Author Topic: Please help! Computer infected! This one's a doozy.  (Read 2855 times)

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #15 on: June 18, 2012, 12:53:42 PM »
, but I don't use this computer for that I wish I could swear in just this one thread. Can't accurately convey my feelings without it lol. But I'd rather not get banned.

Have you used a usb device on both computers?  How do you know they are not both infected now.  The virus dfoesnt have to display itself right away at the same time. Even baclking up the c drive the virus may already be there as A Trojan  letting ,mmore stuff In.
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline CAP1

  • Radioactive Member
  • *******
  • Posts: 22287
      • The Axis Vs Allies Arena
Re: Please help! Computer infected! This one's a doozy.
« Reply #16 on: June 18, 2012, 12:54:09 PM »
last time i had one of these types of things, i needed to load superantispyware, and malewarebytes onto a thumb drive, and run them on the computer from there. it was booted in safemode to do this.
 when they cleaned everything, i lost a lsp-something or other that then prevented me from logging onto the internet. once reinstalled, i was good to go.
ingame 1LTCAP
80th FS "Headhunters"
S.A.P.P.- Secret Association Of P-38 Pilots (Lightning in a Bottle)

Offline Skuzzy

  • Support Member
  • Administrator
  • *****
  • Posts: 31462
      • HiTech Creations Home Page
Re: Please help! Computer infected! This one's a doozy.
« Reply #17 on: June 18, 2012, 12:55:59 PM »
Wouldn't making a copy of your C: periodically (like once a month) on a separate HDD and then using that to re copy everything once you completely wipe the main? Would obviously disconnect the backup when not in use to keep that from being hit.

Also, thank you for your patience with me, I know a lot about computers compared to the average person (which isn't saying much) but I don't know jack compared to you guys. Always willing to learn though. I wouldn't be as pissed off it was because of that. It would have just meant I had it coming, but I don't use this computer for that seeing as my girlfriend uses it quite often for FB and yahoo and whatnot (all safe sites)

I wish I could swear in just this one thread. Can't accurately convey my feelings without it lol. But I'd rather not get banned.

Today's viruses may sit dormant on your computer for 6 months, or longer, before a trigger event actually causes them to start running.  They do this so it makes it difficult for the user to know where it came from, to take advantage of people who do regularly scheduled backups, and so they can proliferate over your entire network, without your knowledge.

Facebook is absolutely not secure.  It has been hacked too many times.
Roy "Skuzzy" Neese
support@hitechcreations.com

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #18 on: June 18, 2012, 12:58:28 PM »
Its called ransomware basically all you can do is look at thier fake antivirus and either pay the ransom or  hope your a/v works for this. I linked to cnn.com from work and  got a nice little rookit on my system from a google add(you dont even have to click them apperently) we thought we had it  beaten then a few weeks later i start hearing audio ads comeing form my comp.
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Re: Please help! Computer infected! This one's a doozy.
« Reply #19 on: June 18, 2012, 01:12:27 PM »
Today's viruses may sit dormant on your computer for 6 months, or longer, before a trigger event actually causes them to start running.  They do this so it makes it difficult for the user to know where it came from, to take advantage of people who do regularly scheduled backups, and so they can proliferate over your entire network, without your knowledge.

 :bhead :bhead :bhead

Why the hell do scumbags do this? Drag them out of their basements, line them up out back and let the firing squad do the rest.

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #20 on: June 18, 2012, 01:16:35 PM »
:bhead :bhead :bhead

Why the hell do scumbags do this? Drag them out of their basements, line them up out back and let the firing squad do the rest.

Becasue its big business,  Russia is  just no cracking down on these companies, Most folks just pay the money none the wiser.
http://krebsonsecurity.com/2011/08/fake-antivirus-industry-down-but-not-out/
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline tunnelrat

  • Silver Member
  • ****
  • Posts: 1739
Re: Please help! Computer infected! This one's a doozy.
« Reply #21 on: June 18, 2012, 01:36:29 PM »
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Download and run that.

Assuming you can.

There is so much misinformation on "viruses" (which are largely nonexistent today, and is simply a catch-all term used to describe any malicious bit of code) out there... in the past 5 years, of all the corporate/friends/family members that have come to me with their computer equivalent of an STD (because you, almost without exception, do not screw a computer going to legit sites), I have lost ONE machine... and that was due to massive hardware failure (and a profound lack of spare parts for that model of HD).

I run with 0 anti-virus... I facebook it up, get plenty of spam email... and I don't have any issues.  Ever. (I am not at all saying that you shouldn't run without anti-virus)

Keep your programs/operating systems updated... use common sense when surfing/opening stuff...  don't let the kids/grandkids run an admin account (though this isn't full-proof).

