Nikos' Config

Malware Maniac

Malware Maniac

Level 1
May 14, 2012
673
Stranger said:
If I had learn the situation right Nikos had infected his pc few days back while testing malware on host and he have Comodoon his system which unable to block the threat?
Am I right or not?
Click to expand...

  1. Nikos installed malware...
  2. He ran combo fix...
  3. He replaced services.exe
  4. He was wanting to uninstall combo fix...
  5. He was able to delete QooBox...
  6. He also wanted to delete Program Data thinking it was no use on the system...
  7. He deleted almost everything in ProgramData and found out it was critical on the system...

We gave him disclaimers and he didn't listen when he was not suppose to delete Program Data.
 
S

Spirit

Level 2
May 17, 2012
1,832
Hmm,his machine is in trouble.
The best idea is to format and reinstall when all things fail(I know its painfull).

I want one confirmation from Nikos or other member that while testing malware which av was installed on his system?
 
Malware Maniac

Malware Maniac

Level 1
May 14, 2012
673
Stranger said:
Hmm,his machine is in trouble.
The best idea is to format and reinstall when all things fail(I know its painfull).

I want one confirmation from Nikos or other member that while testing malware which av was installed on his system?
Click to expand...

This post says he had Comodo FW and Panda on his system. http://malwaretips.com/Thread-Nikos-Config?pid=65713#pid65713
 
P

Plexx

Stranger said:
Hmm,his machine is in trouble.
The best idea is to format and reinstall when all things fail(I know its painfull).

I want one confirmation from Nikos or other member that while testing malware which av was installed on his system?
Click to expand...

Malware Maniac said:
Stranger said:
Hmm,his machine is in trouble.
The best idea is to format and reinstall when all things fail(I know its painfull).

I want one confirmation from Nikos or other member that while testing malware which av was installed on his system?
Click to expand...

This post says he had Comodo FW and Panda on his system. http://malwaretips.com/Thread-Nikos-Config?pid=65713#pid65713
Click to expand...

He didn't have an AV at the time.

Page one of the incident:
http://malwaretips.com/Thread-Malware-Ramnit-Brand-new-varient

CFW with D+ was what he was expecting to protect and where the issue started.

By the end of the few pages, it was still unclear if he was infected completely or not.

That is also the reason why I told him already several times to fully reinstall Wndows 7...

The incident that previously happened plus the constant add and remove of programs, drivers, services, plus the recent removal of 2 folders was simply a recipe for disaster. His system at the moment is nearly half recovered yet it is a ticking time bomb. Unfortunately, seems like I am speaking to a wall...

So perhaps someone translate the message to him.
 
D

Deleted member 178

He didn't listen me when i said to keep CAV, he still want to avoid any AVs but doesn't know how to efficiently run a system without them, then he ran the 0-day malware with CFW on stock setting, it is clear now doesn't have the skills to set it up properly or interpreting the potential popups, then he seems to be infected, ran combofix...then we know the following events...

Even me i never ran a malware or suspicious apps on my real system even with my combo unless under shadow mode.
 
Nikos

Nikos

New Member
Thread author
Jul 19, 2012
357
Hi folks! Sorry for not interfering with the discussion sop far as iam currently on vacation and i will be for 10 more days in Chalkidiki, Greece.

Iam on a beach bar at the moment with my laptop and saw my mails and forum notifications.

Although i act foolishly the last days i was also lucky as i wasnt infected with the 0-day malware since it satted at shell that "Not enough memory to run on" thats why AV searches found my pc intact except the 2nd time i run combofix priot of un-installing it which found services.exe infected and resored the file.


Although i have deleted "ProgramData" folder because i was under the impression it was a leftover filder form combofix nothing wrong went on my pc except the missing of start menu shortcuts and reinstallation of babylon app.

My laptop is working fine, and why shouldnt it? ProgramData is like %appdata% is a folder used to store setting for various applications and even if you delete it no harm will be done to the actuall applications just some seetings misses.
 
You must log in or register to reply here.

Similar threads

amirr
    • Like
Advice Request If I use KIS, then is that necessary to enable Microsoft Edge's Enhanced Security Mode?
Replies
7
Views
969
Kaspersky
amirr
amirr
Gandalf_The_Grey
    • Like
World Backup Day March 31, 2023
Replies
2
Views
642
News Archive
cartaphilus
cartaphilus
S
    • Like
Advice Request Cruel CF still safe? What companion AV? and a minor issue.
Replies
16
Views
2,699
Comodo
Stronghold
S

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top