Matt Colonel Offline Everyone at SHADO drinks coffee! Posts: 2391 Location: Coventry, RI Computer Virus Mar 13th, 2011 at 6:49pm Print Post I just spent most of the morning getting rid of a nasty browser hijacking type virus. I'm not sure but I might have picked it up using Imageshack. This one managed to slip by both Symantec and MSE and the only way I was able to get rid of it was to delete all of the system registry keys associated with Internet Explorer, followed by a reset of same. After a full system scan, Spybot S&D was able to find some of it, and MSE (Microsoft Security Essentials) ID'd it as White Smoke. Somebody has way too much time on their hands! > As much as I don't like Vista, the computer at work was able to stop this beasty before it could do any damage and I was on Imageshack, when it happened. Tinypic seems to be okay, I'll use that from now on. What do you mean, we're out of coffee! WWW IP Logged
Librarian IAC Member Offline I may be blonde but... Posts: 658 Location: Washington (not DC) Re: Computer Virus Reply #1 - Mar 13th, 2011 at 11:40pm Print Post Yeah there a a couple of 'formerly good' sites I used to frequent - then something happened to them and I'm pretty sure I got infected going there - and it was a nasty one. Not many malware designers are going after XP anymore. Luckily I had full backups and I changed virus scanners - so far so good. I do know that if you absolutely have to, you can take your hard-drive out, slave it to a well-protected machine and clean it that way. I've done that a couple times for friends. BTW, I use Avast since that last virus I got, got past MSE and AVG. PC Pitstop ID'd the bugger, but it was touch and go for a while. And I've spent way too much time cleaning machines that had Symantec on them. If you only have one solution to a problem - you're not trying. IP Logged
Matt Colonel Offline Everyone at SHADO drinks coffee! Posts: 2391 Location: Coventry, RI Re: Computer Virus Reply #2 - Mar 14th, 2011 at 12:08am Print Post This one was quite nasty, slaving the hard drive to my server was going to be my next step. The problem with this latest batch of malware is some of it has to be removed manually. I spent about three hours this morning cleaning the system registry by hand, not fun. Symantec Corporate works well most of the time, but every now and then one of these baddies will slip through. I suspect that this one as been on my laptop for a couple of weeks, it was doing weird things. A friend of mine uses Avast and he got whacked a couple of weeks ago. It's a game of mouse vs mousetrap. I would avoid Imageshack, I'm quite sure that was were this beasty was hiding. It might be a good idea to start a thread of sites to avoid. What do you mean, we're out of coffee! WWW IP Logged
Neesierie Colonel Offline Straker, somehow it's always about you. Posts: 990 Location: Fulton, MO Re: Computer Virus Reply #3 - Mar 14th, 2011 at 1:05am Print Post Avast rocks! I used to have tons of trouble with stuff from sites my ex would get on, and once my computer tech put me wise to Avast, none of them got through. My tech uses Avast to clean up problems on all the comps that get sent to him to debug. It really works. The sky is not the limit; nor are the stars. WWW IP Logged
Matt Colonel Offline Everyone at SHADO drinks coffee! Posts: 2391 Location: Coventry, RI Re: Computer Virus Reply #4 - Mar 14th, 2011 at 1:30am Print Post I'll give Avast a try. What I've found with some of these bugs is, different AV programs seem to find different bugs but none seems to get all of them. I think this one is new, I've never seen it before. Oh well, I'm running again. What do you mean, we're out of coffee! WWW IP Logged
Librarian IAC Member Offline I may be blonde but... Posts: 658 Location: Washington (not DC) Re: Computer Virus Reply #5 - Mar 14th, 2011 at 7:26pm Print Post I have Avast running on all my machines - one thing I've found is that machines that aren't turned on almost everyday seem to be at a greater risk when they do get turned on - Windows and the anti-virus software needs to update before doing anything and that may take awhile. My hubby has one machine that gets turned on about once a week and that's the one that gets attacked - he goes and checks his email before all the updates are in place. The computer security sites recommend making sure you get the Tuesday Security updates from Microsoft on things you may not think you need - like MSIE even if you're using a different browser. And sometimes the anti-virus takes a while to downdown its updates. I also check my machines through PCPitstop.com at least once a month. I heartily recommend them. Yeah, to get the full clean-up costs money, but I find it's well worth it. They've saved my *ss more than once. If you only have one solution to a problem - you're not trying. IP Logged
Matt Colonel Offline Everyone at SHADO drinks coffee! Posts: 2391 Location: Coventry, RI Re: Computer Virus Reply #6 - Mar 14th, 2011 at 8:27pm Print Post I'm all about the Super Tuesday updates. One precaution I do take is locking down the browser on my file server. Other than auto updates, that system doesn't get used for any web surfing or downloading. Any files that I need to download to it are done with another computer and scaned before transfering them to the server. It's not fool proof but it should cut down on the risk of browser hijacks. I'm going to check out PCPitstop as well, it never hurts to have more tools in your arsenal. What do you mean, we're out of coffee! WWW IP Logged