Go buy yourself a USB to SATA adapter (preferably a powered one, and if you have the $$$ grab an actual drive caddy) and scan it with Malware-Bytes (and a second opinion if you wish).  This whole concept of simply plugging in an infected device and having it go nuts is 99.9% bollocks.

Whatever Malware Bytes can't fix, ComboFix will storm hammer.  Of course, common sense computing is priceless.

In-Game: 80hd
The Spartans do not enquire how many the enemy are but where they are.

Offline Skuzzy

  • Support Member
  • Administrator
  • *****
  • Posts: 31462
      • HiTech Creations Home Page
Re: Please help! Computer infected! This one's a doozy.
« Reply #22 on: June 18, 2012, 02:02:45 PM »
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Download and run that.

Assuming you can.

There is so much misinformation on "viruses" (which are largely nonexistent today, and is simply a catch-all term used to describe any malicious bit of code) out there... in the past 5 years, of all the corporate/friends/family members that have come to me with their computer equivalent of an STD (because you, almost without exception, do not screw a computer going to legit sites), I have lost ONE machine... and that was due to massive hardware failure (and a profound lack of spare parts for that model of HD).

I run with 0 anti-virus... I facebook it up, get plenty of spam email... and I don't have any issues.  Ever. (I am not at all saying that you shouldn't run without anti-virus)

Keep your programs/operating systems updated... use common sense when surfing/opening stuff...  don't let the kids/grandkids run an admin account (though this isn't full-proof).

Go buy yourself a USB to SATA adapter (preferably a powered one, and if you have the $$$ grab an actual drive caddy) and scan it with Malware-Bytes (and a second opinion if you wish).  This whole concept of simply plugging in an infected device and having it go nuts is 99.9% bollocks.

Whatever Malware Bytes can't fix, ComboFix will storm hammer.  Of course, common sense computing is priceless.



Have to disagree.  Just in my Wife's family alone I know every single computer has some type of virus, spyware, malware, and/or worm on it.  They all run some type of A/V software as well, which I can actually attribute as being the single largest reason for the problems.  They all think the A/V software will take of them and so they do stupid things without thinking about it.

I have seen too many computers infected with some type of virus, worm, malware, and/or spyware with USB memory sticks.  There are, at least, 18 viruses I know of, which will trigger on the USB device change message (this message happens every time you add or remove a USB device to/from your computer).

No one has to take the word from anyone, for any of this.  There are many sites on the Internet which will give you information about confirmed viruses.  How they are delivered, and what to do about them.  Knowing what the vulnerabilities are is a good step in securing your computer  Try http://www.us-cert.gov for starters.

tunnelrat, I do not use any A/V software at all either.  My computer will never have a virus or any other type of "bad" software as every mechanism used for delivering said software is disabled or highly impaired on my computer.  I agree the A/V software industry, as a whole, do everything they can to drive paranoia.  I also know too many people who would turn a blind eye to the problems Facebook has had, and continues to have, with security.

Legit sites have been and continue to be infected with viruses if they are using a Windows OS for the server.  Too many businesses would rather run risky software than update it and risk breaking what they have working.  Or they simply refuse to pay the licensing fees associated with maintaining the software and run the old stuff as long as they can.

My own opinion is ;I would not go over the top on proclamations either way (no viruses versus everything is a virus) as I think it is a disservice to the end user.  The problem with the end user is they are technically ill equipped to deal with some of these viruses today.  No matter how good the tools are, you still have to know how to tell if they really did the job and that is where most end users fail.
« Last Edit: June 18, 2012, 02:04:23 PM by Skuzzy »
Roy "Skuzzy" Neese
support@hitechcreations.com

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #23 on: June 18, 2012, 02:07:29 PM »
Basically ya play with fire ya get burned, better be ready to accept the consequencesI had a scriptt blocker for awhile bvut I can not remember the name of it to save my life.
« Last Edit: June 18, 2012, 02:26:10 PM by Nathan60 »
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline Pigslilspaz

  • Gold Member
  • *****
  • Posts: 3378
Re: Please help! Computer infected! This one's a doozy.
« Reply #24 on: June 18, 2012, 02:35:45 PM »
Well thanks for everyone's input, but I'm going to just wipe it and reinstall my games. To Skuzzy and everyone else, anything I can do to keep this from happening again, aside from the safe browsing stuff. I'm already going to be far more careful with that anyways.

Quote from: Superfly
The rules are simple: Don't be a dick.
Quote from: hitech
It was skuzzy's <----- fault.
Quote from: Pyro
We just witnessed a miracle and I want you to @#$%^& acknowledge it!

