[37791] in Resnet-Forum
Re: FBI Moneypak Scam
daemon@ATHENA.MIT.EDU (Derek Buchanan)
Fri Dec 14 10:48:43 2012
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Message-ID: <CA+jTDn-Mja7ruJoNh_bFEKs32A2ctfPXQFcMA4sOkFMo68WhrA@mail.gmail.com>
Date: Fri, 14 Dec 2012 10:48:09 -0500
Reply-To: Resnet Forum <RESNET-L@LISTSERV.ND.EDU>
From: Derek Buchanan <buchands@gmail.com>
To: RESNET-L@LISTSERV.ND.EDU
In-Reply-To: <47EF7552AFC7BD4EB970A0DC7BC1F8260586ED7C@EX02.eup.edinboro.edu>
Have you tried Combofix as well? That running in safe mode has saved
our bacon a bunch of times. The other item I would recommend running
would be TDDS killer by Kapersky. It detects a removes several
versions of a rootkit that create their own hidden partitions.
ComboFix
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
TDDS Killer
http://support.kaspersky.com/5350
Change Parameters -> Additional options
Check - Detect TDLFS file system
Derek
Mary Baldwin College
On Thu, Dec 13, 2012 at 4:00 PM, Lilly, Mark <mlilly@edinboro.edu> wrote:
> How is everyone handling the FBI moneypak virus scam on student computers?
> We have seen some methods work, such as Malwarebytes, and others times not.
>
>
>
>
>
> Mark A. Lilly
>
> StudentNet Manager
>
> Technology & Communications
>
> Edinboro University of Pennsylvania
>
> mlilly@edinboro.edu
>
> 814-732-1071
>
>
>
>
>
>
>
>
>
> ___________________________________________________ You are subscribed to
> the ResNet-L mailing list.
>
> To subscribe, unsubscribe or search the archives, go to
> http://LISTSERV.ND.EDU/archives/resnet-l.html
> ___________________________________________________
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
