Malware attack (1 Viewer)

ShiftZZ

LIFE MEMBER
Feb 19, 2008
21,378
84,088
Dark Side of the Moon
Funster No
1,546
MH
A class
Exp
Since 2007
Just recovered from a Malware attack, Microsoft Security Essentials alert (fake software).

I appear to have managed to get back, but the following is still an issue.

Cant connect using any browser, I can PING but not surf.

Tried to use restore point, that failed also?

Any suggestions?

ShiftZZ
 

Jim

Ringleader
Jul 19, 2007
36,186
128,607
Sutton on Sea, UK
Funster No
1
MH
Adria Panel Van.
Exp
Since 1988
Easy, take out the DVD that you used to take a back up disk image of your C-drive using Acronis or the built in disk image software. Restore the disk image, back up and running in 15 minutes. ::bigsmile:

If you have not done that, then download Malwarebytes, this should remove it for you. Then buy acronis::bigsmile:
 
OP
OP
ShiftZZ

ShiftZZ

LIFE MEMBER
Feb 19, 2008
21,378
84,088
Dark Side of the Moon
Funster No
1,546
MH
A class
Exp
Since 2007
Backup on home server

Malwarebytes - running, removed infection, but it still stops IE/|Firefox/chrome from getting out.

D

Subscribers  do not see these advertisements

 

GJH

LIFE MEMBER
Aug 20, 2007
29,450
38,828
Acklam, Teesside, originally Glossop
Funster No
127
MH
None, now sold
Exp
2006 to 2022
A couple of weeks ago one of our machines was attacked by one of the fake software scams.

Malwarebytes didn't sort it for some reason and neither did going back to a recent restore point.

I sorted it by going back to a restore point about a month old. It appears that some of these scams corrupt recent restore points.
 

MikeandCarolyn

Free Member
Mar 18, 2008
2,170
1,467
Worle,North Somerset
Funster No
1,860
MH
Coachbuilt
Exp
Since 2009
As said,the free Malwarebytes usually sorts it-the PAID for version actually prevents the attack in the first place. ::bigsmile:

Mike.

Subscribers  do not see these advertisements

 

moandick

Free Member
Jul 28, 2007
1,312
112
Landrake, Cornwall
Funster No
24
MH
Euro-shed
Exp
40 +
Out of concern for Jan .. on her Dell.. how was this malicious infection contracted ?

I had a similar attack several weeks ago - which apparently 'piggy-backed' in on top of a standard email. Not detected by AVG, Norton or any other darn program - but it was cleared by Malwarebytes process taken from somebodies 'post' on here.

Everything back to normal except that my lifelong email address of: moandick@aol is defunct and should never be opened by anybody!

Dick
 

Jim

Ringleader
Jul 19, 2007
36,186
128,607
Sutton on Sea, UK
Funster No
1
MH
Adria Panel Van.
Exp
Since 1988
As said,the free Malwarebytes usually sorts it-the PAID for version actually prevents the attack in the first place. ::bigsmile:

Mike.

I agree, a lot of protection for a little outlay. My paid-for version stops at least one attack every day. For those that don't know, the paid for version is the same as the free version, except it works in real time protecting you as you surf. The free version needs to be started manually, and you are normally only doing this after you have been infected.

It does not interfere with most mainstram antivirus programs and I thoroughly reccomend it:thumb:
 
OP
OP
ShiftZZ

ShiftZZ

LIFE MEMBER
Feb 19, 2008
21,378
84,088
Dark Side of the Moon
Funster No
1,546
MH
A class
Exp
Since 2007
Just made some changes. Teh Malware, has changed my LAN settings and home page settings...


ShiftZZ

Subscribers  do not see these advertisements

 

hilldweller

LIFE MEMBER
Dec 5, 2008
605
36,108
Macclesfield
Funster No
5,089
MH
Zilch Mk1
Exp
From Aug 2007
It does not interfere with most mainstram antivirus programs and I thoroughly reccomend it:thumb:

The free AVG says it has anti-spyware, so is malwarebytes needed as well ?

Trouble is these programs are the quack doctors of the computer world. We can never be sure if what they say they find is a real threat or a false positive or just a lie to make them look good.
 

GJH

LIFE MEMBER
Aug 20, 2007
29,450
38,828
Acklam, Teesside, originally Glossop
Funster No
127
MH
None, now sold
Exp
2006 to 2022
Out of concern for Jan .. on her Dell.. how was this malicious infection contracted ?

I think the one that hit us was connected to a web site visited inadvertently. It was not long after we bought the Samsung eReader so were doing ebook searches for the first time. Scammers sometimes set up fake web sites which come up in Google searches. You visit them thinking they are innocent and as the page opens the malware is downloaded.

Normally Microsoft Security Essentials (or other security software) will trap the problem, especially if the malware tries to execute immediately. The one that hit us, though, hid until the PC was next switched on and then got in before MSE initialised and was able to stop it doing so.
 

Jim

Ringleader
Jul 19, 2007
36,186
128,607
Sutton on Sea, UK
Funster No
1
MH
Adria Panel Van.
Exp
Since 1988
how many DVD's does it take to backup a 120gig drive? Is it even feasable?

The drive image software uses compression, but you will need a few if your disk is full. I keep some of my disk images on another hard disk, attached by USB in a £10 drive enclosure, and backups of those on a 32gb thumb drive
 
Jun 2, 2010
4,924
11,286
Flintshire
Funster No
11,891
MH
Low profile
Exp
since 2010
Brian asked the question, is malware the same as spyware? I also use AVG free that gives spyware protection and would like to know if it is sufficient

Subscribers  do not see these advertisements

 

GJH

LIFE MEMBER
Aug 20, 2007
29,450
38,828
Acklam, Teesside, originally Glossop
Funster No
127
MH
None, now sold
Exp
2006 to 2022
Sundance

How did you get rid of the infection?

