Do you support the death penalty for malware authors?

wabbitslayer · Feb 7, 2010, 03:16 PM

Spent most of the weekend trying to fix a co-worker's laptop....after looking at it, I determined in about five minutes that a nuke and pave was the only sensible solution; however, for reasons not relevant here, reinstallation of windows wasn't an option.

Started out with vundo, then found 10 or 15 "generic" trojans, the whole time AVG is reporting "all is well"....malwarebytes, superantispyware, spybot, etc. all get killed immediately, safe mode is disabled, and the list goes on....I finally got safe mode working, and there's still this stupid little ****ing *.sys
file that reappears after every delete.

At this point, I ought to tell her either we re-install or she buys a new computer...but now it's personal. I am going to kill this thing.

Pr3tty F1y · Feb 7, 2010, 03:18 PM

It would just be better to either require licenses to use a computer (i.e., prevent stupid users from downloading **** in the first place) or for more proactive measures to promote browsers that are less likely to be hijacked (Firefox) and to promote free anti-virus solutions (Avira) so that ****ty Norton/McAfee trials don't expire leaving clueless users vulnerable.

I can't remember, but I think there was a Linux distro for eliminating Windows malware.

ThirdEye · Feb 7, 2010, 03:18 PM

**** I use avg

recommendations?

sittal · Feb 7, 2010, 03:22 PM

avast

wabbitslayer · Feb 7, 2010, 03:24 PM

I don't know if it's AVG's fault or not....it may have been installed on top of whatever crap this is. (Not to turn it into a software discussion but I use symantec corporate)

It also doesn't help that every little weirdo *.dll, *.exe and *.sys I come across on this thing turns out to be some sort of Dell "assistance" software.

lumpyhed · Feb 7, 2010, 03:52 PM

get an UBCD4W cd made and go to town on the os drive. Much easier to clean a system when the infected files cant even run

Quickstrike · Feb 7, 2010, 04:16 PM

Microsoft Diagnostics and Recovery Toolkit AKA ERD Commander

&

Avira AntiVir Rescue System

are also useful utilities for combating this sort of thing.

Look into programs like Shadow Defender, Windows SteadyState, or even Sandboxie. These will prevent [for the most part - you can never be 100% secure] malware/viruses from taking over the computer.

I like to use a limited/standard user account, shadow defender, MSE, opendns forced through router config on my grandparents pc's. Every time they restart the computer, windows starts out in a clean state. Just have to exclude key folders so that documents and such can be written and saved to the hard drive.
They used to get viruses/malware all the time, but haven't once been hit since I started using the new strategy.

efin · Feb 7, 2010, 04:26 PM

Quote:

Originally Posted by lumpyhed

get an UBCD4W cd made and go to town on the os drive. Much easier to clean a system when the infected files cant even run

This. Especially for registry entries that can't be accessed. Holy crap Vundo/Virtumonde (same thing) pisses me off so much.

Leprechaun · Feb 7, 2010, 05:18 PM

she? she?? She was surfing more pr0n then the whole of Rage3D put together it appears. You should worry less about malware and computers and more about hitting that as she seems very horny.

And yes, malware writers should be punished as severly as possible.

Rayder · Feb 7, 2010, 06:26 PM

Absolutely! Severity is key! I doubt there would be nearly as much malware "out there" if the penalty for being responsible for creating said malware is DEATH! Not possible fines or prison time, DEATH!

Personally, I think malware creators should be considered international (or world-wide) terrorists, and dealt with accordingly......basically....but with a strong bias towards DEATH!

Probably would about eliminate piracy too, if NoCD cracks were considered "world-wide terrorist malware" and the penalty was DEATH!

Ain't nobody be creatin' no cracks, no mo'! Piracy dries up for fear of DEATH!....or because of it....

There's something to think about.....

Pr3tty F1y · Feb 7, 2010, 06:31 PM

Quote:

Originally Posted by Rayder

Absolutely! Severity is key! I doubt there would be nearly as much malware "out there" if the penalty for being responsible for creating said malware is DEATH! Not possible fines or prison time, DEATH!

Personally, I think malware creators should be considered international (or world-wide) terrorists, and dealt with accordingly......basically....but with a strong bias towards DEATH!

Probably would about eliminate piracy too, if NoCD cracks were considered "world-wide terrorist malware" and the penalty was DEATH!

Ain't nobody be creatin' no cracks, no mo'! Piracy dries up for fear of DEATH!....or because of it....

There's something to think about.....

