PDA

View Full Version : Computer blocked



leksie
January 24th, 2013, 05:14 AM
Shortly ago i've been attacked bij a PC blocking virus , it took me 4 hour's to delete the virus .

See the link for an explanation . For me it was the chapter " Your computer has been blocked" .

http://blog.malwarebytes.org/intelligence/2013/01/zero-day-java-vulnerability-wreaks-havoc-on-computers-worldwide/

Robert2d6
January 24th, 2013, 07:57 AM
The bad part about getting an infection on your PC, is that you really can't be totally sure that it is gone, since some of these Malwares will install other Malware at the same time. So you may find one and delete it, but there could be another one still there, getting your keystrokes, passwords, etc. Only sure way is to wipe the drive and start over again. I use Chrome, which will always ask for permission to run Java which I need for one program I have.

leksie
January 24th, 2013, 08:08 AM
Yes , you'r right but i also use Malware bytes and i did find one piece of malware .
So , before i start i let run Malware first on my PC .It's a lot of fuss(?) but .........................

fran1
January 24th, 2013, 08:20 AM
Best to keep any program that uses java up to date, I only have 2, adobe reader and flash player which are set to auto update.

Robert2d6
January 24th, 2013, 08:26 AM
Yes , you'r right but i also use Malware bytes and i did find one piece of malware .
So , before i start i let run Malware first on my PC .It's a lot of fuss(?) but .........................

Mallware bytes is not fool proof, and I have seen it miss Malware on a computer, and the owner finally wiped the hard drive to get rid of it.

clam1952
January 24th, 2013, 09:22 AM
There isn't one single program that is going to detect everything and some malware / virus's can initially fool the most commonly used protection anyway.

William0d0
January 24th, 2013, 10:08 AM
That's way I don't feed my computer cheese.

Enzo1
January 24th, 2013, 11:39 AM
Mallware bytes is not fool proof, and I have seen it miss Malware on a computer, and the owner finally wiped the hard drive to get rid of it.

Nor is any other Anti-virus, though malwarebytes did find a variation of the same virus mentioned above (Norton couldn't see anything except a worm)... While Norton removed the worm, that was not the trojan that was on my computer, so we got malwarebytes and removed it.....

JCitron
January 24th, 2013, 03:19 PM
I agree no one program can be trusted in removing malware. Malwarebytes is much better than others, and is a good adjunct program to use in conjunction with another antimalware program.

I suggest that you check out www.bleepingcomputer.org (http://www.bleepingcomputer.org) This website is dedicated to malware removal and has many useful tools including ComboFix. Tigsy's Rogue Killer among others.

John

jimabbey
January 24th, 2013, 03:44 PM
That is why I use trend Micros Protection,It's worth the price. I Never have a problem with Viruses and I don't use torrents or view porn.

JCitron
January 24th, 2013, 05:09 PM
That is why I use trend Micros Protection,It's worth the price. I Never have a problem with Viruses and I don't use torrents or view porn.

I've had good luck with their products as well as those by GFI Software. I currently use Vipre Internet Security by GFI. I got involved in them via the original Sunbelt Software whom I had done some beta testing for. They wrote the original engine behind Microsoft's Windows Defender and System Essentials through their purchase of Giant Software.

http://en.wikipedia.org/wiki/Alex_Eckelberry

www.sunbeltsoftware.com

The other founder Stu Stauerman has gone on to found an new security company called Knowbe4 - www.knowbe4.com (http://www.knowbe4.com) , which focuses on security training.

I had the opportunity to speak to both of these guys on the phone way way back in 2000 after I had some questions and recommendations on a product I had purchased from them. We spoke for some time about technical stuff, and when their new Sunbelt CounterSpy came out, I was asked to be a beta tester and joined the testing team. This product eventually lead on to Vipre Internet Security after they purchased Kerio Firewall. After using CS for some years, I beta tested Vipre and have stayed with them since. I can't beat their subscription price of $60.00 for a whole household of PCs. For me that's over 10 machines ranging from various desktops and some laptops. The cost savings for the site license for home users is outstanding. The regular subscription price isn't bad either at $20.00 per year, after the intial purchse. At prices like this, it's inexcusable that people do not have some kind of virus protection on their systems.

Prior to using Vipre, I was using Trend Micro PCcillin. This was long before they had the firewall and antispyware modules added. This is how I got involved with GFI or Sunbelt. We had used Trend Micro's old NeatSuite for our antivirus where I worked. This was an upgrade/replacement of the old Norton Antivirus that Polaroid was using. When my old division was sold, we had to build our own infrastructure and we were asked what we wanted. My choice was anything but Norton, and we purchased the Trend product. What is nice about Trend Micro's products is the same underlying scan engine is used across all products, meaning only one pattern update is needed and disbursed rather than needing to do multiple downloads to various systems. The underlying scan engine is the same too as that used in their personal PC products. I had to call them once for tech support one day I and asked about a personal product because I was trying to get away from Norton at home. I ended up getting a free license for 1 year from Trend, and used their products right up to three years ago.

Speaking about support, I found both companies to have outstanding customer support. Sunbelt is based in Key Largo, Florida and has a real support staff, meaning you can call them. They charge nothing for their support and will help resolve your issues. I submitted a ticket with them recently regarding a firewall issue. I received an email directly from the support the support guy. Trend has their US office in California, and their support staff was excellent when I had called them years ago. Both of these companies are far above McAfee (barf) and Symantec when it comes to products and support.

