| Page 1 of 1 |
ixigia
[Moderator] Consigliere
Posts: 65078
Location: Italy
|
 Posted: Fri, 3rd Aug 2012 03:03 Post subject: FFFFFFFFUUUUU |
|
 |
Just come back home, started the PC, everything seemed fine until guess what, a critical error appears after 20-30 seconds, with MSE which was automatically -suspiciously- disabled, all the icons on the desktop completely messed up and Windows that decided to reset itself without any warning. o.O
Second reboot, same story. Third one, idem. So, I tried to restart the PC in safe mode, but without any luck. Ran Malwarebites boot CD and turns out that the whole PC has succumbed to the terrible Sirefef trojan + variants. Looks like the only way is to format everything.   
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 3rd Aug 2012 05:52 Post subject: |
|
|
Weird behaviour. Sirefef is highly stealthy, and the main variants don't have such destructive payloads. You might had something else that wrought havoc on your computer, and a Sirefef infection you just didn't know about.
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 3rd Aug 2012 08:02 Post subject: |
|
|
We told you to stay away from those shady porn sites you always refer to in the VIP section ixi (some really nasty stuff there)... Now you reap what you've sown xD
"Quantum mechanics is actually, contrary to it's reputation, unbeliveably simple, once you take the physics out."
Scott Aaronson | chiv wrote: | | thats true you know. newton didnt discover gravity. the apple told him about it, and then he killed it. the core was never found. |
Last edited by dingo_d on Fri, 3rd Aug 2012 10:36; edited 1 time in total
|
|
| Back to top |
|
|
tonizito
VIP Member
Posts: 51400
Location: Portugal, the shithole of Europe.
|
| Posted: Fri, 3rd Aug 2012 09:49 Post subject: |
|
|
 rep: -12234234234
ixi, 
| boundle (thoughts on cracking AITD) wrote: | | i guess thouth if without a legit key the installation was rolling back we are all fucking then |
|
|
| Back to top |
|
|
ixigia
[Moderator] Consigliere
Posts: 65078
Location: Italy
|
| Posted: Fri, 3rd Aug 2012 11:03 Post subject: |
|
|
| BloodySpy wrote: | | Weird behaviour. Sirefef is highly stealthy, and the main variants don't have such destructive payloads. You might had something else that wrought havoc on your computer, and a Sirefef infection you just didn't know about. |
Yeah, though I'm looking into similar cases and seems that I'm not alone, several users are having the same exact problems as me, with the PC rebooting itself even in safe mode and MSE which can't to anything to stop the infection.
I'll try some other dedicated removal tools this afternoon, but so far the ones that I've used (made by ESET and Norton) didn't help at all.
The problem is, services.exe is infected, which is the root of Windows' odd behavior..
@Dingo & Toni:  I always download secure stuff, I really don't know what's going on here. The last time that I got a virus was 9-10 years ago o.O |
|
| Back to top |
|
|
Werelds
Special Little Man
Posts: 15098
Location: 0100111001001100
|
|
| Back to top |
|
|
vaifan1986
Posts: 4638
Location: Birthplace of the necktie.
|
|
| Back to top |
|
|
ixigia
[Moderator] Consigliere
Posts: 65078
Location: Italy
|
| Posted: Fri, 3rd Aug 2012 11:45 Post subject: |
|
|
| Werelds wrote: | | Clearly it was Lutz, glad he refused to share his home made midget scat porn with the rest of us now |
It serves me right, he even made me buy a VIP Premium account to watch that nasty stuff 
@Vai: I didn't play it, I just updated it |
|
| Back to top |
|
|
|
|
| Posted: Fri, 3rd Aug 2012 12:10 Post subject: |
|
|
Delete avast and install MSE they said... it will be safe they said
3080 | ps5 pro
Sin317-"im 31 years old and still surprised at how much shit comes out of my ass actually ..."
