Internet Security 2012 malware and the like. How to prevent?

Sharky Forums


Results 1 to 13 of 13

Thread: Internet Security 2012 malware and the like. How to prevent?

  1. #1
    Mako Shark Kung_Fu_Fighter's Avatar
    Join Date
    Aug 2001
    Location
    from Colorado, lost on LV426
    Posts
    3,529

    Internet Security 2012 malware and the like. How to prevent?

    You know the kind. Some program installs on your PC and starts running a scan and says your PC is infected and you have to buy the hackers fake profgram to fix it. Depending on the virus you can't access your antivirus programs or msconfig to get rid of the thing. Is there anything else I can do other then keeping my virus databases up to date or finally forking over the coin for something other then the free stuff? I use the Spybot Teatimer resident for real time protection and Malwarebytes to get rid of the virus once it's on my PC. I have not been updating Spybot once a week like they suggest but now I may have to.

    Anybody in the business know if these types of attacks are on the upswing or have I just been lucky? I got hit by one of these 7 months ago and never previously and now I have been hit twice in one month.

    Here's what I have been using but you may have to GOOGLE your own fix if these don't work. Just put the name of the virus in your search engine. That's how I found the stuff linked to below. nuke-M was the only thing that worked one time. That was a fun couple of hours I can tell you.

    Stops the virus so you can run your cleaning programs or get into msconfig:

    RKill - What it does and What it Doesn't.

    nuke-M
    You don't need PC Tools from the site, just your regular virus removal program. I used Malwarebytes and it worked fine. This is simply the only site I have found nuke-M for download.

    TDSSKiller.

    Virus removal:

    Backdoor.Tidserv Removal Tool.
    __________________


    "So, Lone Star, now you see that evil will always triumph because good is dumb." - Dark Helmet

    100% Green Poster. ZERO Carbon Emissions.

    Demetrius I of Macedon was offended when the Spartans sent his court a single envoy, and exclaimed angrily, "What! Have the Lacedaemonians sent no more than one ambassador?" The Spartan responded, "Aye, one ambassador to one king."

  2. #2
    Hammerhead Shark cat5e's Avatar
    Join Date
    Oct 2003
    Location
    NYC
    Posts
    2,630
    The Best way is to Boot with a cleaning bootable cd/dvd/flas media.

    Example, http://bluecollarpcwebs.wordpress.co...b-flash-drive/

    .


    CAT5e
    Microsoft, MVP - Networking
    .

  3. #3
    Mako Shark wh666-666's Avatar
    Join Date
    Jul 2006
    Location
    In a red kennel
    Posts
    4,577
    Yup cat5e. What I do is slave peoples HDD's up, scan them and remove the crap. Or sometimes rescue files and then reformat .... Whichever is quicker
    Compaq A910em: T2330 dual core 1.6Ghz, X3100 384MB GPU, 160GB sata HDD, 2GB RAM
    Gaming rig: Asus Striker II, Coolermaster GX 750w, E4600 @ 2.4Ghz, 2.5GB RAM, Zerotherm FZ 120, 9500GT 1GB
    Server: Mac mini running W23k Server - 1.8Ghz dual-core, 1GB RAM, 1x80GB, 2x500GB externals + LTO1 tape backup

    An important petition, regarding your human rights:
    https://www.change.org/en-GB/petitio...r-both-genders

  4. #4
    Mako Shark Kung_Fu_Fighter's Avatar
    Join Date
    Aug 2001
    Location
    from Colorado, lost on LV426
    Posts
    3,529
    Quote Originally Posted by cat5e View Post
    The Best way is to Boot with a cleaning bootable cd/dvd/flas media.

    Example, http://bluecollarpcwebs.wordpress.co...b-flash-drive/

    .
    Thanks guys, I'll check that out.
    __________________


    "So, Lone Star, now you see that evil will always triumph because good is dumb." - Dark Helmet

    100% Green Poster. ZERO Carbon Emissions.

    Demetrius I of Macedon was offended when the Spartans sent his court a single envoy, and exclaimed angrily, "What! Have the Lacedaemonians sent no more than one ambassador?" The Spartan responded, "Aye, one ambassador to one king."

  5. #5
    Hammerhead Shark [PinPals]Apu's Avatar
    Join Date
    Feb 2003
    Location
    Sheboygan, WI
    Posts
    2,288
    I've been seeing these viruses pop up quite a bit on customers computers lately. Theres not a whole lot you can do to prevent them (besides user training in safe browsing) and they seem to bypass and shut down every anti virus out there.

    Way I clean them is fairly quick and easy. Boot into safe mode, run ComboFix, reboot, and use MalwareBytes to clean up the leftovers.
    My armor is Contempt
    My shield is Disgust
    My sword is Hatred
    In the Emperor's Name
    LET NONE SURVIVE

  6. #6
    Mako Shark
    Join Date
    Jan 2001
    Location
    VA
    Posts
    3,277
    I for one am getting tired of dealing with this issue. I just spent the afternoon removing Win 7 antivirus 2012 from a friends computer. Party the night before and some idiot got it infected streaming music. This is not a new issue you would think someone could block this. I have my clean boot drive to clean my computer but that was not an option there.