Nothing wrong with NoCD cracks. I hate having to put a CD in my drive to verify that I legally purchased a game. No other data is even being read off of the CD. They also save you from sneaking around the system using a virtual drive with a "mini" CD image to fake out the copy protection.

NoCD cracks help legitimate users get a better experience.
Malware is just bad for everyone.

Jankan · Feb 8, 2010, 02:22 AM

AV will not help if you don't update windows every month.

Deimos · Feb 8, 2010, 03:12 AM

Someone mentioned UBCD, I normally use the recovery console, you can remove services that are created by viruses, delete files before they launch etc...
The Kaspersky online scan was also a good tool for this, run the scan, print the report, then reboot in to the recovery console and delete the problem files.
Too bad the online scan isn't available at the moment.
The other option is to use a USB adapter to plug it in to another machine and scan it.

The comment about the licence is a bit harsh, I have been in IT for 10 years and I still occasionally get a virus, I got a worm just the other day, I thought my dl box (server 2003) was safe because it was getting updates from WSUS however the patch that plugs that particular hole had not been applied.
Mostly I remove viruses just for the challenge, I normally do an OS reload even if I manage to clean, because you never know whats its done really.

SkullE_again · Feb 8, 2010, 06:34 AM

Use the "ultimate boot cd" with AV on it. windows wont even load.

View Poll Results: Do you support the death penalty for malware authors?
Yes, I do, and it should be very slow and painful	32	88.89%
I've never had an infection nor ried to get rid of one	4	11.11%
Voters: 36. You may not vote on this poll

wabbitslayer's System Specs
Motherboard	Gigabyte GA-790XTA-UD4
CPU	AMD Phenom II x4 965 @ 3.8Ghz
Graphics	Sapphire 5830
Memory	2 x 2gb A-Data DDR3 1600
Cooling Solution	Corsair H50
Display	Asus 23.6" VH242
Soundcard & Speakers	onboard realtek and Klipsch promedia 2.1
Hard-Drives	1TB WD Caviar Black
Optical Drives	24x Lite-On
Power Supply	Corsair TX750W
Case	CoolerMaster HAF 932
Input Devices	microsoft Comfort 2000 and Gigabyte M-6580
Operating System	Windows 7 x64

Feb 7, 2010, 03:18 PM	#2
Pr3tty F1y Rage3D Veteran Join Date: Mar 2003 Location: fhqwhgads Posts: 6,618	It would just be better to either require licenses to use a computer (i.e., prevent stupid users from downloading ** in the first place) or for more proactive measures to promote browsers that are less likely to be hijacked (Firefox) and to promote free anti-virus solutions (Avira) so that **ty Norton/McAfee trials don't expire leaving clueless users vulnerable. I can't remember, but I think there was a Linux distro for eliminating Windows malware. __________________

Pr3tty F1y's System Specs
Motherboard	Gigabyte GA-EP45-DS3R
CPU	Intel Q6600 2.4ghz @ 3.2ghz
Graphics	Sapphire HD 4850 w/ 512mb GDDR3
Memory	8gb (4x2) G.Skill DDR2 800
Cooling Solution	Xigmatech HDT-S1283
Display	Acer AL2216W 22" LCD, HP 1530 15" LCD
Soundcard & Speakers	Realtek alc889a 7.1
Hard-Drives	1Tb Seagate 7200.11 SATA, Seagate 7200.10 320GB IDE (Firewire)
Optical Drives	LG 22x DVD+/-RW SATA
Power Supply	Antec TruePower Trio 650w
Case	Antec Three Hundred
Input Devices	USB Playstation->PC Converter, 3 button Microsoft Mouse
Operating System	Windows Vista Ultimate SP2 64-bit
Extra Info	Avermedia A180 ATSC PCI TV Tuner

Feb 7, 2010, 03:22 PM	#4
sittal Rage3D Spammer Join Date: Jul 2005 Location: Tulsa, OK Posts: 18,127	avast __________________ This post automatically contains the phrases "Awesome artwork Jonz" and "LOL gencii88 posted that pic of g-a-m-e again!" where appropriate.

Feb 7, 2010, 03:18 PM	#3
ThirdEye Sir Recovery Join Date: Apr 2004 Location: 202 555 1030 Posts: 7,790	**** I use avg recommendations?

sittal's System Specs
Motherboard	EVGA 122-CK-NF68-A1 680i
CPU	Intel Core2Quad Q6600@3.2Ghz
Graphics	EVGA 285 GTX
Memory	6GB Corsair Dominator and XMS2
Cooling Solution	Zalman 9700 110mm
Display	Acer 24"
Soundcard & Speakers	Logitech X-230 / SENNHEISER Circumaural Headset
Hard-Drives	Segate 500GB
Optical Drives	LITE-ON 20X DVD±R DVD Burner
Power Supply	XCLIO GREATPOWER 650W
Case	XCLIO Windtunnel
Input Devices	Razer Copperhead Tempest Blue / Saitek USB Keyboard
Operating System	Windows 7 Professional x64

Feb 7, 2010, 03:52 PM	#6
lumpyhed Fake Boob Inspector ^^ Join Date: Dec 2001 Location: Limeysville Posts: 10,757	get an UBCD4W cd made and go to town on the os drive. Much easier to clean a system when the infected files cant even run

lumpyhed's System Specs
Motherboard	M3A32-MVP Deluxe
CPU	AMD P2-940 @ 3.6Ghz/1.45v
Graphics	BFG GTX260OC 896MB + 3D Vision
Memory	4GB Corsair Dominator @ 800Mhz
Cooling Solution	Asaka Nero (frickin beast!)
Display	Samsung SM2233RZ + Samsung Series 6 32" 1080p HDTV
Soundcard & Speakers	XFi Gamer Xtreme & Megaworks THX 550
Hard-Drives	x1 640GB, x1 500GB, x1 400GB, x2 250GB, x2 120GB, x1 External 500GB Seagate. x1 1TB
Optical Drives	Some DVD Drive
Power Supply	Seasonic S80 650w (Quietest in its class!)
Case	Kandalf Silver (Aluminum)
Input Devices	Saitek Eclipse II + SteelSeries Xai
Operating System	W7 Home Premium x64
Extra Info	Also Saitek X36 Stick/Throttle, X-Arcade 2 Player unit and Thrustmaster Modena 360 Wheel :)

Feb 7, 2010, 04:16 PM	#7
Quickstrike Verification Required. Join Date: Oct 2004 Location: Calgary, Alberta, Canada! Posts: 3,610	Microsoft Diagnostics and Recovery Toolkit AKA ERD Commander & Avira AntiVir Rescue System are also useful utilities for combating this sort of thing. Look into programs like Shadow Defender, Windows SteadyState, or even Sandboxie. These will prevent [for the most part - you can never be 100% secure] malware/viruses from taking over the computer. I like to use a limited/standard user account, shadow defender, MSE, opendns forced through router config on my grandparents pc's. Every time they restart the computer, windows starts out in a clean state. Just have to exclude key folders so that documents and such can be written and saved to the hard drive. They used to get viruses/malware all the time, but haven't once been hit since I started using the new strategy. __________________ 1st PC : Intel Core2Quad Q6600, Thermalright Ultra-120 eXtreme, Gigabyte P35-DS3R, 8GB OCZ DDR2, ASUS 5850 Direct CU, Audigy 2 ZS, Klipsch 5.1 Ultras, X-25M 80GB SSD, 74GB Raptor, 1.5TB Seagate x 3, 1.0TB Seagate x 2, Cooler Master HAF 932, NEC FP2141-SB@1600x1200--109Hz. 2nd PC : AMD 64 3200+, MSI K8N Neo2 Plat., 1GB OCZ Plat. Rev.2, eVGA 6800 GT, 300GB Maxtor, Antec P182-B.

efin's System Specs
Motherboard	GIGABYTE GA-X48T-DQ6
CPU	Intel Core 2 Duo E8400 @ 3.6GHz
Graphics	Sapphire 4870 Toxic 1GB
Memory	4GB OCZ Reaper DDR3 1333
Display	ASUS VW266H 25.5"
Soundcard & Speakers	Creative Labs X-Fi Titanium Fatal1ty & Logitech Z-5300 5.1
Hard-Drives	Seagate 640GB & 320GB SATA2
Optical Drives	Lite-On lots of x
Power Supply	Raidmax Volcano RX-630A 630W
Case	APEVIA X-Plorer
Input Devices	Saitek Eclipse II keyboard, Razer DeathAdder mouse
Operating System	Microsoft Windows 7 Ultimate x64

Feb 7, 2010, 05:18 PM	#9
Leprechaun Rage3D Veteran Join Date: Jul 2003 Location: Hamilton Posts: 4,255	she? she?? She was surfing more pr0n then the whole of Rage3D put together it appears. You should worry less about malware and computers and more about hitting that as she seems very horny. And yes, malware writers should be punished as severly as possible. __________________ E6400 (2.13ghz)@8x433=3464mhz \| Gigabyte EP45-UD3L \| 2x2GB G-Skill RAM \| 2.5TB+ HD space \| XFX GTX 260 (216) Black Edition \| LG 42" 1080p HDTV

