Jump to content


Please note: You can easily log in to MPN using your Facebook account!

OT: Help! My PC is under attack!


Phil W

Recommended Posts

Help!

 

I've never suffered too much with spyware or viruses, trojans etc. I guess I've been lucky.

Since September we've had junk mail with viruses daily; trojan attacks and worst of all now unsolicited windows popping up for winfix, Drive Cleaner and even a Dell Advert. These appear every 20 minutes or so without having to be on Webpage that normally has popups: they seem to be geteting in another way. They try to load software without me OKing it andare hard to close.

I'm running IE6 (maybe it's time to switch but I need my favourites); Norton Antivirus 2006(which detects but doesn't seem to effectively remove Winfix); Windows XP; Ad-aware and Pop-up killer (seems very ineffective).

I've deleted the temporary Internet filesanand cookies. I'm stiill getting the attacks. I'm guessing I'm badly affected with stuff that has hacked my registry.

Guys, I wouldn't post this stuff here but I'm desperate. Someone else might have gone through similar and at least there are people here I can trust. I've tried googling and found all sorts of message boards but they're way too hard for me to understand.

 

Any ideas?

 

Phil

Link to comment
Share on other sites



  • Replies 42
  • Created
  • Last Reply

Immediate actions I would do :

 

- Update your antivirus virus database now

- Do a complete scan of all disks including archives

- Do a similar scan for malware/spyware

- Take note of the virus/malware names

- Do a search on the Net about those infections to get proper procedures to get rid of them (can be auto-files or lists of manual actions like stuff to do in regedit, manual deleting of files, etc.)

- Check complete config of Internet options, IE and e-mail software to be "safer" (amongst others : flush the temp files and/or cookies at every IE closure, no mail preview window in your e-mail software, etc.)

- Avoid using software like Messenger or similar opened doors thingies. If absolutely necessary, config them with max security (accept only messages and mail from people you know in your list, etc.)

- If you are constantly online (read : hi-speed connection), install a firewall such as ZoneAlarm ASAP

Link to comment
Share on other sites

Thanks Cydonia,

I've updated the AV database. Norton detects annd 'removes' the Winfix but it just crops up again half an hour or so later.

I've done the scan.

I've got the malware names and have searched but the stuff I've found looks way too complex for me. I've done registry editing before but I can't get my head round some of the suggestions Ii've seen (plus- I don't know who to trust).

Good idea to seti IE to flush temp files automatically - i've actually just downloaded and installed Mozilla Firefox and set iit as my default browser so hopefully that'll help.

Yes, my ISP updated the speed of my connection in September so that's no coincidence. I was relyiing onn Norton for the Firewall - obviously ineffectiv. I'll try Zonealarm but iknow this will slow thinngs down a little.

Thanks mate!

Link to comment
Share on other sites

Depending on your OS. You may have windows messenger enabled. This would explain your sudden popups even when your browser is down

 

Click here to find out how to disable it in XP

 

For any other OS google disable windows messenger

MY Toys - Kurzweil PC1X, Roland A-90, Yamaha KX88, Yamaha CS1x, Novation 49SL MkII, Presonus Studiolive 16.4.2, JBL PRX615M

 

My Music Page

Link to comment
Share on other sites

Originally posted by garrafon:

Ad Aware and Spybot Search and Destroy are two good free (to individuals) programs to help remove spyware.

I use these as well as one called "Hijack this!" - I think that was the name. I managed to clean up my computer will a combination of these programs.

Korg Kronos X73 / ARP Odyssey / Motif ES Rack / Roland D-05 / JP-08 / SE-05 / Jupiter Xm / Novation Mininova / NL2X / Waldorf Pulse II

MBP-LOGIC

American Deluxe P-Bass, Yamaha RBX760

Link to comment
Share on other sites

Part of your problem may be replication. Many spyware, adware and viruses replicate themselves and when you delete the file, the other file/s either recreate it or take over the process. Being able to effectively find all the infected files in this case would be the key. You may or may not be able to delete some of these problems. If you can't you need to so a search, as was mentioned before, and get specific instructions for removing them. I kknwo first hand what a pain in the a$$ this is. I hope you get it resolved quickly.

 

A preventive suggestion I have for you is to get a firewall. A good firewallk wil let you configure it so you have to allow program want access to the internet as well as stopping incoming stuff. Your virus program should alos have an email checker which should alert you to any issues. When I get a virus in an email, I get a pop up warning me not to open it. See if Norton has these settings.

Begin the day with a friendly voice A companion, unobtrusive

- Rush

Link to comment
Share on other sites

Yes, Norton has always blocked email viruses in a similar way to yours, the problem has come from another source. I'm thinking I need a better firewall. Norton AV includes one but it's obviously not doing the job. Would ZoneAlarm do or do I need something even fiercer?

 

So far I've updated to Ad Aware SE which has found and solved 5 problems (including registry problems) and downloaded SpyBot Search and Destroy which has taken care of another 7. I'm now running Windows Defender as a Beta which is scanning as I type. I've switched to Mozilla Firefox and am going to download a program which blocks Windows Messenger.

 

Then I need to take care of the firewall.

 

I always did fine before and saw myself as fairly internet savvy, even advising colleagues at work. I guess nobody's safe now.

 

I know I'd sooner be a musician than a virus/worm/spyware designer. How fulfilling can that be? :freak:

Link to comment
Share on other sites

Rule one about PCs is to always have a separate computer for your music... completely disconnected from the net. Then you don't have to bog your music computer down with anti-virus programs and spyware blockers.

 

You can usually get two PC's with P4, 2.5 gHz, 256MB RAM for well under the cost of a single equivalent Mac, so you still come out ahead.

Kurzweil PC3, Yamaha MOX8, Alesis Ion, Kawai K3M
Link to comment
Share on other sites

Phil, it's true that the amount and diversity of malware today is staggering. What's beyond me is what benefits do virus creators get? I never understood this. Maybe someone can explain? I suppose mankind is a weird species. :freak:

 

As I mentioned before, I recommend disabling the preview pane in your Outlook Express or e-mail software. Many people don't realize that as soon as an infected mail is previewed, it's usually too late, unless your AV is good enough to block it. In other words, a simple one click select (not double click) is enough. By disabling the preview window, you can delete all BS mails without risks.

 

ZoneAlarm is very good. Actually, it's so sensitive to all sorts of risks it's almost annoying on its default config, but once you understand the different "threats", you can personalize it to your taste and habits.

 

Unfortunately, certain new virus/malware need manual cleaning, as they create all sorts of BS files and "autoresurrect" registry entries. Takes some time, but once you update your protection, you should not need to do this so often.

 

And again, I can't over emphasize this enough, stay away as much as possible from MSN-like messengers and other wide open door thingies, or configure them for minimum risks. ;)

Link to comment
Share on other sites

What I'm going to say may rile a few:

 

On another forum where I regularly participate, the consensus is that Norton isn't just a piece of crap, it's an expensive piece of crap. Not only that, it can be very difficult to get rid of; I'm speaking from experience. Hint: it's higly advertised - if it was any good, by now it would have legions of followers that would have made the shareholders millionaires. Yet they keep advertising - I'm suspicious. Sorry, but these are not just my personal opinions - the forum I speak of has quite a few computer geeks that know their stuff. They wouldn't touch Norton/Symantec with the proverbial long pole.

 

I've been using AVG Free version on three machines for about four years with never a problem. However there are some caveats:

 

1. Get a hardware router even if you have only one computer - they will increase your protection immensely. I've run a test, and there was one port that could be found, but it couldn't be accessed.

 

2. The XP guru where I deal on computers believes that the firewall in XP is as good as any. That's what our three machines use. Why install and pay for something you already have.

 

3. The other programs mentioned such as Spybot are also effective.

 

4. The most effective preventive measure was mentioned by Jazzwee I believe. I NEVER open any unsolicited e-mail, particularly on my music machine.

 

5. Personally (and in the opinion of those others) Zone Alarm should be avoided - it is also very difficult to get rid of.

 

 

Glenn K

Link to comment
Share on other sites

Posted by Synthizen:

Rule one about PCs is to always have a separate computer for your music... completely disconnected from the net.

 

Yep I learned this lesson the hard way. If Ididn't back up my music stuff I would have lost everything to a virus/spyware problem.

Begin the day with a friendly voice A companion, unobtrusive

- Rush

Link to comment
Share on other sites

I have to agree with Glenn about Norton (I was too shy to say it). Sometimes very difficult to uninstall. Except he forgot to mention it's also a resource hog. :D

 

I personally use Avast. It's free, reliable and uses much less resources. :cool:

Link to comment
Share on other sites

Originally posted by synthizen2:

Rule one about PCs is to always have a separate computer for your music... completely disconnected from the net. Then you don't have to bog your music computer down with anti-virus programs and spyware blockers.

Not always so easy to do, when your VSTi's and other music software require activation via the internet.

Moe

---

 

Link to comment
Share on other sites

Cydonia:

 

Yes, Avast is the other one I couldn't think of - thanks for mentioning it. It's also considered to be a good one by the "gurus".

 

And your comment about Norton the resource hog is right on, and one of the good reasons to kill it (or never conceive it).

 

I was'nt going to connect my music machine, but in order to download updates to my music software, I found it essential.

 

 

Glenn

Link to comment
Share on other sites

Good advice here! Just for the records, since installing ADSL last month, I've had several problems with spam, viruses, and spyware attacks. I got rid of them by doing three things:

 

- Running Search and Destroy;

- Enabling Windows Firewall;

- Blocking popups on Explorer.

 

Occasionally I have to re-enable the popups in order to use some functions in a few sites, but I always remember to block them again; when I forgot to do it once, the spyware started to infiltrate again. BTW it seems that on my system, this particular combination of settings works well for some reason.

