prevented. The main winding was of the normal lotus-odeltoid type placed in panendurmic semi-bulloid slots of the stator, every seventh conductor being connected by a non-reversible tremmy pipe to the differential girdle spring on the up-end of the grammeters.

Moreover, whenever fluorescent square motion is required, it may also be employed in conjunction with the drawn reciprocation dingle arm, to reduce sinusoidal depleneration.
The retro-encabulator has now reached a high level of development, and it’s being successfully used in the operation of Milford trunnions. It’s available soon, wherever McAfee products are being sold.


24 posted on 12/02/2012 11:32:09 AM PST by RBStealth
[ Post Reply | Private Reply | To 1 | View Replies ]


Navigation: use the links below to view more comments.
first 1-2021-28 next last

Free Republic
Browse · Search
General/Chat
Topics · Post Article


FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson