more malware attacks me :(

Nivarion

Brony level >9000
Super Member
Registered
Joined
Sep 6, 2008
Messages
1,679
Reaction score
151
Location
texas
i have gotten attacked by another set of malware. i can't find a name on this one, or where it came from. my little brother found it and told me about this "thing asking him about trojan horses." he doesn't know where he got it at though.

i ran up and closed it, it had gotten on and had a list of our drives. if you want an example of what it was saying.

the closed OS read only hard drive had 56 trojans on it, the main hard drive had 20, the printer had 50 and the 1gig thumb drive, that had nothing on it, had 45 of them.

and this happened just 20 minutes after norton finished its scans. gave me an all clear.

now, any one know what the name of this one is. oh and it had that stupid thing where if you close one window it opens the first.
 

Clair Dickson

A dark core to every cloud
Super Member
Registered
Joined
Jun 28, 2008
Messages
2,557
Reaction score
571
Location
SE Michigan
Website
www.bofexler.blogspot.com
Um... that's all you have to give us? No name? Most malware that "scan" for trojans either don't find any or put them there.

Without a name, it's going to be hard to figure out how to help you. Some of the nasty malwares (like Antivirus2009) can't be removed with any regular virus/ malware scanner. Least not that I found. I could only take it off with Malware Bytes. Twice I had to get it on the school computers b/c Symantec couldn't even find the malware (even as it let the trojans in. I call one computer Troy.)

I also like Avira for virus scanning.

If it's like many malware, it'll pop back up with a window for you. Also, check your system tray and Programs menu for anything new...
 

dpaterso

Also in our Discord and IRC chat channels
Staff member
Super Moderator
Moderator
Super Member
Registered
Joined
Feb 12, 2005
Messages
18,802
Reaction score
4,591
Location
Caledonia
Website
derekpaterson.net
What you've posted sounds more like a report from a spyware program that had detected something and was bringing it to your attention.

If you haven't already, try downloading PC Tools Spyware Doctor from http://pack.google.com

-Derek
 

Nivarion

Brony level >9000
Super Member
Registered
Joined
Sep 6, 2008
Messages
1,679
Reaction score
151
Location
texas
actually the name is what im looking for, i can't find it any where, and my bro just stumbled on it, so i don't even know how it started the attack. i can normally figure out what it is, but the start of the attack is about the only time i can find it. when i got to it was at the looping part that can only be ended with the task manager.


Is malware bytes free? if so it would be a lot easier than entering my C: drive and deleting it by hand. I's so's poor's no's cash at alls
 

Williebee

Capeless, wingless, & yet I fly.
Super Member
Registered
Joined
May 11, 2007
Messages
20,569
Reaction score
4,814
Location
youtu.be/QRruBVFXjnY
Website
www.ifoundaknife.com
Ad Aware is free for personal use

Spybot S&D (Search and Destroy) is free

Windows Defender is free (like a warm puppy). Actually, it's not that bad.

Malwarebytes has both free and paid elements.

In most cases they'll identify it and give you the name of the beastie, even if they can't beat it.
 

Angelinity

absent
Super Member
Registered
Joined
Aug 6, 2006
Messages
2,765
Reaction score
1,059
oh dear, you want to try and remove this by hand? sorry, i don't think that's going to work... these little buggers weave into your applications and your registry and can multiply like... well, a virus!

sounds like you need some proper gate keepers, especially if this is not the first time. symantec is not the most effective antivirus, i had a nightmarish experience last year and switched to AVG and SuperAntiSpyware. try them.
 

Ol' Fashioned Girl

Hand? What hand?
Kind Benefactor
Super Member
Registered
Joined
May 31, 2005
Messages
15,640
Reaction score
6,849
Location
Last Star on the Right
Website
www.jenniferdahl.com
Hope I'm not being nosy... but what are y'all doing to keep getting this crap? Are you downloading freeware? Surfing unsafe sites? I've been on the 'net since before the 'net was a twinkle in Gore's eye, and I haven't gotten one virus or one bit of malware. (Knocking on wood.)
 

