Go Back   Forums @ The Digital Fix > Gadgets and Gizmos > Computing Forum

Reply
 
Thread Tools Display Modes
Old 02-09-2008, 19:30   #321
driver8
eviscerate your memory
 
driver8's Avatar
 
Join Date: Jan 2003
Location: Malé, Maldives
Posts: 11,272
Thanks: 2,296
Thanked 2,454 Times in 1,052 Posts
Quote:
Originally Posted by marke View Post
up till today had zone alarm but uptated and slowed system right down so need a alternative please ?
Quote:
Originally Posted by driver8 View Post
Try Avast (or AVG with linkscanner disabled)

and Kerio (or Comodo if you like tweaking) as firewall (Zonealarm too resource-intensive ?)
driver8 is offline   Reply With Quote
Old 16-09-2008, 14:27   #322
Guest 10611
http://www.no2id.net
 
Join Date: Aug 2001
Location: Just found out I'm living in Oceania, thanks Gordon
Posts: 1,893
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Jimmyboy View Post
Anybody else been hit with virtumonde? It seems to be everywhere.
Windows live scanner gets rid of it.
Guest 10611 is offline   Reply With Quote
Old 23-09-2008, 21:48   #323
MetalGearAl
Trusted User
 
MetalGearAl's Avatar
 
Join Date: Dec 2000
Location: Thereabouts
Posts: 19,654
Thanks: 28
Thanked 60 Times in 34 Posts
Blimey, a 17 page thread! Hard to find the info I need

Getting a new laptop tomorrow, a fresh clean system, and would like to start on the right track with keeping it that way. But, I'm also cheap, so always tend towards freeware. I'm currently using Avast!, Spyware Doctor and Spyware S+D as all of my protection in my desktop. For firewall just using Windows Firewall.

I know some people don't like Avast!, but I've always got on with it. Any reason not to trust the other 2 pieces of software? I haven't had any problems AFAIK, but for all I know my current system could be teeming with nasties and I have no idea!

Both current PC and laptop I get tomorrow will be XP. So if anyone has some good recommendations of what I should do as soon as I get it, besides putting on that software, I'd love to hear it!
MetalGearAl is offline   Reply With Quote
Old 24-09-2008, 08:07   #324
driver8
eviscerate your memory
 
driver8's Avatar
 
Join Date: Jan 2003
Location: Malé, Maldives
Posts: 11,272
Thanks: 2,296
Thanked 2,454 Times in 1,052 Posts
well, I'd say you needed a firewall - Kerio (Sunbelt PF) or Comodo as above, both free

'cos afaik, unless it was fixed with sp3, the windows xp firewall only stops incomings (so any nasties that get through can easily connect outwards after logging your keystrokes).

depends what you get up to really - if you're lurking in the web's nether regions (warez, p2p, pr0n sites, messenger !) or regularly share usb devices with friends without adequate protection (!) then you're much more susceptible to infection.

nothing wrong with spyware doctor and S&D - I only update/run these things every few months.

winpatrol is good for monitoring your startup - memory resident (low resource) - and asks you if anything tries to sneak in.
driver8 is offline   Reply With Quote
Old 24-09-2008, 17:32   #325
MetalGearAl
Trusted User
 
MetalGearAl's Avatar
 
Join Date: Dec 2000
Location: Thereabouts
Posts: 19,654
Thanks: 28
Thanked 60 Times in 34 Posts
I'm always used to just running as Administrator - is it much better to install programs through Administrator but use Windows regularly as a Power User instead? Do people do this in practice, does it become a pain or is it a very good idea?

Found a paper on it here, I guess I'll follow that for now

Last edited by MetalGearAl; 24-09-2008 at 17:37.
MetalGearAl is offline   Reply With Quote
Old 24-09-2008, 23:43   #326
Guest 6609
Super Web Designer Turbo
 
Guest 6609's Avatar
 
Join Date: Apr 2001
Location: Chair.
Posts: 3,000
Thanks: 5
Thanked 2 Times in 2 Posts
Quote:
Originally Posted by Jimmyboy View Post
Anybody else been hit with virtumonde? It seems to be everywhere.
Gah, yes, just now - and it seems to have hijacked any attempt to search through Google, so I can't get any info on it! I had it at work a few days ago and it was removed with something, but I'm not sure what. Spyware Doctor?
Guest 6609 is offline   Reply With Quote
Old 25-09-2008, 11:38   #327
driver8
eviscerate your memory
 
driver8's Avatar
 
Join Date: Jan 2003
Location: Malé, Maldives
Posts: 11,272
Thanks: 2,296
Thanked 2,454 Times in 1,052 Posts
Quote:
Originally Posted by slinky View Post
Windows live scanner gets rid of it (virtumonde).
Quote:
Originally Posted by Phayze View Post
Gah, yes, just now - and it seems to have hijacked any attempt to search through Google, so I can't get any info on it! I had it at work a few days ago and it was removed with something, but I'm not sure what. Spyware Doctor?
driver8 is offline   Reply With Quote
Old 27-09-2008, 00:41   #328
Guest 6609
Super Web Designer Turbo
 