Offline Skuzzy

  • Support Member
  • Administrator
  • *****
  • Posts: 31462
      • HiTech Creations Home Page
Re: Please help! Computer infected! This one's a doozy.
« Reply #25 on: June 18, 2012, 02:53:07 PM »
Difficult for me to make recommendations.  My computer does not have Flash installed (if a site requires Flash to be viewed at all, that is a red-flag), no Acrobat (been using Foxit with great success), no Java (not going to happen) and Java script is disabled.

I disable services in Windows which are all 'fluff' (i.e. Themes, Remote Access, Indexing...).  I remove Windows Media player and do not install any such software.

My computer is tailored to run the applications I use, nothing more, nothing less.  I do not 'surf' the Internet.  My 'bookmarks' of sites I go to can be counted on one hand.  I have no use for Facebook.  I barely use email at all.  I insta-delete any email sent to me if it comes from someone I did not send an email to.  I do not play games on my computer.

I also have a dedicated hardware firewall which prevents anything asynchronously attacking my systems.

My computer is primarily used for processing video and audio content I generate and that is it.

So, I am not the best person to ask about typical configurations for a computer.  Most people would scream in terror if they had to rely on my computer configuration to satisfy whatever it is they need to satisfy today.
Roy "Skuzzy" Neese
support@hitechcreations.com

Offline Nathan60

  • Platinum Member
  • ******
  • Posts: 4573
Re: Please help! Computer infected! This one's a doozy.
« Reply #26 on: June 18, 2012, 02:54:27 PM »
Well thanks for everyone's input, but I'm going to just wipe it and reinstall my games. To Skuzzy and everyone else, anything I can do to keep this from happening again, aside from the safe browsing stuff. I'm already going to be far more careful with that anyways.
As Skuzzy says  hes  got his machine on lockldown but he astill doesnt go on risky sites, if you're gonna porn surf do it on a guest account with no admin rights whatsoever and be prepared for the consequences, as for streaming or torrenting that new movie thats just inviting trouble.
HamHawk
Wing III-- Pigs on The Wing
FSO--JG54
CHUGGA-CHUGGA, CHOO-CHOO
Pigs go wing deep

Offline MaSonZ

  • Gold Member
  • *****
  • Posts: 2074
Re: Please help! Computer infected! This one's a doozy.
« Reply #27 on: June 18, 2012, 04:36:03 PM »
Difficult for me to make recommendations.  My computer does not have Flash installed (if a site requires Flash to be viewed at all, that is a red-flag), no Acrobat (been using Foxit with great success), no Java (not going to happen) and Java script is disabled.

I disable services in Windows which are all 'fluff' (i.e. Themes, Remote Access, Indexing...).  I remove Windows Media player and do not install any such software.

Can you explain why you do these points?
"Only the dead have seen the end of war" - Plato
HogDweeb

Offline Skuzzy

  • Support Member
  • Administrator
  • *****
  • Posts: 31462
      • HiTech Creations Home Page
Re: Please help! Computer infected! This one's a doozy.
« Reply #28 on: June 18, 2012, 04:59:13 PM »
Several reasons.  Flash is full of security holes.  Adobe is just starting to address the most egregious ones.  It was never designed to be secure.
Java and javascript can easily be used to access almost anything on you computer, and are a primary delivery tool for bad things.

Take Facebook.  There is nothing that Facebook should be doing that requires the use of Java.  The fact any site requires Java to be enabled is a big red flag to me.

The 'fluff' stuff are just resource hogs with no real benefit to me.  I do not care what my desktop looks like.  It is there for me to use to run applications.  My Windows 7 partition looks like Windows 98, including all the gray frames and menu bars.

I do not have any need for media players on my computer. Windows Media players likes to 'call home' periodically and I see no reason for that.  I do not 'stream' anything from the Internet at all.  That is just asking for bad things.  It is trivial to embed bad programs in any data stream.

Am I paranoid?  A bit.  I have over 8TB of data to protect on my home systems.  I err to caution because I cannot imagine losing all that data.
Roy "Skuzzy" Neese
support@hitechcreations.com

Offline Dragon

  • Platinum Member
  • ******
  • Posts: 7055
      • AH JUGS
Re: Please help! Computer infected! This one's a doozy.
« Reply #29 on: June 18, 2012, 05:09:24 PM »


Am I paranoid?  A bit.  I have over 8TB of data to protect on my home systems.  I err to caution because I cannot imagine losing all that data.

Do you use an off site service as backup or stick with in house raid?
SWchef  Lieutenant Colonel  Squadron Training Officer  125th Spartan Warriors