|
|
04-11-2011, 05:28 PM | #1 | |
Stay positive, don't give up
Join Date: Dec 2001
Casino cash: $2839383
|
Quote:
|
|
Posts: 46,226
|
04-11-2011, 03:15 PM | #2 |
sorta mod-ish
Join Date: Jan 2004
Location: KC North
Casino cash: $2151616
|
And I'm gonna take you up on your recommendation, Fish. Our desktop is relatively new, and I don't want it to get fried out.
|
Posts: 103,050
|
04-11-2011, 03:27 PM | #3 |
Ain't no relax!
Join Date: Sep 2005
Casino cash: $868919
|
If the malware has infected the machine, it may be screwing with your internet settings. Hence the malware warning when viewing the M$ site. I'd download Malwarebytes, then reboot into Safe Mode and run Malwarebytes from there. Then after you've run a complete scan in Safe Mode and hopefully removed the malware, I'd boot back up normally and run it again.
And you won't be disappointed with Malwarebytes Pro. It's worth every stinkin penny IMO....
__________________
|
Posts: 48,232
|
04-11-2011, 03:28 PM | #4 |
Stay positive, don't give up
Join Date: Dec 2001
Casino cash: $2839383
|
My dads cpu is getting alot of avast shit too saying its blocked like js shit like 200 times...while malwarebytes was running it popped up 20 times.
running spybot, and malwarebytes in safe right now...going to dl microsoft sec. essentials next. Also spybot found and removed a browser hijacker registry on svchost or whatever. |
Posts: 46,226
|
04-11-2011, 03:38 PM | #5 |
Ain't no relax!
Join Date: Sep 2005
Casino cash: $868919
|
Once you run Malwarebytes Pro a little while, you'll be shocked at the frequency of the attack attempts on your machine. It will pop up a little dialog box every time it blocks something harmful. Which you'll eventually have to turn the dialog box off, because it's popping up all the damn time and becomes annoying. But it serves as a good reminder of how much harmful shit is out there waiting to exploit something on your machine.
__________________
|
Posts: 48,232
|
04-11-2011, 03:44 PM | #6 |
Ain't no relax!
Join Date: Sep 2005
Casino cash: $868919
|
Also, while this thread is humming....
If you haven't upgraded Firefox >= 3.6.16, you really should do so. There was an SSL certificate authority that was recently compromised, and some legit certificates were stolen. Some of which includes login.live.com, login.yahoo.com, login.skype.com, and mail.google.com. Meaning that those pages could potentially be spoofed and you'd never know the difference, giving hackers your info. Both Firefox and IE could be affected by this. So if you haven't updated your browser recently, DO IT NOW! More info: http://www.microsoft.com/technet/sec...y/2524375.mspx http://blog.mozilla.com/security/201...-certificates/
__________________
|
Posts: 48,232
|
04-11-2011, 03:46 PM | #7 |
Stay positive, don't give up
Join Date: Dec 2001
Casino cash: $2839383
|
Ran Malware bytes in safe along with spybot and it was clean. if i go to the cc cleaner website or microsoft security essentials avast keeps detecting that its a bad site and stops it, weird!
i got sec. essentials another way and am installing |
Posts: 46,226
|
04-11-2011, 04:17 PM | #8 |
Stay positive, don't give up
Join Date: Dec 2001
Casino cash: $2839383
|
Well i ran MSE as well as malwarebytes, spybot S&D and nothing has been found, no threats. I noticed now avast isnt going batshit crazy by trying to open the MSE site or CC Cleaner site. weird
|
Posts: 46,226
|
04-11-2011, 08:00 PM | #9 |
Stay positive, don't give up
Join Date: Dec 2001
Casino cash: $2839383
|
So i guess all those false positives with avast put a bunch of .js files from the temp internet files in there, i assume its safe to leave it there? they show no viruses but there is so many of them that i can't restore all without manually selecting since some are real malware viruses from the past.
|
Posts: 46,226
|
04-11-2011, 09:09 PM | #10 |
Kind of a mod
Join Date: Aug 2005
Location: Donkey Land
Casino cash: $586899
|
On a random Avast side note, any of you ever had it lose its ability to access the internet? I got a little minor gremlin a week or so ago. I removed it immediately, and it really didn't do anything, but somewhere in the removal process something got screwy. Avast won't update, and if I turn the web shield on, all my browsers are blocked.
I've done a full uninstall/reinstall, all of the typical scanners come up clean, everything seems fine, etc. Hosts file is fine. Hijack this doesn't seem to have anything out of the ordinary. Everything works fine except that one program. I almost don't even care (it's just my media center pc), but it's got me stumped. |
Posts: 52,304
|
04-13-2011, 01:16 PM | #11 | |
Supporter
Join Date: Sep 2005
Location: St. Joe
Casino cash: $9994900
|
Quote:
|
|
Posts: 36,287
|
04-13-2011, 04:36 PM | #12 |
Kind of a mod
Join Date: Aug 2005
Location: Donkey Land
Casino cash: $586899
|
Yup. But that's it. Everything else is peachy. I can manually update it by downloading the file from Avast, and that works fine. Scans come up clean. I can't use the web shield (since that works as a proxy that sends all HTTP communications through Avast), but that and updating are really the only issues.
|
Posts: 52,304
|
04-13-2011, 04:58 PM | #13 | |
Ain't no relax!
Join Date: Sep 2005
Casino cash: $868919
|
Quote:
You might try Avast's uninstaller app... http://www.avast.com/uninstall-utility Usually when they release their own uninstall app, it's because the Windows one isn't sufficient in some cases. I'd uninstall through windows, then run the Avast uninstall and let it clean up anything the Windows uninstaller might have missed. Then reinstall newest version. You might try and uninstall/reinstall with another admin account too. Determine if it might be a user setting specific to your account.
__________________
|
|
Posts: 48,232
|
04-13-2011, 06:51 PM | #14 | |
Kind of a mod
Join Date: Aug 2005
Location: Donkey Land
Casino cash: $586899
|
Quote:
It's kind of a weird issue. It doesn't really matter that much, but it's certainly perplexing. |
|
Posts: 52,304
|
05-11-2011, 09:25 AM | #15 | |
Ain't no relax!
Join Date: Sep 2005
Casino cash: $868919
|
Google Image Poisoning and FakeAV attacks
FYI on Google Image Poisoning.... which is the general cause for the FakeAV popups that so many people have issues with. These FakeAV programs are rather tricky, in that they're not easily classified, and they never work the same. Therefore, your various AV/Spyware/Malware scanners might not think that it's malicious behavior at the time of infection. The FakeAV attacks seem to come in 3 flavors of increasing complexity: 1) "The Nag". Terminate the process and delete the file. Doesn't care that you run other programs. 2) "The Pain in the Ass". Doesn't let you run any exe because it latches into the .exe file registry keys. We have an inf that reverts the registry change, then we terminate and delete the exe. 3) "The Real Pain in the Ass". Does the same as number two, but has the additional side effect of fudging permissions all over the system. It screws them up so bad that you can't run any of your applications anymore. When computers get these, we usually just reimage them. But they can be salvaged if it's worth a bit of work to you. If you've experienced these, here's why you got it, and here's how to prevent it in the future. Full article: http://isc.sans.edu/diary/More+on+Go...oisoning/10822 Another very In-depth article with additional info: http://blog.unmaskparasites.com/2011...earch-results/ Quote:
__________________
|
|
Posts: 48,232
|
|
|