Clair Dickson

A dark core to every cloud
Super Member
Registered
Joined
Jun 28, 2008
Messages
2,557
Reaction score
571
Location
SE Michigan
Website
www.bofexler.blogspot.com
Well, since oyu asked OFG-- I don't get anything on my home computer, but we get stuff on the school computers. The guy who uses Mac's doesn't seem to understand that when he goes and downloads stuff from random sites on the internet, you can get viruses on a Windows Machine. (If internet surfing is like having unprotected sex, Macs are male-- and won't catch much if anything, and Windows PCs are female and can catch everything...) Of course, we're having trouble getting the staff to NOT log in as 'staff' but rather as Limited User.

And lastly, I don't know where my students go... but they just clicky clicky anywhere. If they get a warning, sure, they'll install this new virus scanner program that popped up... without realizing they've now just installed a dreadful piece of door-opening malware. (Our Symantec scanners the district installed has not stopped a single piece of malware, nor did it find the trojans that were let it. The free copies of Avira and Malware bites, however, found and removed them. And yet I'm not allowed to become the tech manager for our little school. =/)
 

Ol' Fashioned Girl

Hand? What hand?
Kind Benefactor
Super Member
Registered
Joined
May 31, 2005
Messages
15,640
Reaction score
6,849
Location
Last Star on the Right
Website
www.jenniferdahl.com
AVG has done a wonderful job on our five here at home and our six at work (where a couple of the guys have been caught on the pron sites...). It''ll stop you from going any further when it detects a malware or virus. If you do a search (goodle or yahoo), it gives you an icon at the end of each link to show whether it's safe to go there or not. I dumped Symantec and McAfee a couple years ago.
 

Williebee

Capeless, wingless, & yet I fly.
Super Member
Registered
Joined
May 11, 2007
Messages
20,569
Reaction score
4,814
Location
youtu.be/QRruBVFXjnY
Website
www.ifoundaknife.com
Macs are male-- and won't catch much if anything, and Windows PCs are female and can catch everything...

What a nice analogy.

I've discovered that, with a well applied group policy, and a lovely tool called Windows Steady State, (steady state returns you computer to what you want it to be everytime you restart. NOTE: This is not a tool used casually.) I can keep the kids from getting into much trouble.

The school administrators, who insist on having elevated privileges on their machines, on the other hand.... They represent the majority of my cleaning and repairing time.
 

Clair Dickson

A dark core to every cloud
Super Member
Registered
Joined
Jun 28, 2008
Messages
2,557
Reaction score
571
Location
SE Michigan
Website
www.bofexler.blogspot.com
Oh my-- I'm gong to have to look into the Steady State more. That might be the answer to our problems. (And the thing is, it's not like the kids are malicious, just foolish and goofy.)
 

Tirjasdyn

Outline Maven
Super Member
Registered
Joined
Jun 21, 2005
Messages
2,182
Reaction score
183
Location
Mountain of my own Making
Website
michellejnorton.com
Here's one way to find out some of the sticky things in windows:

Right click on the start bar, choose Task manager...click on the process tab.

If you don't recognize a process in the list...type the name of it (including the extension) into google. You should get a site telling you what it is...if it's needed and how to get rid of it if it is a virus or malware.

In the mean time tell the mac guy to quit going to porn sites. :D
 

mario_c

Your thoughts are not real...
Super Member
Registered
Joined
Apr 7, 2008
Messages
3,880
Reaction score
685
Location
here
Website
www.mariocaiti.com
Ad Aware is free for personal use

Spybot S&D (Search and Destroy) is free

Windows Defender is free (like a warm puppy). Actually, it's not that bad.

Malwarebytes has both free and paid elements.
I support the top 2 at my dayjob - they're included with the software suite we sell - and they rock. Defender is if you use Vista, and if you're broke or have an old computer AVG is a fine anti-virus solution.
 

Nivarion

Brony level >9000
Super Member
Registered
Joined
Sep 6, 2008
Messages
1,679
Reaction score
151
Location
texas
really, i don't know where they are getting me from. the sites i visit any more are AW, Funny-games.biz, Jagex, Wikipedia and youtube. my brothers have narrowed down to just about that too. Funny-games was suspect, but they are a business and the owner keeps sure that there are no little buggers on it. the other month he shut the site down due to malware alarm getting on.

i don't know what he was doing when he got the virus though i can speculate... he is just now a teenager... you know...
 

