|
» GC Stats |
Members: 331,905
Threads: 115,724
Posts: 2,207,984
|
| Welcome to our newest member, kaylanro6827 |
|
 |
01-09-2009, 05:23 PM
|
|
GreekChat Member
|
|
Join Date: Aug 2003
Location: Michigan
Posts: 15,854
|
|
|
In my experience, the virus disables McAfee before McAfee knows what's going on. It truly is making me crazy. It registers a dll and a handle and associates them with winlogon.exe and explorer.exe. You can't rename them or delete them because they are always in use, even in safe mode. When you delete their registry keys, the virus re-creates them immediately. Truly maddening. Now, I boot with a floppy boot disk and delete them through DOS. You can use process explorer to stop the handle association and then rename the files also, but until you've removed the handle association, it just keeps coming back.
|
01-09-2009, 07:40 PM
|
|
Moderator
|
|
Join Date: Jul 2001
Location: Crescent City
Posts: 10,063
|
|
Quote:
Originally Posted by AGDee
In my experience, the virus disables McAfee before McAfee knows what's going on. It truly is making me crazy. It registers a dll and a handle and associates them with winlogon.exe and explorer.exe. You can't rename them or delete them because they are always in use, even in safe mode. When you delete their registry keys, the virus re-creates them immediately. Truly maddening. Now, I boot with a floppy boot disk and delete them through DOS. You can use process explorer to stop the handle association and then rename the files also, but until you've removed the handle association, it just keeps coming back.
|
ICK. That's nasty. What kind of sick puppies come up with this stuff?
__________________
AEΦ ... Multa Corda, Una Causa ... Celebrating Over 100 Years of Sisterhood
Have no place I can be since I found Serenity, but you can't take the sky from me...
Only those who risk going too far, find out how far they can go.
|
01-10-2009, 12:45 AM
|
|
GreekChat Member
|
|
Join Date: Aug 2003
Location: Michigan
Posts: 15,854
|
|
Quote:
Originally Posted by aephi alum
ICK. That's nasty. What kind of sick puppies come up with this stuff?
|
The registry keys will keep re-creating themselves too. I tried changing values then changing the permissions on the keys to stop that and it just made a new registry key or changed it all back to how it was originally, even when I denied access to the registry key to EVERYBODY and the system account. I swear I was ready to kill that kid of mine.
|
01-10-2009, 01:07 AM
|
|
Moderator
|
|
Join Date: Jul 2001
Location: Crescent City
Posts: 10,063
|
|
Quote:
Originally Posted by cheerfulgreek
You guys, today has been the biggest nightmare ever.
<snip>
The Dell guy told me Norton was the best one. He said that's what he uses. So I got that one.
|
I'm glad to hear you were able to recover your system and get back online. That Norton comment was very interesting - my brand new Dell laptop shipped with McAfee...
Quote:
Originally Posted by AGDee
The registry keys will keep re-creating themselves too. I tried changing values then changing the permissions on the keys to stop that and it just made a new registry key or changed it all back to how it was originally, even when I denied access to the registry key to EVERYBODY and the system account. I swear I was ready to kill that kid of mine.
|
YEOW. That's really evil. I hope karma delivers a nasty bite in the posterior to whoever came up with this virus.
__________________
AEΦ ... Multa Corda, Una Causa ... Celebrating Over 100 Years of Sisterhood
Have no place I can be since I found Serenity, but you can't take the sky from me...
Only those who risk going too far, find out how far they can go.
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
All times are GMT -4. The time now is 07:07 AM.
Hybrid Mode