Guest 6609's Avatar
 
Join Date: Apr 2001
Location: Chair.
Posts: 3,000
Thanks: 5
Thanked 2 Times in 2 Posts
Finally got rid of all the viruses/malware that had decided to infect me (I hope) using a combination of Spyware Doctor, a-squared, hijackthis, safe-mode and Malwarebytes' Anti-Malware - the latter being the only thing to be able to remove 'Antivirus XP 2008' that was quite stubborn. Did I mention I HATE malware?
Guest 6609 is offline   Reply With Quote
Old 27-09-2008, 07:20   #329
driver8
eviscerate your memory
 
driver8's Avatar
 
Join Date: Jan 2003
Location: Malé, Maldives
Posts: 11,272
Thanks: 2,296
Thanked 2,454 Times in 1,052 Posts
stop getting up to mischief then !
driver8 is offline   Reply With Quote
Old 12-10-2008, 11:31   #330
Dave B
Stock Photographer
 
Join Date: Mar 2001
Location: Back in the bloody UK!
Posts: 3,623
Thanks: 224
Thanked 37 Times in 30 Posts
My mums PC goes to random pages when you click links from search engines after doing a search. If you type a WWW address in the URL, it's fine but you can not do any searches.

Is it a case of going through the list on the first page and running each one ?

Cheers,

Dave
__________________
| My GitHub Pages | gamerTag: FatDeadlyDave | Switch: 7317-0703-1128 |
Dave B is offline   Reply With Quote
Old 12-10-2008, 12:41   #331
driver8
eviscerate your memory
 
driver8's Avatar
 
Join Date: Jan 2003
Location: Malé, Maldives
Posts: 11,272
Thanks: 2,296
Thanked 2,454 Times in 1,052 Posts
Quote:
Originally Posted by Phayze View Post
... a combination of Spyware Doctor, a-squared, hijackthis, safe-mode and Malwarebytes' Anti-Malware
Quote:
Originally Posted by Dave B View Post
Is it a case of going through the list on the first page and running each one ?
these worked for Phayze - Malwarebytes in particular getting good reports, and I'd add Spybot S&D and (ignoring the terrible name) SuperAntiSpyware.

After download/installing each, be sure to update before running.
driver8 is offline   Reply With Quote
Old 02-12-2008, 21:42   #332
Mr Silly
wandering and wondering
 
Join Date: Aug 2003
Location: UK - east
Posts: 4,381
Thanks: 3
Thanked 0 Times in 0 Posts
homesiterenew - anyone got rid of this thing?
__________________
Help me raise money for a cancer charity that helped my Dad to beat Prostate Cancer. http://www.justgiving.com/Stuart-Hellingsworth
Mr Silly is offline   Reply With Quote
Old 18-12-2008, 19:10   #333
cjx
PSN = bladecjx
 
cjx's Avatar
 
Join Date: Dec 2001
Location: Sheffield
Posts: 1,798
Thanks: 40
Thanked 117 Times in 51 Posts
Quote:
Originally Posted by Dave B View Post
My mums PC goes to random pages when you click links from search engines after doing a search. If you type a WWW address in the URL, it's fine but you can not do any searches.

Is it a case of going through the list on the first page and running each one ?

Cheers,

Dave
I had this hapen to me , it said copy-book.com in the task bar at the bottom.Tried a lad of things but in the end I just did re-install as I was due one anyway.
cjx is offline   Reply With Quote
Old 19-12-2008, 09:53   #334
Guest 24071
Monkey, Dragon and Rat Fu
 
Guest 24071's Avatar
 
Join Date: Oct 2002
Location: up a tree
Posts: 1,147
Thanks: 0
Thanked 0 Times in 0 Posts
Here is the only resolution I have found for google/yahoo redirect Trojan.

symptoms:
search on google or yahoo works as normal, when clicking on a search result it redirects to a random website.
entering web address for website directly in address bar for antivirus/malware/windowsupdate sites and a select few others you get "page cannot be displayed" type error.

Virus scanner does not update. Anti Malware software does not run/does not run properly.

solution:



Go to Start -> Control Panel -> System -> Hardware -> Device Manager -> View -> Show Hidden Devices.

Scroll down to “Non-plug and Play Drivers” and click the plus icon to open those drivers.

Then search for “TDSSserv.sys”

Right click on it, and select “Disable”
(If you select Uninstall, it will install itself again when you reboot the system - Do not install!!)

