Jump to content

Yuvalir

Members
  • Content Count

    5
  • Joined

  • Last visited

About Yuvalir

  • Rank
    Candidate
  1. More over, i took away suspicious activity permission from host process for windows services and added logging of activities, and i noticed some activities being logged and blocked. I put Windows Modules Installer at high-restricted and that seemed to block the virus pretty well too, but i couldn't update my windows... because of obvious reasons... So, now, i removed the restrictions from all of the processes and magically it doesn't attack my system files anymore... even if i reboot my system. all it does it read a lot at the start up and then shuts it self down for unknown reasons, as i described in the above post. Could i actually harmed the virus's file/code/operations by blocking it and actually broken it? or is it just doing some other stuff instead of deliberately trashing my hard disk?
  2. Here are your requests. Oddly enough, today i put my pc in safemode to try and see if the virus still runs on safe mode because i remembered it did, but it didn't. But now, i don't see anymore constant writing to the system folder like there used to be... it might just be doing something else instead but, just incase, i started logging all the activities it did, and here is one example. usually i've got 65~ processes There's just this process going at 25% on boot up going with about 75 processes, but a few minutes after it calms down... usually it goes to constant disk writing after it reads a bunch of stuff. usually when there's 75 processes the ram is at 2.5-3 GB... when normal is around 1.6Gb But after the read that executes trustedinstaller, it just stops and nothing happens anymore.... Which is extremely strange because it started stopping after i only launched it once into safe mode and immediately switched back to normal boot. GetSystemInfo_YUVAL_PC_Yuval_2015_07_23_14_20_51.zip KL_syscure.zip
  3. So, a few years ago, my backup hard drive was infected with an OS disintegrating virus. God knows how(I'm not the only one using that hard drive).... So hey, i got kaspersky now! lets scan that scum! WRONG! I scanned the hard drive and during the scan it obviously activates the files to sandbox them, and guess what? my pc got infected for the 10th time from this virus. Of course for the past two years i didn't touch that drive, but my dad says that he used it many times and nothing happened, so i really believe it had something to with the scan. My question is, how is this vulnerability not fixed yet!? it's been 5 years since i first encountered this virus! 2010! I practically know everything about this virus... i've let it destroy my system last time... it literally started crashing my OS and stuff started blinking and a lot of weird stuff until it just didn't boot. I know what processes are involved in it, and what to do to neutralize it. For instance, if you just suspend TrustedInstaller.exe process that usually uses 25% of the cpu at all time, everything just magically stops. The constant disk writing is stopping and system trashing is stopping, so obviously we got a virus that takes advantage of TrustedInstaller. I know it's not a disguise because when i disabled all permissions of the real trustedinstaller.exe in system/servicing the virus never started going in action. Once TrustedInstaller.exe is working, the service svchost.exe(DcomLaunch) is CONSTANTLY writing a lot of shit to the system folder. My dad doesn't want to format that disk because it has gigabytes of pictures, so i'm stuck with that. What can i do to help stop this virus from ever further attacking my system and fixing that vulnerability? Further more, i believe kaspersky should further investigate this case because i think it's mind blowing that such an old virus is still effective. If anyone can provide some technical help if he knows/heard of such virus/wants further information and logs/knows how to remove it, PLEASE.
  4. Hi, several days ago i found out that my C: drive had about 100 gigs left out of its 488. It drove me nuts, until some guy told me to get WinDirStat. with that i found out that my kaspersky folder is bigger than 199 gigs, which is a hidden folder. Can anyone tell me if i can simply delete these files? because i cannot have it like this.
  5. Recently, google updated chrome to be more secure by not allowing any extension that doesn't exist in the google store to be ran and installed on chrome, and since kaspersky extensions are third party installed and don't exist in the google store, the extensions are now permanently disabled and i cannot activate them even if i wanted to. needs to be fixed, and if there's a fix please tell me it because i can't find one online. thanks in advance, Yuval
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.