Go Back   Two Wheel Fix > General > Off Topic

Reply
 
Thread Tools Display Modes
Old 02-14-2011, 12:45 AM   #21
Cory
Kneedragger
 
Cory's Avatar
 
Join Date: Mar 2009
Location: Alaska
Posts: 220
Default

Quote:
Originally Posted by Porkchop View Post
Security Tool, Security Sheild, Windows Secuity Center, etc etc etc. I've had a couple of these fake security center virus' before. I have gotten 3 from school research alone. There are a couple ways of attacking these. System restores dont always fully remove the files. I did that and the same fake Java installer hit me. Because these virus' will shut down any antivirus program, and dont allow you to access task manager, the way to best remove them is to enter safe mode with networking if you dont have a copy of Malwarebytes Antimalware. Run Malwarebytes and quarentine the items. Malwarebytes will then restart the computer. At that point run your normal antivirus and malwarebytes again under normal operating.
I had the same crap happen after clicking a link on THIS site a few months back but Malwarebytes took care it
Cory is offline   Reply With Quote
Old 02-14-2011, 08:58 AM   #22
Papa_Complex
Nomadic Tribesman
 
Papa_Complex's Avatar
 
Join Date: Nov 2008
Location: Brampton, Canada
Moto: '09 ER-6n
Posts: 11,150
Default

My advice, as someone who deals with viruses on virtually a daily basis:

- Turn System Restore OFF. It's a nice idea, in theory, but it more frequently breaks something or just reinstalls a virus, that you just removed.

- Turn off "hide extensions of known file types" in Tools\Folder Options\View. Sometimes viral files will have a double extension, like "picture.jpg.exe", and the second extension that indicates an executable file would be hidden.

- Enable "show hidden files and folders" in Tools\Folder Options\View. It will help you find things that really don't belong, once you get used to seeing what SHOULD be there.

- Make sure that you keep up with the Windows Updates. I used to believe that 'if it's not broke you don't fix it', but these days you never really know what's 'broke.'

- Use a browser, like Firefox, that blocks reported attack sites and forgeries. You'll still need to use IE on occasion, for sites that are specifically written for the MS proprietary crap, but minimize your exposure.

- Use a good antivirus, that has a browser and email plug-in, and know what it looks like when it reports a virus. Make sure that you keep it up to date. The worst of the viruses, these days, try to look like an antivirus report. If you know what yours looks like, you're less likely to mindlessly click on everything that pops up while you're browsing. I recommend AVG which also has a safe search plug-in for your browsers, and ties into Firefox.

- If you get what looks like a fake antivirus report, REBOOT IMMEDIATELY. You may well interrupt its installation attempt, and your antivirus will have a better chance of killing it after a reboot. Additionally many of these web-based infections have no easy way to close them. They may lock your task manager or simply be one big 'button', so even clicking on the "X" to close the window may well further infect your system.

- Never reply to emails, even official looking ones, that request your username and password. EVER. Organizations, like banks or your ISP, never do this sort of thing. It's ALWAYS a fake.

- Don't click on links, in emails, that direct you to Facebook, PayPal, eBay, etc.. The link may be bogus. If you get a notification from such a site, go directly to the site.

- Don't open attachments directly from your emails. Save the attached file to a temporary folder on your computer, first, so that your antivirus gets a good shot at checking them.

- Install one or more anti-spyware programmes, update them, and actually USE THEM on a regular basis. I recommend Malwarebytes and Spybot Search and Destroy, but don't install the TeaTimer add-on for Spybot. It's more trouble than it's worth.