SteamDRM-"Call of Duty is the symbol of the true perfection in every aspect. Call of Duty games are like Mozart's/Beethoven's symphonies"
deadpoetic-"are you new to the cyberspace?"
|
|
| Back to top |
|
|
ixigia
[Moderator] Consigliere
Posts: 65078
Location: Italy
|
| Posted: Fri, 3rd Aug 2012 12:43 Post subject: |
|
|
| KillerCrocker wrote: | | Delete avast and install MSE they said... it will be safe they said |
This trojan is so smarmy that it basically annihilates MSE making it unable to do anything, it's damn smart!
we're all fucking then  |
|
| Back to top |
|
|
|
|
| Posted: Fri, 3rd Aug 2012 13:47 Post subject: |
|
|
I thought the time of destructive viruses is long over, now its a business and they're only programmed to be as stealthy as possible and generate profit at the cost of the infected user.
The last serious case I had was that Win95.CIH and it utterly annihilated my poor Windows 98 SE installation.
|
|
| Back to top |
|
|
Kaan_
Posts: 71
Location: Turkey
|
| Posted: Fri, 3rd Aug 2012 13:52 Post subject: |
|
|
MSE sucks. I got one of those fake avs while it was active, didn't do anything about it.
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 3rd Aug 2012 14:03 Post subject: |
|
|
| Kaan_ wrote: | | MSE sucks. I got one of those fake avs while it was active, didn't do anything about it. |
ive seen this happen on couple laptops ive fixed up now, and although easy to remove it is kind of annoying that mse would let such shit virus shield bullshit type stuff to be allowed. |
|
| Back to top |
|
|
ixigia
[Moderator] Consigliere
Posts: 65078
Location: Italy
|
| Posted: Sat, 4th Aug 2012 22:00 Post subject: |
|
|
Thanks to the help of a malware specialist who made me a couple of custom scripts respectively for the FRST64 tool and Combofix, seems like I have defeated the beast 
I still need to run a complete scan but so far the cyclic automatic reboots are gone, the services.exe file appears to be clean and both MSE and Malwarebytes don't detect anything suspicious...still early to sing victory but so far everything has gone better than expected xD
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 5th Aug 2012 00:31 Post subject: |
|
|
I had something like this happen to me six months ago. It was caused by a java exploit that seemed to run at random when visiting normally innocuous websites. Virus/malware scans never found anything, but every few days I would get Java loading up and getting ready to run some malicious code that popped up as if from nowhere.
Seems to have stopped happening recently, but the one time I wasn't quick enough to disable Java in time, it wiped all of my start menu shortcuts/desktop icons, and all links to control panel etc, in an attempt to stop me from fixing the problem.
My start menu is still half empty.
| chiv wrote: | | don't quote me on that |
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 5th Aug 2012 03:35 Post subject: |
|
|
MSE isn't some heavy-duty antivirus, you can't depend on it 100%. Full-blown solutions like Norton or ESET may be more effective, but they have a bigger performance impact and more false positives. And aren't free.
Personally, I don't use antiviruses. I install MSE to the PCs I seetup though.
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 5th Aug 2012 06:11 Post subject: |
|
|
I switched to mse from avira some months ago, just because it was recommended by lots of humpers. Got a virus some weeks later and switched back to avira..no viruses since.
|
|
| Back to top |
|
|
Roach_666
Posts: 1299
Location: Hell in its Alpha Build
|
| Posted: Sun, 5th Aug 2012 11:54 Post subject: |
|
|
Avast Free, still works here.
|
|
| Back to top |
|
|
ixigia
[Moderator] Consigliere
Posts: 65078
Location: Italy
|
| Posted: Sun, 5th Aug 2012 12:15 Post subject: |
|
|
| PumpAction wrote: | | I switched to mse from avira some months ago, just because it was recommended by lots of humpers. Got a virus some weeks later and switched back to avira..no viruses since. |
I have it on my laptop, very solid antivirus, never had problems with it in the last 4 years. 
(though for extensive browsing I often use the home PC).
Btw, this Sirefef bastard is definitely gone, even ESET can't find anything  It wasn't easy, but fuck yeah |
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