 

I still have Norton installed, but it's a cosmic piece of excrement. The only reason why I haven't disinstalled it is, a couple of friends tried to do exactly that recently, and both had their whole system messed up heavily. :mad:

 

BTW I would advice everyone to get a cheap PC just for the net. It's just too risky for music programs and files.

Link to comment
Share on other sites

If you have an old PC around you can look into something like this- http://www.smoothwall.org/

 

Basically you would be using the second machine as your firewall...you can also configure a regular Linux box as your gateway(firewall) machine if you want to try Linux out.

 

Here at home my girlfriend and I have five machines networked through this- http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVS318.aspx

 

She's running XP Media Center Edition, Win2k, and Ubuntu Linux on her machines and I run XP Media Center Edition and SuSE Linux on my two machines. Each of our machines have software firewalls installed as well...the XP machines are running the XP firewall as well as Sygate Personal Firewall and the Linux machines are using their OS firewalls.

 

For AV we use F-Prot...small footprint but does it's stuff and the definition updates are almost daily.

 

We both use Firefox for our browsers, Thunderbird for our mail, and Sunbird for our calendars.

 

I've moved both my Net Cache and Temp directories to one of my secondary drives on my XP machine to get better performance on my main drive(Windows and Apps).

 

A few tips...don't open email attachments without at least a virus scan and perhaps a confirmation from the sender, don't click on crap because it shows up in your browser-find out how to close it instead (alt+F4 will close the window currently in focus ;) ), and finally keep your "real" email address only for close friends and family and use something like hotmail for your other communication needs!

 

Get a Mac.
It's not raining here ;)

 

 

Darkon the Incandescent

http://www.billheins.com/

 

 

 

Hail Vibrania!

Link to comment
Share on other sites

Originally posted by Darkon the Incandescent:

Get a Mac.
It's not raining here ;)
Heh, and in 10 years on the net with a variety of Macs, I've never used a firewall or an anti-virus/spyware/malware app, and I've never had an issue. Oh, and my net machine has always been my music machine.

 

It definitely not raining here. :wave:

A ROMpler is just a polyphonic turntable.
Link to comment
Share on other sites

Originally posted by kanker, apparently:

Originally posted by Darkon the Incandescent:

Get a Mac.
It's not raining here ;)
Heh, and in 10 years on the net with a variety of Macs, I've never used a firewall or an anti-virus/spyware/malware app, and I've never had an issue. Oh, and my net machine has always been my music machine.

 

It definitely not raining here. :wave:

Dictionary.com is our friend:

 

mack?in?tosh? [mak-in-tosh] Pronunciation Key - Show IPA Pronunciation

noun

1. a raincoat made of rubberized cloth.

2. such cloth.

3. Chiefly British. any raincoat.

Also, macintosh.

 

[Origin: 183040; after Charles Macintosh (17661843), its inventor]

 

Related forms

mack?in?toshed, adjective

Dictionary.com Unabridged (v 1.0.1)

Based on the Random House Unabridged Dictionary, © Random House, Inc. 2006.

American Heritage Dictionary - Cite This Source

mac·in·tosh (mkn-tsh) Pronunciation Key

n.

Variant of mackintosh.

I'm a diehard Mac guy and will sing their praises all day long, but being overly pithy about one's choice of computer, is well, silly.

Current live rig: Roland RD700SX, Hammond XK-3 with Leslie System 21, and Muse Receptor. Also a Nord Stage 76 other times instead. And a Roland FP-7 for jazz gigs.

HOME: Kawai MP8 + a bunch of VI's.

Link to comment
Share on other sites

Originally posted by Phil W:

Yes, Norton has always blocked email viruses in a similar way to yours, the problem has come from another source. I'm thinking I need a better firewall. Norton AV includes one but it's obviously not doing the job. Would ZoneAlarm do or do I need something even fiercer?

 

So far I've updated to Ad Aware SE which has found and solved 5 problems (including registry problems) and downloaded SpyBot Search and Destroy which has taken care of another 7. I'm now running Windows Defender as a Beta which is scanning as I type. I've switched to Mozilla Firefox and am going to download a program which blocks Windows Messenger.

 

Then I need to take care of the firewall.

 

I always did fine before and saw myself as fairly internet savvy, even advising colleagues at work. I guess nobody's safe now.

 

I know I'd sooner be a musician than a virus/worm/spyware designer. How fulfilling can that be? :freak:

I've heard of problems with zonealarm but I've been using it for years with very few problems(very few=I'm being honest)

 

As for AV software I prefer a program called NOD32, it's the best AV software I've used yet, updates for it are quick and painless plus NOD32 consumes very little system resources. I find that it keeps my system better protected then Norton and it stays out of my way, if your interested I'll give you the address to the site I bought my copy from.

 

And in response to all of this Mac Vs. Pc(with Windows) Vs. Linux- I've used them all to a certain extent but I have the most exp. with Windows, if most of the Pc's used in homes,schools, etc. were Mac's their would be loads of malware, spyware and virues for them.

It all depends on market share, when a virus writer writes a virus they want to affect as many computers as possible yet target one platform.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...