The worst Trojan Mallware ever?
May 1, 2010 3:34 PM Subscribe
Can anyone help a layman deal with a Virtool:Win32/Ursnif.A - TrojanSpy:Win32/Ursnif.gen!H infection?
As near as I can tell it killed my paid Mallwarebytes. Then I got free Avast but nothing was right after the initial attack. When Avast expired I got Microsoft Security Essentials, which I should have done to begin with. MSE finds the trojan and can’t clear it, but it does “suspend it”.
When I’m running with the threat suspended my machine is up to speed and everything seems OK... but is it OK? As near as I can tell, the only way to remove the infection is to erase a part of the logon software and reinstall.
To further complicate the situation, my access to my service provider was nuked somewhere along the line and I can’t do Email anymore.
I still have all my original installation disks. The computer is an 8 year old Dell Dimension DIM 4600 running service pack 3, and I can’t afford a new one.
As near as I can tell it killed my paid Mallwarebytes. Then I got free Avast but nothing was right after the initial attack. When Avast expired I got Microsoft Security Essentials, which I should have done to begin with. MSE finds the trojan and can’t clear it, but it does “suspend it”.
When I’m running with the threat suspended my machine is up to speed and everything seems OK... but is it OK? As near as I can tell, the only way to remove the infection is to erase a part of the logon software and reinstall.
To further complicate the situation, my access to my service provider was nuked somewhere along the line and I can’t do Email anymore.
I still have all my original installation disks. The computer is an 8 year old Dell Dimension DIM 4600 running service pack 3, and I can’t afford a new one.
Try renaming the MalwareBytes executable to something besides mam.exe. Many viruses can actually block MalwareBytes by name, but in my experience renaming the file should let you run it.
posted by niles at 3:54 PM on May 1, 2010
posted by niles at 3:54 PM on May 1, 2010
You can download an obfuscated Malwarebytes exe file and place it in the Malwarebytes install folder.
Try MS Security Essentials, too -- it detected one infection that Malwarebytes didn't on my machine.
Hold off on any other changes until those run their course -- the removal part can fix some pretty weird problems (email, etc.)
posted by circular at 4:19 PM on May 1, 2010
Try MS Security Essentials, too -- it detected one infection that Malwarebytes didn't on my machine.
Hold off on any other changes until those run their course -- the removal part can fix some pretty weird problems (email, etc.)
posted by circular at 4:19 PM on May 1, 2010
This thread is closed to new comments.
posted by rhizome at 3:52 PM on May 1, 2010 [1 favorite]