G oog le BadWeB | Login/out | Topics | Search | Custodians | Register | Edit Profile


Buell Forum » Quick Board » Archive through November 06, 2014 » Holy Adware, Batman « Previous Next »

Author Message
Top of pagePrevious messageNext messageBottom of page Link to this message

Fresnobuell
Posted on Thursday, September 18, 2014 - 12:23 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

This adware/malware has taken over my computer. Apparently NOrton does NOT protect you from this crap....I installed malwarebytes and it took off a bunch of stuff, but not everything.

Any suggestions on free programs that will search/destroy this stuff. It's driving me nuts to say the least.

Thanks,.
Top of pagePrevious messageNext messageBottom of page Link to this message

Midknyte
Posted on Thursday, September 18, 2014 - 12:58 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

AVG used to have an online scanner / remover. If you can still find it at the site that'd give you a chance to let it have a shot at it without installing yet another one...
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Thursday, September 18, 2014 - 01:11 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Spybot search and destroy is another good one.

If you can get the hard drive out of that system, and it isn't encrypted, put it in some kind of external enclosure and walk it over to a clean system. Mount it as a data drive (don't boot from it), and run the scan / clean tools on that mounted drive.

Once the malware gets a foothold, it can compromise all the tools the cleanup software can use to find and fix things. The malware holds the high ground.

Removing the drive and scanning it from another known clean host means any malware is killed in its sleep... It never gets the chance to run.

To be totally safe, reinstall from scratch after a format is the only real way.
Top of pagePrevious messageNext messageBottom of page Link to this message

Froggy
Posted on Thursday, September 18, 2014 - 01:13 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Ditch Norton, use Microsoft Security Essentials. It is free, and built into Windows 8 but a quick download for XP/Vista/7.

MalwareBytes and SuperAntiSpyware are my two picks for removing malware that is already on the machine.

All the above can be downloaded and installed in one click from https://ninite.com/

You may need to boot Windows into Safe Mode to do the scans if the malware is persistent.
Top of pagePrevious messageNext messageBottom of page Link to this message

Aesquire
Posted on Thursday, September 18, 2014 - 01:44 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I got a nasty bug a few years back that first thing disabled my antivirus software. And did not allow any anti-adware program to work either, also it blocked downloading pretty much anything mentioned above.

None of the above mentioned programs was able to beat it.

I ended up getting a trial copy of ESET and have now run the paid full program for 4 years. It killed the virus and is only marginally intrusive as far as "this website is evil..." notices go.

I rate it as a pro or serious hobbyist program, because it is NOT the most user friendly easy to set up program, but the default setting are usually good. It's also overkill unless you inhabit 4-chan or do porn sites, in which case you need a condom and chain mail. ( I don't do either, but I like the program )

Microsoft Security is pretty good, I've had good results with Malwarebytes & Super Antispyware... ( except for the one virus )

Also check out http://www.mcafee.com/us/downloads/free-tools/stin ger.aspx

I wouldn't use any Mcafee program, or Norton, since they have become intrusive, adware programs themselves, that resist removal, and are jealous and mess with other programs, but the Stinger is a stand alone that goes after one thing. If you don't have that thing, it's harmless and easy if you do, it may be nearly the only way to fix it.

Good luck.

WARNING not WORK SAFE or for children
Top of pagePrevious messageNext messageBottom of page Link to this message

Natexlh1000
Posted on Thursday, September 18, 2014 - 02:15 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

What flavor of adware is it?

Browser hijack?
Top of pagePrevious messageNext messageBottom of page Link to this message

Jaimec
Posted on Thursday, September 18, 2014 - 02:20 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I have a copy of Parted Magic. It's a stand-alone, bootable CD that contains all kinds of disk recovery tools, one of which is ClamAV.

Boot from the CD, run ClamAV. It'll download the latest anti-virus signatures before running, and then do a complete scan of all of your attached drives. Since you're booting from a CD, there's no way it can itself get infected.

Last time I looked, Parted Magic was $4.99 for a one time download that you can burn to as many CDs as you like. I used it primarily to take full backups of my drives but it contains quite a few useful tools as well.

http://partedmagic.com/
Top of pagePrevious messageNext messageBottom of page Link to this message

Fresnobuell
Posted on Thursday, September 18, 2014 - 05:44 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)


quote:

Browser hijack?




Pretty much. It will open new tabs in the Browser and also a small video ad will play in the lower right corner. It slows the system down to a ridiculous slow speed in addition to the other stuff.

Also certain words are double underlined and different colors, almost like hyperlinks, although I haven't clicked on one intentionally to see what they do.

My browsing is pretty tame, but I know the 11 year old and his friends at home don't show much discretion with what they click. Easily enticed as you might say.

Thanks for the suggestions, everyone.
Top of pagePrevious messageNext messageBottom of page Link to this message

Froggy
Posted on Thursday, September 18, 2014 - 06:14 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Check your browser extensions and disable anything you don't recognize
Top of pagePrevious messageNext messageBottom of page Link to this message

Etennuly
Posted on Friday, September 19, 2014 - 11:26 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

My wife's Windows 8 laptop locked up a week or so ago. She finally found that Norton WAS the problem itself. She found a tiny little box on the blank screen that led to a Norton sales page. When she opened it, she hit all of the cancel boxes as quickly as she could before any of the pages opened. Since then she has had her lap top back.