  7. #7
    Hammerhead Shark cat5e's Avatar
    Join Date
    Oct 2003
    Location
    NYC
    Posts
    2,630
    Yeah in this days and age I keep a bootable Cleaner Flash Drive as well.

    Microcenter sells cheap 4GB Drive for few $$$.


    .


    CAT5e
    Microsoft, MVP - Networking
    .

  8. #8
    Mako Shark Learux's Avatar
    Join Date
    Nov 2001
    Location
    Santa Clarita ,CA
    Posts
    3,410
    Happened to me once, had great results with free mbam

    Very good spyware, worm trojan etc remover, plays great with other anti virus programs.

    http://www.malwarebytes.org/products/malwarebytes_free
    GA-MA790GPT-UD3H, AMD Phenom ll 955,
    Lian Li PC-60 PLUS, HD5850
    ----------------
    Resist the devil, and he will flee from you!

    "Congress shall make no law respecting an establishment of religion."

    When thou seest an eagle, thou seest a portion of genius; lift up thy head!

    2kr1b1r/Bpp3pp/1N2p1n1/4p1q1/4P3/2Q5/PPP2PPP/3R1RK1 b - - 6 15

  9. #9
    Mako Shark
    Join Date
    Jan 2001
    Location
    VA
    Posts
    3,277
    Quote Originally Posted by cat5e View Post
    Yeah in this days and age I keep a bootable Cleaner Flash Drive as well.

    Microcenter sells cheap 4GB Drive for few $$$.


    .

    Do you have a full OS bootable Flash drive. I played with AVG's bootable flash drive last night. It was limited. I would like to make a bootable flash drive that will let me run my personal suite of cleaners. Malwarebytes is good. I have about a dozen different things I like to run to clean an infected drive.

  10. #10
    Mako Shark wh666-666's Avatar
    Join Date
    Jul 2006
    Location
    In a red kennel
    Posts
    4,577
    Only way to prevent it is to install something like bufferzone, which virtualises/sandboxes your browser ...

    http://www.trustware.com/
    Compaq A910em: T2330 dual core 1.6Ghz, X3100 384MB GPU, 160GB sata HDD, 2GB RAM
    Gaming rig: Asus Striker II, Coolermaster GX 750w, E4600 @ 2.4Ghz, 2.5GB RAM, Zerotherm FZ 120, 9500GT 1GB
    Server: Mac mini running W23k Server - 1.8Ghz dual-core, 1GB RAM, 1x80GB, 2x500GB externals + LTO1 tape backup

    An important petition, regarding your human rights:
    https://www.change.org/en-GB/petitio...r-both-genders

  11. #11
    Mako Shark
    Join Date
    Jan 2001
    Location
    VA
    Posts
    3,277
    Quote Originally Posted by Learux View Post
    Happened to me once, had great results with free mbam

    Very good spyware, worm trojan etc remover, plays great with other anti virus programs.

    http://www.malwarebytes.org/products/malwarebytes_free
    I was able to get Malwarebytes after restoring to a preinfected restore point and deleting some files be hand. But generally once you get infected the malware prevents the usual antivirus/malware software from starting. It also deletes all the programs from program menu. Booting from a clean disk is still the best way of dealing with it.

  12. #12
    Hammerhead Shark Nabby's Avatar
    Join Date
    Jun 2001
    Location
    Legoland
    Posts
    2,611
    Windows Defender offline tool worked on two machines with this issue. Ran it once to clean it and another to make sure. Rebooted and was able to run mbam within windows which picked up a few other small items but it worked.
    Antec Three Hundred Two | Intel DP67BA | Intel 2600k | Corsair CWCH60 | CORSAIR Vengeance 16GB (PC3-12800) | PNY GTX 580 | Samsung 830 256GB SSD | WD RE4 2TB (WD2002FYPS) | Asus Xonar DG Sound | LG Blu-Ray Burner | Windows 7 Ultimate x64

    Work:
    Macbook Pro 15" Retina Display | 8GB Ram | 256GB SSD | Mac OS 10.8

  13. #13
    Hammerhead Shark dyne's Avatar
    Join Date
    May 2002
    Location
    The mistake on the lake.
    Posts
    2,965
    I currently have a thumbdrive populated with Keypass. If I made an offline Defender would you need to format and dedicate the entire drive to the app?
    my rig

    cpu: Intel Core i5-2500K @ 4.5ghz
    mobo: AsRock Z68 Extreme4
    ram: 4x4gig GSkill Ripjaw X ddr3 1866
    cooler: Cooler Master Hyper 212 Plus
    mouse: Logitech G500
    video: MSI GeForce GTX 670 OC 2GB
    hdd(s): Crucial M4 SSD 240 gig (Windows 7)
    Western Digital 1.5 TB (data drive)
    dvd +/- r: Pioneer 111D D/L
    monitor: 24" Westinghouse L2410NM
    psu: PC P&C 610W
    chassis: NZXT Phantom

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •