Nasty Facebook virus

I went into work Friday and our accounting machine was covered with "You have xxx viruses!!"
I know the girl who works for me clicked one of those Facebook messages, I was in the field all Thursday and she’s an FBaddict…
It disables safe mode, whacks the Administrator account, downloads more and renames and reinstalls with every boot.
My AvastBart cleaned it, and came back first boot. My BartPE with msconfig shows me it’s all in a startup, but it disables msconfig and won’t allow writes from BartPE to fix it.
Also throws in a redirect that kills Avast, AVG and Malwarebytes updates.
Nasty thing, so last thing I did was try Nod32 which found dozens of infected files and can’t fix them. Or fixes them real good, now it won’t even boot for all the errors…

cd windows
del .
rd windows
format c:
format d:
format i:
awrdflsh.exe “bin3302.bin”

lol just kidding…yea sometimes there is just no going back on virus’. Did you get a name for the virus?

Bummer:(  Hopefully you can fix the unit, herbie. 

Bredolab, hauls in a whole bunch more.
Easiest to reboot with a Bart disk and USB external, copy over the docs & vital data folders and wipe the damn drive out.

Windows may be annoying, but so are retarded people who click on stupid links and aren’t smart enough to know the difference between something legit, and some stupid virus…

How dumb do you have to be?

Did you try Hijack This to erase all that shit from the registry?

Yeah, me too, herbie.  On one of my Slackware stations I was running a dual boot with XP Pro.  I kept the unit patched, anti-virus up to date, etc., etc.  Picked up some type of nasty bug.  I formatted the unit so it just has Slackware now.
Windows takes way too much energy to maintain.

few Word’s.

FIRE her LOL BLOCK facebook at work.

another thing, DEEP FREEZE with second partition :0 lol

Third,  BUY A MAC !!

Not a good idea… eventhough it’s the Cadillac of all personal computers people’s ego grows exponentially by just simply owning a Mac. =.=

One of my AME “M” instructors is the prime example of that. Sad… ಥ_ಥ

It’s like the IQ test spyware.  If you’re dumb enough to click the IQ test, then um, you’ve failed your IQ test :smile:

I have to agree, its common sense

I don’t think so PLA, it’s just you come to expect to be able to open your computer and use it after having a Mac.
Friday the two cafe ones I turned on had to update java, the virus protectors and a couple programs before you could use them. The main one had downloaded and update and had to wait for a reboot. The accounting computer was FUBAR’d. One on the repair desk had downloaded a MS update and rebooted overnight and had to run the AV again from scratch, the monitor computer was stalled waiting for a response cuz the old tech downloaded some game that was infected.
Three ppl waiting at the door with Facebook infections, the phone ringing because one mill’s accounting computer couldn’t access their server (DHCP was stopped), 3 messages about Win7 upgrades that didn’t work (and I don’t sell the upgrades) and an admin mailbox full of abuse reports about the damn Facebook virus on 3 router IPs from Telus and 2 from Navigata…
fucking Windows.
And how stupid? Every single one in my face demanding an explanation even though you know they’re too stupid to understand or too stupid to believe you. My long lost school buddy in NovaScotia really does know my Facebook password’s corrupted! Why ELSE would she have sent that message?

Dude, why woulden’t you block facebook at work ?  shouldent she be working AT WORK! ?

I say buy a mac, because so many business now use mac, and i’m sure Herbie, can use a mac at his location.

if you have to use pc, why not throw a copy of deep freeze on ?

I don’t think so PLA, it’s just you come to expect to be able to open your computer and use it after having a Mac.[/quote]

Don’t forget the tears of joy…  :smiley:

Macs or Linux for me:)  I do have one winders netbook at home…so far it is clean.

Took out Avast (had to be compromised) scanned with Nod32. Wouldn’t reboot.
Did the 2nd windows repair, rebooted to safe. Msconfig started… wiped the referred to files. While Nod32 ran again deleting millions of files I scoured system32 and dumped dozens more. Got rid of a new Admin account wasn’t there Thurday…
Ran Malewarebytes and nailed a few more.
Restarted it, updated Nod32 and found 3 more…
Now doing a final Nod32 scan and crossing my fingers.
Time to image every important machine every Friday… what a ton of shit to go thru just to use an OS.

Seriously, this program is amazing…

image then deep freeze, put on only necessary program’s call it a day :smile: Don’t for get the second partition for file’s.

I never thought I’d say it but jase is right.  Block facebook at work and throw up a proxy like dansguardian. It will filter viruses on the fly.

Maybe you could use Ubuntu to re-size the windows partition on the Facebook fiend’s PC then throw Ubuntu on the unit (dual boot).  Then she can click on all the malware she wants.  Linux would be a safe choice for her.