ShiftZZ

By going back to a restore point about a month old. The problem happened towards the end of December

Tried running Malwarebytes and that didn't work so started in Safe Mode and restored to a day or two before. That didn't work so I guessed that the malware had done something to the recent restore points.

Restarted in Safe Mode again and reverted to a restore point from the beginning of December. That worked OK and it was then simply a matter of downloading and re-applying the Windows updates that had been applied in the meantime.

Subscribers  do not see these advertisements

 

G4GMO

Free Member
Sep 6, 2007
444
15
Herefordshire
Funster No
230
MH
A Class
Exp
Since 2007
At the risk of getting boring

you could reduce the risk of problems considerably by moving to Linux.

Keep getting friends and relatives dumping their computers in my lap to fix, now I tell them to expect nothing more than a factory restore. So fed up with cleaning malware from windows.

Quite often the restore points get infected. I tried to restore to very old restore points on the computers handed to me and couldn't. The effort to remove the malware was just too time consuming. As long as your data is backed up regularly it's probably easier to do a factory restore. Having said that it is quite time consuming in itself but less effort.

With a Linux live cd (downloadable from the web for free and burnt to a cd) you can easily recover your data then do a factory restore if you've got a big enough usb memory stick or external hard drive. Might take some effort but easier and more effective than trying to fix major malware attacks.

Sorry if this isn't what you want to hear but it is one way around the problem. :restmycase:
 

G4GMO

Free Member
Sep 6, 2007
444
15
Herefordshire
Funster No
230
MH
A Class
Exp
Since 2007
No argument Jon. Trouble is some of us have to run Windows because the software we need just isn't available on other platforms :Smile:

No Graham, I do understand but there is an awful lot of similar software to replace it. Unfortunately there is some software that isn't replicated in Linux. Although some windows software will run under wine in Linux of course.

My main point is that if you back up your data then a factory restore is probably the easiest way to get a windows computer back up and running if a restore point doesn't achieve this. I say easy but it can take a long time but may be less hassle in the long term.

Malware attacks seem to be getting more complex and difficult to sort out than they used to be.
 
Last edited:

G4GMO

Free Member
Sep 6, 2007
444
15
Herefordshire
Funster No
230
MH
A Class
Exp
Since 2007
Of course there is the risk that your backed up data is 'infected' and you end up back to square one.

At the risk of boring everybody........... :Blush:
 

GJH

LIFE MEMBER
Aug 20, 2007
29,450
38,828
Acklam, Teesside, originally Glossop
Funster No
127
MH
None, now sold
Exp
2006 to 2022
No Graham, I do understand but there is an awful lot of similar software to replace it. Unfortunately there is some software that isn't replicated in Linux. Although some windows software will run under wine in Linux of course.
Yes, but, as posted on another thread a week or two ago, it depends what type of software. As regards the genealogy software which we use to print large family tree charts there simply isn't any equivalent to the facilities of Windows based programs running under any other OS.

My main point is that if you back up your data then a factory restore is probably the easiest way to get a windows computer back up and running if a restore point doesn't achieve this. I say easy but it can take a long time but may be less hassle in the long term.
Yes again - and something I had to do (not for virus recovery) on a number of occasions under Win 98. Not something that has been a problem (for us anyway) since the advent of XP, although I have rebuilt systems for others who have "turned a drama into a crisis" by not knowing what they are doing.

Malware attacks seem to be getting more complex and difficult to sort out than they used to be.
As with most things, prevention is better than cure.

Subscribers  do not see these advertisements

 
OP
OP
ShiftZZ

ShiftZZ

LIFE MEMBER
Feb 19, 2008
21,378
84,088
Dark Side of the Moon
Funster No
1,546
MH
A class
Exp
Since 2007
Graham

Tried that, nothing, all the restore points going back dont want to play, even in safe mode...

I have a backup of the data .

Looks like a restore...


ShiftZZ
 

G4GMO

Free Member
Sep 6, 2007
444
15
Herefordshire
Funster No
230
MH
A Class
Exp
Since 2007
As unlikely as it sounds have you tried running ccleaner? Not a malware remover as such and I doubt it will fix it but you've nowt to lose by trying it. If you don't already have it you could download it on another pc and install it.

Hope you get it sorted.
 

GJH

LIFE MEMBER
Aug 20, 2007
29,450
38,828
Acklam, Teesside, originally Glossop
Funster No
127
MH
None, now sold
Exp
2006 to 2022
Tried that, nothing, all the restore points going back dont want to play, even in safe mode...
I have a backup of the data .
Looks like a restore...
Pity, but it does look like it if you can't get rid of the infection.

As unlikely as it sounds have you tried running ccleaner? Not a malware remover as such and I doubt it will fix it but you've nowt to lose by trying it. If you don't already have it you could download it on another pc and install it.

Hope you get it sorted.
The only other software I can think of is SuperAntispyware. Didn't suggest it earlier as Malwarebytes hadn't shifted the beggar. But, if it is a case of try anything before a full restore then it might be worth it.

Just a daft thought. Does the malware show up in Task Manager? If it's a "get you to buy software that's not needed" program rather than a virus it might be installed separately rather than taking over a genuine file. If you can identify the program name you might be able to delete (rather than uninstall) the file(s) and then use Malwarebytes or a registry cleaner to clear up the residue.

Pity you're not closer to Tees-side.

Subscribers  do not see these advertisements

 

Join us or log in to post a reply.

To join in you must be a member of MotorhomeFun

Join MotorhomeFun

Join us, it quick and easy!

Log in

Already a member? Log in here.

Latest journal entries

Funsters who are viewing this thread

Back
Top