Soldato
We hear this quite often on the board, i heard it in person this morning. Followed by "...... but i can't get onto some websites and it's running a bit slow."
Hmm.
IE is totally fragged, every page is "unable to display", 20-30 second delay on everything i click. Generally running like a sack of faeces. Reset all the IE details to default, still won't play.
Manage to get Mbam running (IE is now running, but redirects every request for a "useful" page, had to use googles cached version of the page to get a DL link)
Put kettle on, laugh as it pulls up 20 infected files before the kettle is boiled.
and wait.
and wait.
and it's done.
Fun.
Delete the lot, reboot, no change.
Install MSE, scan, finds 1 more item, delete that. Reboot and it finds it again ....
Combofix digs out a rootkit, restart, it finds 3-4 other bits.
Cleaned out the hosts file, redirection stops (pillock, should have looked there first!)
Restart, STILL running like carp. IE is semi-usable, can't run windows update though (guessing this system has a few holes to plug)
Googling the error code from WU lead me to Hitman Pro which is a new one on me, it found another THREE rootkits, 6 dodgy files and found that IE was routed though a "broken" proxy (which explains the error message from WU) It scrubbed the nasties, sorted the proxy (which is odd because i'd gone in and sorted those settings earlier by hand), reboot.
Runs fine, WU works and pulls down a dozen of so fixes and running the scans again doesn't find anything.
THIS is why we use anti-virus people!
/rant/breathe/collapse in puddle of caffine.
Hmm.
IE is totally fragged, every page is "unable to display", 20-30 second delay on everything i click. Generally running like a sack of faeces. Reset all the IE details to default, still won't play.
Manage to get Mbam running (IE is now running, but redirects every request for a "useful" page, had to use googles cached version of the page to get a DL link)
Put kettle on, laugh as it pulls up 20 infected files before the kettle is boiled.
and wait.
and wait.
and it's done.
Fun.
Delete the lot, reboot, no change.
Install MSE, scan, finds 1 more item, delete that. Reboot and it finds it again ....
Combofix digs out a rootkit, restart, it finds 3-4 other bits.
Cleaned out the hosts file, redirection stops (pillock, should have looked there first!)
Restart, STILL running like carp. IE is semi-usable, can't run windows update though (guessing this system has a few holes to plug)
Googling the error code from WU lead me to Hitman Pro which is a new one on me, it found another THREE rootkits, 6 dodgy files and found that IE was routed though a "broken" proxy (which explains the error message from WU) It scrubbed the nasties, sorted the proxy (which is odd because i'd gone in and sorted those settings earlier by hand), reboot.
Runs fine, WU works and pulls down a dozen of so fixes and running the scans again doesn't find anything.
THIS is why we use anti-virus people!
/rant/breathe/collapse in puddle of caffine.