Bucket Guild | FUBU BH Forums

So, yesterday I'm at work, browsing around. Being in an online business, I go to sites all over the internet, some of these sites could literally be considered the asshole of the internet (or close to it...since I'm pretty sure 4chan holds that title exclusively).

Well, lo and behold, I all of a sudden get a huge pop up on my machine saying "Windows Security 2012 Unregistered Version" then it starts "scanning" my computer telling me i have all these viruses and that my computer is at risk.

Now, I've seen this type of malware before...it's stuff that installs itself and tells you you have all these viruses when it's actually a virus just trying to get you to purchase shitty spyware software.

Well, naturally I go "oh shit" and x out everything. I immediately get my virus scanner (ESET) working. Unfortunately, it finds the infections but doesnt clean it. So, I take matters into my own hands...I see what is quarantined, this file "pal.exe" which isn't in the place it should be, and keeps firing up every time i try to open my web browsers (which results in the windows 2012 fake virus scan popup). When I end the process manually after a ctrl+alt+delete the pop up goes away, but it also force closes the web browser.

Well, I decide to delete this file straight up out of my temp files (where it was located). There was one more file in there that looked suspicious, so I deleted it too.



Good news: That pesky pop up bullshit is gone. When I open my browsers etc. everything is fine....ESET scans yield no infections.

Bad News: Now, every time I try to open a program (be it Quickbooks, Spotify, Firefox, Excel, etc.) windows doesn't know how to recognize the file...so I have to browse my computer for the actual .exe and select it, and I can't check the box "always use this program to open this kind of file"

Bottom line, it all works, but it's fucking annoying to have to hunt for the actual .exe file in my Program Files (x86) folder every time I want to open a program. Is there any way I can fix this? Is it just a side effect from that malware being a bitch, or did I delete something I shouldn't have in the process.


TL,DR: Tech question. GTFO

It is a combination of both. Try rolling back to a restore point, which hopefully you have been running, or run a windows repair if you have a windows disk handy. Combofix may work as well. Stop looking at midget farm animal porn at work, save that for the drive home.

9 level 90s and 10 85s, Damn I need another hobby.

Dammit, Jubber!

Your Pal,
Jubber

AKA "The Gun"
AKA "ROFeraL"

World Renowned Mexican Forklift Artiste

bring it to your IT person and say "i brokesed it". seriously.

that's not your area of expertise, and if you're compromising your systems that easily, your IT person needs to address that. you shouldn't have to start up your antivirus to combat something, your AV should've been stopping it in the first place, and your shit should've been patched properly.

edit:
and since your IT person may need help...

edit2:
if you worked in my shop, you wouldn't be able to do half the shit you think you're entitled to do despite Quickbooks running on your system.

edit3:
no edit3, move along.

lold

Brawlsack

Taking an extended hiatus from gaming

ESET catches 99.999999999% of everything. How did you possibly manage anything of the sort?

Druid: Meowth
« Steam »« Xfire »
Glorious Death Metal Music

Because he is the .000000001%! Occupy Insanity!!!

Your Pal,
Jubber

AKA "The Gun"
AKA "ROFeraL"

World Renowned Mexican Forklift Artiste

something's configured improperly, especially if he has to "get " his "virus scanner (ESET) working"

I think he just means running an active scan. At least I hope. But I agree something isn't set up right because mine will actively stop things as they happen. Whether that means loading a site or using cracks etc.

Druid: Meowth
« Steam »« Xfire »
Glorious Death Metal Music

Yes, I meant I ran an active scan with ESET.

The strange thing is that ESET DID catch the malware...it "quarantined" it...that's how I discovered that "pal.exe" was the culprit. On the active scan it discovered the infection, but didn't remove it.

However, even though "pal.exe" was quarantined according to ESET, it still was executed, resulting in aforementioned popups etc.

I wonder if it wasn't quarantined if it would have raped my entire system.

yes, but that means it quarantined based on suspicious activity, not on a real time scan of the program before it executed (on file close, or even file open).