You can now update your AntiVirus/Malware softwares and the go.google will stop forwarding.
once updated take your PC offline and and run antiVirus/Malware.

(For the Geeks: TDSSserv.sys is a service redirecting all software updates to 127.0.0.1 so they won’t update.)

Make sure your Windows security patches and service pack is also up to date or it will just exploit the back door vunerabilities again.
Guest 24071 is offline   Reply With Quote
Old 03-01-2009, 23:27   #335
robbiez666
northern monkey
 
Join Date: Mar 2002
Location: sheffield
Posts: 1,714
Thanks: 0
Thanked 0 Times in 0 Posts
HELP!

my computer has gone mad.

running very very slowly on the net and when I search on google and try and click on a link it just goes to ads. I've run most of the stuff on the first page. wont let me install hijack this or download cwcshreeder

ideas?
robbiez666 is offline   Reply With Quote
Old 04-01-2009, 08:09   #336
driver8
eviscerate your memory
 
driver8's Avatar
 
Join Date: Jan 2003
Location: Malé, Maldives
Posts: 11,272
Thanks: 2,296
Thanked 2,454 Times in 1,052 Posts
Quote:
Originally Posted by robbiez666 View Post
my computer has gone mad.
do you get the same problem with every browser ? IE/Firefox/Chrome/Opera ?

did you try Malwarebytes yet ? - http://www.malwarebytes.org/ And ComboFix is powerful - http://www.bleepingcomputer.com/comb...o-use-combofix
Once cleaned, Spybot S&D has an 'immunize' function which tries to prevent re-infection - http://www.safer-networking.org/en/mirrors/index.html

Which AV do you use ? AVG (disable linkscanner) seems good at catching extra nasties. Only use 1 AV at once. - http://free.avg.com/

Also, there's these free tools from Kaspersky:
Quote:
Originally Posted by driver8 View Post
Boot disc - http://dnl-eu10.kaspersky-labs.com/d...ds/RescueDisk/ - I've tried this and it works well - 81mb ISO download, burns fine, boots into Linux and a simple Kaspersky 2009 GUI. BUT it is slow (very thorough) and reports outdated definitions file (but will be worth a go if all else has failed, and your system cannot even boot into windows).

Virus Removal Tool (on demand only scanner/cleaner - no real-time & no updater) - http://dnl-eu14.kaspersky-labs.com/devbuilds/AVPTool/ (use the most recent) - . It uses the same technology as Kaspersky Anti-Virus to detect and remove viruses. For a free tool, it is very configurable, allowing you to set what to scan, how much to scan, whether to use heuristics etc. There is another feature called “Manual Cure”. It works similarly as HijackThis.
driver8 is offline   Reply With Quote
Old 04-01-2009, 12:38   #337
robbiez666
northern monkey
 
Join Date: Mar 2002
Location: sheffield
Posts: 1,714
Thanks: 0
Thanked 0 Times in 0 Posts
cheers. using firefox and avira anti-virus (used to use AVG but fell out with zonealarm)

the google thing is the worst. every link goes to an ad page

and I can;t open your links. just come up as page load error. same with some other anti-spyware stuff.

Last edited by robbiez666; 04-01-2009 at 12:42.
robbiez666 is offline   Reply With Quote
Old 04-01-2009, 13:06   #338
cjx
PSN = bladecjx
 
cjx's Avatar
 
Join Date: Dec 2001
Location: Sheffield
Posts: 1,798
Thanks: 40
Thanked 117 Times in 51 Posts
Quote:
Originally Posted by robbiez666 View Post
cheers. using firefox and avira anti-virus (used to use AVG but fell out with zonealarm)

the google thing is the worst. every link goes to an ad page

and I can;t open your links. just come up as page load error. same with some other anti-spyware stuff.
Can you not open it when starting in safe mode?
cjx is offline   Reply With Quote
Old 04-01-2009, 13:18   #339
robbiez666
northern monkey
 
Join Date: Mar 2002
Location: sheffield
Posts: 1,714
Thanks: 0
Thanked 0 Times in 0 Posts
I've found a freeware site with foreign mirrors and I can get them from there. Actually started a thread about this and managed to get an hijackthis report.
robbiez666 is offline   Reply With Quote
Old 04-01-2009, 13:56   #340
Chris Locke
Making a 1% improvement
 
Join Date: Sep 2000
Location: Essex, UK
Posts: 7,297
Thanks: 546
Thanked 1,683 Times in 563 Posts
Robbie- See post #334.
Chris Locke is offline   Reply With Quote
Reply

Bookmarks

Tags
Browsing, Email, Windows Update, windows.xp, Zonealarm

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump

All times are GMT. The time now is 04:28.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Copyright ©2000 - 2018 Poisonous Monkey Ltd. Part of The Digital Fix Network