John

Robert2d6
January 24th, 2013, 05:53 PM
I've had good luck with their products as well as those by GFI Software. I currently use Vipre Internet Security by GFI. I got involved in them via the original Sunbelt Software whom I had done some beta testing for. They wrote the original engine behind Microsoft's Windows Defender and System Essentials through their purchase of Giant Software.

http://en.wikipedia.org/wiki/Alex_Eckelberry

www.sunbeltsoftware.com (http://www.sunbeltsoftware.com)

The other founder Stu Stauerman has gone on to found an new security company called Knowbe4 - www.knowbe4.com (http://www.knowbe4.com) , which focuses on security training.

I had the opportunity to speak to both of these guys on the phone way way back in 2000 after I had some questions and recommendations on a product I had purchased from them. We spoke for some time about technical stuff, and when their new Sunbelt CounterSpy came out, I was asked to be a beta tester and joined the testing team. This product eventually lead on to Vipre Internet Security after they purchased Kerio Firewall. After using CS for some years, I beta tested Vipre and have stayed with them since. I can't beat their subscription price of $60.00 for a whole household of PCs. For me that's over 10 machines ranging from various desktops and some laptops. The cost savings for the site license for home users is outstanding. The regular subscription price isn't bad either at $20.00 per year, after the intial purchse. At prices like this, it's inexcusable that people do not have some kind of virus protection on their systems.

Prior to using Vipre, I was using Trend Micro PCcillin. This was long before they had the firewall and antispyware modules added. This is how I got involved with GFI or Sunbelt. We had used Trend Micro's old NeatSuite for our antivirus where I worked. This was an upgrade/replacement of the old Norton Antivirus that Polaroid was using. When my old division was sold, we had to build our own infrastructure and we were asked what we wanted. My choice was anything but Norton, and we purchased the Trend product. What is nice about Trend Micro's products is the same underlying scan engine is used across all products, meaning only one pattern update is needed and disbursed rather than needing to do multiple downloads to various systems. The underlying scan engine is the same too as that used in their personal PC products. I had to call them once for tech support one day I and asked about a personal product because I was trying to get away from Norton at home. I ended up getting a free license for 1 year from Trend, and used their products right up to three years ago.

Speaking about support, I found both companies to have outstanding customer support. Sunbelt is based in Key Largo, Florida and has a real support staff, meaning you can call them. They charge nothing for their support and will help resolve your issues. I submitted a ticket with them recently regarding a firewall issue. I received an email directly from the support the support guy. Trend has their US office in California, and their support staff was excellent when I had called them years ago. Both of these companies are far above McAfee (barf) and Symantec when it comes to products and support.

John

I used Trend Micro PCCillin for a couple of years and wound up with a virus. Only time I have ever been infected with a virus. Switched to AVG , paid version with firewall and have had no problems since. The only other AV that I would consider would be Eset Nod 32 which is also good with gaming as it doesn't drag down your system.

madncan52
January 24th, 2013, 09:09 PM
I use Malware Bytes-Antimalware and Spybot Search and destroy. Once a week I update the databases and then reboot to safemode. In safemode Windows only loads safe system files (AFAIK). Malware doesnt get loaded and can't hide itself. Run your malware programs in Safemode then reboot. I have had no problems (knock on wood)

JCitron
January 24th, 2013, 10:06 PM
I used Trend Micro PCCillin for a couple of years and wound up with a virus. Only time I have ever been infected with a virus. Switched to AVG , paid version with firewall and have had no problems since. The only other AV that I would consider would be Eset Nod 32 which is also good with gaming as it doesn't drag down your system.

These two are also good products. My brother uses AVG and has had some good luck with it. Although he has had some issues lately. A scan by Malwarebytes and Vipre showed he had some Trojan Horses hidden on his machine that AVG didn't find. I have done the same with Trend Micro and Vipre against Malwarebytes, and had no issues.

What this proves is if you suspect a virus infection, use multiple scans by various products. Keep in mind that the discovery of malware is only as good as the current product signature. This is not unlike humans catching a cold. Some people may get the bug on Thursday of one week, while other may not catch it because their immune system was already up-to-date.


I use Malware Bytes-Antimalware and Spybot Search and destroy. Once a week I update the databases and then reboot to safemode. In safemode Windows only loads safe system files (AFAIK). Malware doesnt get loaded and can't hide itself. Run your malware programs in Safemode then reboot. I have had no problems (knock on wood)

This correct for many kinds of malware, but not for Root kits. They will load in both Safe Mode and normal boot because of how they intermingle with the operating systems.

http://www.anvir.com/rootkit.htm

The problem with this kind of infection is the way they hide. Using third-party tools such as System Internals' ProcessExplorer and Process Monitor, you can sometimes reveal the actions of the malware and use the tools to remove it from your system.
http://technet.microsoft.com/en-us/sysinternals/bb842062

The problem is that many of the malware bugs are now aware of these tools and will disable them just the same as they do to task manager. I was able to get around this a few times by renaming procexp.exe to procx.exe. This fooled the malware and I was able to disable it then remove it using normal methods.

John