How to remove virusses that hijack computer for money? View previous topic :: View next topic  


NFOHump.com Forum Index - Applications
Page 1 of 1
Paintface




Posts: 6877
PostPosted: Thu, 20th Jan 2011 23:11    Post subject: How to remove virusses that hijack computer for money?
I got a call and it looks like the computer got hijacked.

Never had to deal with those before, i thought of bringing kaspersky and doing a full scan in safe mode, but i have no experience with those nasty virusses so any tips before i go in tomorrow would be appreciated.
Back to top
Spazmotic
VIP Member



Posts: 3107
PostPosted: Thu, 20th Jan 2011 23:31    Post subject:
Ahh i've been seeing these around, most of them are removable with a hex editor. Let me know what you find out, because last I looked they were real new and not really spreading. They were also pretty broken still at the time so you could safe mode them. Alternatively if you can't boot, try a windows disk to repair the boot order, as I believe that's what it changes.
Back to top
Spazmotic
VIP Member



Posts: 3107
PostPosted: Fri, 21st Jan 2011 02:38    Post subject:
Just thought of this although really not 100% on it, You may be able to get a live CD like.. SLAX / Fedora Live and install just Grub, not sure exactly how it messes with the boot, but a boot loader should be able to let you choose windows instead of the hijack unless it is pushing itself into the windows boot.
Back to top
PumpAction
[Schmadmin]



Posts: 26759
PostPosted: Fri, 21st Jan 2011 12:15    Post subject:
There are ones one different quality. If you do it wrong it is quite possible that the data is lost forever.

If you have the equipment, do a full mirroring of the harddisk before!

Then just look at what spaz suggested. Try to identify the malware, google and hope for a good solution Smile

If you are lucky it's just boot related and you'll be able to fix it with available tools. Good luck and tell us how it all turned out Smile

=> NFOrce GIF plugin <= - Ryzen 3800X, 16GB DDR4-3200, Sapphire 5700XT Pulse
Back to top
Page 1 of 1 All times are GMT + 1 Hour
NFOHump.com Forum Index - Applications
Signature/Avatar nuking: none (can be changed in your profile)  


Display posts from previous:   

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group