|  RSS
Subscribe to magazine

PC World Forums: Pentacle 666 malware - PC World Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Pentacle 666 malware

#1 User is offline   bcllibrary Icon

  • Newbie
  • Pip
  • Group: Members
  • Posts: 4
  • Joined: 09-August 07

Posted 29 April 2009 - 03:23 AM

Has anybody come across such a virus
A message appears once the machine boots to a blank notepad file that opens and the below starts automatically being typed inside
Pentacle - 666 - Pentacle - 666 - Pentacle

follwed by a message in french.

I did see the post on Kaspersky but I am leary of using combfix.

thx

lib
0

#2 User is offline   tek101 Icon

  • Senior Member
  • PipPipPipPipPip
  • Group: Members
  • Posts: 525
  • Joined: 05-April 09
  • Location:UCF

Posted 29 April 2009 - 04:26 AM

Would you like to remove it.........?

Or you just want to know if anybody else sees it ......?!http://forums.pcworld.com/legacyimages/
1!

Run these "Full scan" first ...: www.computorcompanion.com/LPMArticle.asp?ID=235

[http://www.superantispyware.com/download.html]
0

#3 User is offline   coastie65 Icon

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 10,334
  • Joined: 02-April 07
  • Location:Richmond Va.

Posted 29 April 2009 - 08:43 AM

Hi, Yeah, that is definately malware alright. As tek101 suggested download, update and run www.SUPERantispyware.com as well as www.malwarebytes.org . letus know how that goes. coastie
0

#4 User is offline   SpiritWind Icon

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 1,917
  • Joined: 19-August 06

Posted 29 April 2009 - 09:08 AM

Posted Image Hi :
Best to START the "removal process" by using programs such as Malwarebytes

Anti-Malware and 'SUPERAntiSpyware" . And Combofix is Best used under the guidance

of a certified "Malware Removal Specialist" ( in case something goes "wrong" ) ; however,

you may want to look through the Combofix "Tutorial" at

www.bleepingcomputer.com/combofix/how-to-use-combofix to see IF you feel

"adequate" to use it based on the Info there .

Info on the Kaspersky site says it comes from usb drives; do you use these ? IF Yes,

then I recommend you also seriously consider using the FREE "Flash Disinfector" &

start with the Info at [http://experi3nc3.wordpress.com/2007/05/10/flash-disinfector-by-subs/] .
0

#5 User is offline   coastie65 Icon

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 10,334
  • Joined: 02-April 07
  • Location:Richmond Va.

Posted 29 April 2009 - 10:25 AM

Hey SpiritWind, I was doing some research on that thing. Interestingly, I got an orange pop up alert from Avast! about hijacked sites afterwards and I am reasonably sure that is what happened in this case. I have run into it in the past myself when doing some research on XP MCE. That turned out to be a pain ( I had a lot of stuff). It wasn't deeply installed in the system, but was all over the place. That stuff was more of a nuisance to remove, than any real problem, as there was so much of it. I remember one was the Downloader ZLOB and that was the worst of the lot. The rest was several variations of Vundo. Did take a bit of work though.
0
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users