Tirjasdyn

Outline Maven
Super Member
Registered
Joined
Jun 21, 2005
Messages
2,182
Reaction score
183
Location
Mountain of my own Making
Website
michellejnorton.com
really, i don't know where they are getting me from. the sites i visit any more are AW, Funny-games.biz, Jagex, Wikipedia and youtube. my brothers have narrowed down to just about that too. Funny-games was suspect, but they are a business and the owner keeps sure that there are no little buggers on it. the other month he shut the site down due to malware alarm getting on.

i don't know what he was doing when he got the virus though i can speculate... he is just now a teenager... you know...

Being a business doesn't stop malware attackers from hijacking a website. It happens. One got to a Jewish camp website I manage. That sucked.
 

Nivarion

Brony level >9000
Super Member
Registered
Joined
Sep 6, 2008
Messages
1,679
Reaction score
151
Location
texas
Being a business doesn't stop malware attackers from hijacking a website. It happens. One got to a Jewish camp website I manage. That sucked.


this i know. but he is making quite a bit of money (the site has a massive traffic, and the advertising space goes for more than the operating cost) so I'm pretty sure that he isn't going let some viruses on to start driving people away.
 

Cassiopeia

Otherwise Occupied
Super Member
Registered
Joined
Aug 1, 2006
Messages
10,878
Reaction score
5,343
Location
Star to the right and straight on till morning.
You'd be surprised how lax a business owner can be even if they are making a lot of money. Again, gaming sites are notorious for malware and trojans. I have McAfee for free because of my ISP provider but I still run Ad Aware and Spybot and I also have ZoneAlarm on my pc. However, that won't help you if someone in your house is on the network and going places that they ought not to be. You need to remember, you click on one link and it takes you to a website, well YOU opened the door and it is allowed to come in.

Get a stand alone firewall set up. Get an old pc and reformat the hard drive. Get a free copy of IPCop or Adian and set it up. It's not hard to run and you learn a new skill in using a Linux based program.
 

Mac H.

Board Visitor
Super Member
Registered
Joined
Feb 16, 2005
Messages
2,812
Reaction score
406
Given the incredible vague description, it could be almost anything.

OK, let's try some simple questions:

1. You say "It had a list of our drives".
What is 'it'? If 'it' is displaying a list of drives etc, then it would seem to be one of those nasty fake virus scanners that are just trying to get you to pay online for a 'virus scanner' to 'clean' problems that it pretends to find.

If so, then it would have some kind of name, some kind of link etc. Does it?? They yu

2. Has it happened again? If it is a true malware attack like the fake virus scanner that it sounds like, it will happen again. So just see what happens in future .. .but be extra careful about sharing USB sticks etc in the meantime. (Some write themselves as an invisible autorun.exe/autorun.inf on the USB stick, in the hope that someone was stupid enough to enable 'autoplay' on their system. If that someone is you, it could have even infected you via your USB stick .. you put the stick in an infected computer and it infects you.

Here's a good link if it is what we suspect.

http://blog.eches.net/security/how-to-remove-fake-antivirus-2008/

Good luck!

Mac
 

Nivarion

Brony level >9000
Super Member
Registered
Joined
Sep 6, 2008
Messages
1,679
Reaction score
151
Location
texas
it happened about three more times that i know of, though i wasn't there to deal with them on them of them. i haven't been using that computer since it is the family comp and i have my own.

it hasn't happened again since, so i don't know what happened. i sure hope one of the younger ones didn't accept it. oh god i hope...

i also found the source. you know those "push the button to win 50 grand" banners that are always coming up on the internet. one of my brothers, the second from youngest, has been clicking them. I got all of my brothers together and explained, patiently, that those were scams that were breaking the computer every time they clicked on them. and then i updated the add block.


im feeling much better now that i have cut off at least one of the sources. i also have further proof that it isn't any of the sites I use, since i have been running this comp for almost a month on the internet, with no anti-virus or maleware anything and have yet to get squat. :) although... it may not be a good idea.