[37799] in Resnet-Forum
Re: FBI Moneypak Scam
daemon@ATHENA.MIT.EDU (Lilly, Mark)
Fri Dec 14 19:18:02 2012
Content-Language: en-US
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID: <feq9l5nm3uf2iibq7y3o9k5r.1355530652199@email.android.com>
Date: Sat, 15 Dec 2012 00:17:18 +0000
Reply-To: Resnet Forum <RESNET-L@LISTSERV.ND.EDU>
From: "Lilly, Mark" <mlilly@edinboro.edu>
To: RESNET-L@LISTSERV.ND.EDU
In-Reply-To: <CA+jTDn-Mja7ruJoNh_bFEKs32A2ctfPXQFcMA4sOkFMo68WhrA@mail.gmail.com>
That is the way we have been approaching it just looking for any additional ways to attack it.
Sent from my Verizon Wireless Phone
Derek Buchanan <buchands@gmail.com> wrote:
Have you tried Combofix as well? That running in safe mode has saved
our bacon a bunch of times. The other item I would recommend running
would be TDDS killer by Kapersky. It detects a removes several
versions of a rootkit that create their own hidden partitions.
ComboFix
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
TDDS Killer
http://support.kaspersky.com/5350
Change Parameters -> Additional options
Check - Detect TDLFS file system
Derek
Mary Baldwin College
On Thu, Dec 13, 2012 at 4:00 PM, Lilly, Mark <mlilly@edinboro.edu> wrote:
> How is everyone handling the FBI moneypak virus scam on student computers?
> We have seen some methods work, such as Malwarebytes, and others times not.
>
>
>
>
>
> Mark A. Lilly
>
> StudentNet Manager
>
> Technology & Communications
>
> Edinboro University of Pennsylvania
>
> mlilly@edinboro.edu
>
> 814-732-1071
>
>
>
>
>
>
>
>
>
> ___________________________________________________ You are subscribed to
> the ResNet-L mailing list.
>
> To subscribe, unsubscribe or search the archives, go to
> http://LISTSERV.ND.EDU/archives/resnet-l.html
> ___________________________________________________
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
