Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
I've got viruses
I've got viruses
#1
I ran a deep scan of my computer last night, while in safe mode, and came up with two trojans and a virus (so far, the scan is at about 75% complete right now, so there may be more. ). Once the scan finishes, I'm going to drop the trojans; Cosmu and SuspectCRC into quarantine and then deleting them, but I'm a little unsure of what to do with the virus. It's Onehalf, which according to the small amounts of research I've been able to do via iPod and 'borrowed' wifi, slowly encrypts up to half the hard drive, and deleting it without unencrypting the data results in the data being lost. Would putting Onehalf into quarantine result in the data loss, or is that only when it is deleted. Also, I found a program on softpedia that purports to be able to decrypt the data then delete the virus. ( http://www.softpedia.com/...eHalf-virus-killer.shtml ) Any ideas on if I should quarantine Onehalf or not, and/or use this program? Thanks in advance.
-----
Stand between the Silver Crystal and the Golden Sea.
"Youngsters these days just have no appreciation for the magnificence of the legendary cucumber."  --Krityan Elder, Tales of Vesperia.
Reply
 
#2
http://wiw.org/~meta/vsum/view.php?vir=994]This page says "Removal Instructions: Delete infected files & replace MBR" However, that advice is dated October 1994, from back when Windows was in versions 3.11 and NT 4.0...

If you have backups of your data, then you may as well give the tool on Softpedia a try. Just download it on an uninfected computer so it doesn't become infected with the virus...
--
Rob Kelk
"Governments have no right to question the loyalty of those who oppose
them. Adversaries remain citizens of the same state, common subjects of
the same sovereign, servants of the same law."

- Michael Ignatieff, addressing Stanford University in 2012
Reply
 
#3
Ewwww. That's a nasty piece of work there. Ass clowns that write viruses like these should be drug out into the street and shot in the face on general principal.
Reply
 
#4
You may have a more recent version than what I'm finding data on, but, if you're running a modern OS (XP or greater) with the NTFS file system, you should be fine.  OneHalf purportedly only encrypts DOS partitions.
YMMV, grain of salt, etc etc.  Since you're already infected and the only other option is a nuke, I'd give the Softpedia utility a whirl, myself.

--sofaspud
--"Listening to your kid is the audio equivalent of a Salvador Dali painting, Spud." --OpMegs
Reply
 
#5
If the utility doesn't work, One thing you might want to try though is Malwarebytes

Also, an obligatory recommendation for http://www.xubuntu.org Never worry about Windows Viruses again!
________________________________
--m(^0^)m-- Wot, no sig?
Reply
 
#6
I'm actually running a Malwarebytes scan now. The Emisoft ( the evolved form of A2) scan finished a little while ago, so I'm running Malwarebytes now. Afterwards, I'll run the Avast scan.
Incidentally, I found the website of the company that made the onehalf removal program, so if I use that, I'll download from there to make sure I get the most recent version. (http://www.virusbuster.hu/en/download/free-tools ) Should I ignore the utility, and go with Malwarebytes, or hold off on that, and use the utility? If I use the utility, I'll be scanning my flash drive with Bitdefender's online scanner (via a clean computer) then downloading the zip file onto the flash drive and running it off that.
-----
Stand between the Silver Crystal and the Golden Sea.
"Youngsters these days just have no appreciation for the magnificence of the legendary cucumber."  --Krityan Elder, Tales of Vesperia.
Reply
 
#7
Malwarebytes is usually pretty good.

Don't overcomplicate things, or use too many scanners/cleaners. 9/10 malwarebytes will do a good job of it. if you're worried about dataloss, just back things up on an external drive.
________________________________
--m(^0^)m-- Wot, no sig?
Reply
 
#8
Dartz Wrote:if you're worried about dataloss, just back things up on an external drive.
Good advice even if you aren't worried about data loss. (Eventually, the hard drive in your PC is going to fail... it's easier to recreate it from an external snapshot than to try copying from the failing drive.)
--
Rob Kelk
"Governments have no right to question the loyalty of those who oppose
them. Adversaries remain citizens of the same state, common subjects of
the same sovereign, servants of the same law."

- Michael Ignatieff, addressing Stanford University in 2012
Reply
 
#9
That's odd. Malwarebytes didn't detect onehalf. I wonder why that is. Anyway, my most recent backup was on the 29th, so I think I should be fine even if the utility seriously borks things up. I'll be trying it sometime tomorrow, so wish me luck.
-----
Stand between the Silver Crystal and the Golden Sea.
"Youngsters these days just have no appreciation for the magnificence of the legendary cucumber."  --Krityan Elder, Tales of Vesperia.
Reply
 
#10
Dartz Wrote:Don't overcomplicate things, or use too many scanners/cleaners.
I've heard a 'rule of thumb' to use 2 or 3... depending on what's going on, and how bad it is, 3 may actually be overkill... almost guaranteed that 4 is. You usually use 2 so that one catches stuff the other is unaware of. 3 is really only useful if you've gotten a nasty, multi-vector infestation on the level of the old Xenophobe video game.
--

"You know how parents tell you everything's going to fine, but you know they're lying to make you feel better? Everything's going to be fine." - The Doctor
Reply
 
#11
If you've got a multi-vector like that, the best option is probably to just nuke the drive and reinstall from the ground up. It'd be far easier, especially since you can never trust a rooted computer again. Be sure to wipe the boot sector when you do too... because you can get little things hiding themselves out in there ready to reinfect as soon as soon you reinstall.
________________________________
--m(^0^)m-- Wot, no sig?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)