If you follow these recommendations, your odds of not having this sort of problem go up exponentially. The best way to handle a virus is not to get one, in the first place.
__________________
"Everything's better with pirates." - Lodge, "Dorkness Rising"

http://www.morallyambiguous.net/
Papa_Complex is offline   Reply With Quote
Old 02-14-2011, 04:51 PM   #23
Porkchop
125GP Champion
 
Porkchop's Avatar
 
Join Date: Aug 2008
Location: Worthington, OH
Moto: Empty Garage
Posts: 3,418
Default

Quote:
Originally Posted by Papa_Complex View Post
My advice, as someone who deals with viruses on virtually a daily basis:

- Turn System Restore OFF. It's a nice idea, in theory, but it more frequently breaks something or just reinstalls a virus, that you just removed.

- Turn off "hide extensions of known file types" in Tools\Folder Options\View. Sometimes viral files will have a double extension, like "picture.jpg.exe", and the second extension that indicates an executable file would be hidden.

- Enable "show hidden files and folders" in Tools\Folder Options\View. It will help you find things that really don't belong, once you get used to seeing what SHOULD be there.

- Make sure that you keep up with the Windows Updates. I used to believe that 'if it's not broke you don't fix it', but these days you never really know what's 'broke.'

- Use a browser, like Firefox, that blocks reported attack sites and forgeries. You'll still need to use IE on occasion, for sites that are specifically written for the MS proprietary crap, but minimize your exposure.

- Use a good antivirus, that has a browser and email plug-in, and know what it looks like when it reports a virus. Make sure that you keep it up to date. The worst of the viruses, these days, try to look like an antivirus report. If you know what yours looks like, you're less likely to mindlessly click on everything that pops up while you're browsing. I recommend AVG which also has a safe search plug-in for your browsers, and ties into Firefox.

- If you get what looks like a fake antivirus report, REBOOT IMMEDIATELY. You may well interrupt its installation attempt, and your antivirus will have a better chance of killing it after a reboot. Additionally many of these web-based infections have no easy way to close them. They may lock your task manager or simply be one big 'button', so even clicking on the "X" to close the window may well further infect your system.
- Never reply to emails, even official looking ones, that request your username and password. EVER. Organizations, like banks or your ISP, never do this sort of thing. It's ALWAYS a fake.

- Don't click on links, in emails, that direct you to Facebook, PayPal, eBay, etc.. The link may be bogus. If you get a notification from such a site, go directly to the site.

- Don't open attachments directly from your emails. Save the attached file to a temporary folder on your computer, first, so that your antivirus gets a good shot at checking them.

- Install one or more anti-spyware programmes, update them, and actually USE THEM on a regular basis. I recommend Malwarebytes and Spybot Search and Destroy, but don't install the TeaTimer add-on for Spybot. It's more trouble than it's worth.

If you follow these recommendations, your odds of not having this sort of problem go up exponentially. The best way to handle a virus is not to get one, in the first place.
I got one a couple years back in florida. I went to reboot the system and when it turned back on the virus had changed my desktop background to something that said somethign along the lines of "your computer is affected by a VIRUS. Hackers can see any files on your computer even when you delete them. Please run *said program* to remove them." It was all scary looking. It even put an icon on my desktop. This was before I knew how to deal with them. I battled that fucker for like 2 hours. I was ready to maim and murder the fuckers that wrote that shit by the time that I got rid of it.
__________________
*Coming soon?
2010 Ducati Monster 696 - Sold
1984 Honda VF500F - Sold
1999 Yamaha R6 - Sold
Porkchop is offline   Reply With Quote
Old 02-14-2011, 06:51 PM   #24
Papa_Complex
Nomadic Tribesman
 
Papa_Complex's Avatar
 
Join Date: Nov 2008
Location: Brampton, Canada
Moto: '09 ER-6n
Posts: 11,150
Default

I've seen far worse than that one, which is relatively easy to remove. I generally didn't need a utility, in order to completely remove that. Just MSConfig and Regedit.
__________________
"Everything's better with pirates." - Lodge, "Dorkness Rising"

http://www.morallyambiguous.net/
Papa_Complex is offline   Reply With Quote
Reply

Bookmarks


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 12:03 PM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.