Yeah thanks Norton for your security help.
Top of pagePrevious messageNext messageBottom of page Link to this message

Fresnobuell
Posted on Friday, September 19, 2014 - 01:25 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I am done with Norton myself.

Froggy, good tip. I went in there and the adware program was plain as day...disabled it. It will probably come back, but as of right now it SEEMS like i have control of my computer.

+1
Top of pagePrevious messageNext messageBottom of page Link to this message

Phelan
Posted on Saturday, October 11, 2014 - 10:28 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Keep in mind that a lot of adware installs and uninstalls like programs so antivirus and anti malware won't catch it. Most of the time they are piggy backed on much more commonly used programs, especially "free" versions. Be careful and read over every page of every installer and uncheck boxes as necessary and it will help cut down a lot on these.
Top of pagePrevious messageNext messageBottom of page Link to this message

Mr_grumpy
Posted on Saturday, October 11, 2014 - 10:37 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

+1 on what Phelan says.

If you're still having problems a "restore" to a date before the problem started may help.
Top of pagePrevious messageNext messageBottom of page Link to this message

Pwnzor
Posted on Saturday, October 11, 2014 - 11:00 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I have trouble understanding why my new laptop with Windows 8.1 pro came with McAfee preloaded on it, and Microsoft Security Essentials disabled.

Took me a solid 30 minutes to get all traces of McAfee out of the system, and guess what, now it's running like it should.
Top of pagePrevious messageNext messageBottom of page Link to this message

Mr_grumpy
Posted on Saturday, October 11, 2014 - 11:08 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Hey Matt, if you don't like the windoze 8 interface, you can install Classicshell. It's free & gives you the same look & function as 7.

My Netbook came the same way, I stripped all the McAfee out & just use the MS tools.
Top of pagePrevious messageNext messageBottom of page Link to this message

Phelan
Posted on Saturday, October 11, 2014 - 11:23 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

When I did IT for STC, mcafee or norton came on all the machines when we got them. The first thing I would do was uninstall, reboot and uninstall, reboot to get them off. We generally just used Avast and Malwarebytes for general security and made sure people didn't install anything themselves. That took care of 99.9% of the issues.
Top of pagePrevious messageNext messageBottom of page Link to this message

Blake
Posted on Saturday, October 11, 2014 - 11:31 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Apple
Top of pagePrevious messageNext messageBottom of page Link to this message

Court
Posted on Saturday, October 11, 2014 - 11:59 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Apple

. . . . what is this malware you speak of?
Top of pagePrevious messageNext messageBottom of page Link to this message

Crusty
Posted on Saturday, October 11, 2014 - 12:18 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

If an Apple a day keeps the doctor away,
Then what does an Onion do?
*
*
*
*
*
Keeps everybody away.
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Saturday, October 11, 2014 - 12:20 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)


quote:

apple... what is this malware you speak of?




Better hidden and less common...
Top of pagePrevious messageNext messageBottom of page Link to this message

Kenm123t
Posted on Saturday, October 11, 2014 - 06:02 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Apple Nice but the BMS world is Microsoft
Apple was the way early in the industry but they neglected it and it went MS
Top of pagePrevious messageNext messageBottom of page Link to this message

Jaimec
Posted on Saturday, October 11, 2014 - 07:08 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Don't you Apple users be so smug in light of recent events. NO system is completely secure:

http://www.zdnet.com/apple-issues-os-x-patch-for-s hellshock-7000034170/

Though I'd point out my Ubuntu system was patched the day the vulnerability was first disclosed...
Top of pagePrevious messageNext messageBottom of page Link to this message

Aesquire
Posted on Saturday, October 11, 2014 - 10:35 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Um...... aren't all those cell phone nudes of actresses hacked and loose on the net from Apple's Icloud?

Not a virus.... or adware, but when they told me to keep all my stuff on the "cloud" I just laughed.... still am.
Top of pagePrevious messageNext messageBottom of page Link to this message

Jaimec
Posted on Saturday, October 11, 2014 - 11:33 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Yeah, saving MY stuff to "the cloud" never made ANY kind of sense. When I save my stuff it is to a physical drive over which I and I alone have access, and it is definitely NOT accessible from the network.

It's also why I prefer old fashioned POP3 E-Mail over IMAP or any of these web-based E-Mail services. Let me suck it down OFF the server onto MY computer where I control how long I retain it.

Call me old fashioned...
Top of pagePrevious messageNext messageBottom of page Link to this message

Court
Posted on Saturday, October 11, 2014 - 11:56 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Apple's Icloud?

The one's today were Snap Chat.

Did anyone ever REALLY believe those nude pics just "vaporize" the moment someone looks at them?

The only thing in the world that doesn't become part of the permanent archive? . . . .Lois Lerner's e-mail.
« Previous Next »

Add Your Message Here
Post:
Bold text Italics Underline Create a hyperlink Insert a clipart image

Username: Posting Information:
This is a public posting area. Enter your username and password if you have an account. Otherwise, enter your full name as your username and leave the password blank. Your e-mail address is optional.
Password:
E-mail:
Options: Post as "Anonymous" (Valid reason required. Abusers will be exposed. If unsure, ask.)
Enable HTML code in message
Automatically activate URLs in message
Action:

Topics | Last Day | Tree View | Search | User List | Help/Instructions | Rules | Program Credits Administration