Feb 7, 2010, 06:26 PM	#10
Rayder Telepathetic Powers! Join Date: May 2003 Location: Ohio Posts: 2,197	Absolutely! Severity is key! I doubt there would be nearly as much malware "out there" if the penalty for being responsible for creating said malware is DEATH! Not possible fines or prison time, DEATH! Personally, I think malware creators should be considered international (or world-wide) terrorists, and dealt with accordingly......basically....but with a strong bias towards DEATH! Probably would about eliminate piracy too, if NoCD cracks were considered "world-wide terrorist malware" and the penalty was DEATH! Ain't nobody be creatin' no cracks, no mo'! Piracy dries up for fear of DEATH!....or because of it.... There's something to think about..... Last edited by Rayder : Feb 7, 2010 at 06:28 PM.

Feb 8, 2010, 02:22 AM	#12
Jankan Oontz oontz oontz Join Date: May 2004 Location: Joburg Posts: 4,930	AV will not help if you don't update windows every month. __________________ “A common mistake people make, when trying to design something completely foolproof, is to underestimate ingenuity of complete fools” - Douglas Adams

Jankan's System Specs
Motherboard	Asus A8r32-MVP
CPU	Intel Pentium 1 200 mhz
Graphics	Riva Tnt 2
Memory	64mb
Hard-Drives	4gb
Optical Drives	4X CDROM
Operating System	windows 95

Feb 8, 2010, 03:12 AM	#13
Deimos Evil dead Join Date: Nov 2002 Location: Network engineer Posts: 1,806	Someone mentioned UBCD, I normally use the recovery console, you can remove services that are created by viruses, delete files before they launch etc... The Kaspersky online scan was also a good tool for this, run the scan, print the report, then reboot in to the recovery console and delete the problem files. Too bad the online scan isn't available at the moment. The other option is to use a USB adapter to plug it in to another machine and scan it. The comment about the licence is a bit harsh, I have been in IT for 10 years and I still occasionally get a virus, I got a worm just the other day, I thought my dl box (server 2003) was safe because it was getting updates from WSUS however the patch that plugs that particular hole had not been applied. Mostly I remove viruses just for the challenge, I normally do an OS reload even if I manage to clean, because you never know whats its done really. __________________ Phobos: Core i7 930 @ 4.2Ghz Asus P6X58D Premium 12GB G.Skill RipJaws @ 1608Mhz Asus Radeon 5870 1GB Mars: C2Q Q6600 Asus P5Q-Premium 8GB DDR2 800Mhz 4 x 320GB WDRE RAID 10 6 X 1TB WD RAID 5

Deimos's System Specs
Motherboard	Asus P6X58D Premium
CPU	Intel Core i7 930 @ 4.2Ghz
Graphics	Asus 5870 1GB
Memory	12GB G.Skill RipJaws @ 1600Mhz
Cooling Solution	Swiftech Apex Ultra Plus H2O + Feser 360 Xchanger rad
Display	2 x Viewsonic 24" VX2433wm + Dell 24" S2409W
Soundcard & Speakers	Creative X-Fi Titanium PCIe
Hard-Drives	2 X Western Digital 500GB RAID 0
Optical Drives	2 X Lite-on iHAS324
Power Supply	Silverstone Strider ST85F 850W Modular
Case	Silverstone TJ07
Input Devices	Logitech G15 KB + G5 2007 Mouse
Operating System	Microsoft Windows 7 Ultimate x64

Feb 8, 2010, 06:34 AM	#14
SkullE_again Radeon HD 5970 Join Date: Aug 2003 Location: Nashua, NH. Posts: 936	Use the "ultimate boot cd" with AV on it. windows wont even load. __________________ Gigabyte GA-EP45-UD3P (4 gigs corsair 2x2) Core 2 Duo E6850 EVGA GTX-280 WD Raptor 150gb HDD Tagan 1100 watt psu Vista-64

SkullE_again's System Specs
Motherboard	Gigabyte GA-P35-DQ6
CPU	Intel C2D E6850
Graphics	Nvidia 8800GTS (640)
Memory	4 gig Crucial Balistix
Display	Samsung SyncMaster 19" widescreen
Soundcard & Speakers	Onboard 5.1
Hard-Drives	WD raptor (150 gig)
Case	Antec
Operating System	Windows Vista 32

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode