My Computer has been Attacked!!!

[Emibub]

I'm not sure what to do here. My computer has been attacked by a bunch of Trojan Horses. AVG keeps finding them and cleaning them up but they are right back again. I assume AVG is infected too. Somebody gave me a solution on Microsoft site but I downloaded it and then it appeared to me something took over the download, I kept getting prompts that did not look legit. I went to spyware doctor and scanned my computer but now they want money to clean them off. I don'tmind paying for it but am afraid to enter credit card info with a virus. Adaware won't open, I went to Lavasoft planning on downloading again but they now want payment and I can't trust entering credit card info.

Is there something I can do anywhere that doesn't require CC info? This is maddening....................

Thanks for any ideas.

 

[Steph]

Kathy come in to chat

 

[AnneL]

Take it to your nearest geek. They should be able to find and identify the problem then clean it off for you.

 

[Mike Labbe]

install and run this FREE cleaner. www.malwarebytes.org

It should fix you up

AVG Free is NOT sufficient any more. It only stops a small percentage of the bugs out there.

 

[janetj1968]

If you can afford the very best in protection, get Sophos.

You'll never regret it.

 

[Emibub]

Thanks Mike, I'm gonna run that right now. I guess it is time to change from AVG.

 

[Prospero]

I got a nasty bug a while back. Despite AVG. I kept getting a pop up telling me my PC was infected and please download and install this cleanup program. (yeah right....). I cured it by doing a system restore from 24hrs back.

 

[Paul N]

Any program that tells you your PC is infected and it can fix it for money, is a virus, a scam or both.

 

[deaconsbench]

install and run this FREE cleaner. www.malwarebytes.org

It should fix you up

AVG Free is NOT sufficient any more. It only stops a small percentage of the bugs out there.

My son installed this on my computer, as I was also being attacked 20-30 times everyday with Trojans. Now I run it after every session to keep it clean.

 

[Emibub]

Wow, cleaned it right up Mike. Found 54 infections...................not sure how it could happen, it's not like I have been anywhere different as of late. I'm going to check into new anti-virus now.

 

[johnny]

These are getting nasty. I got linked to a webpage that gave me the Antivirus 2009 nastiness. I brought up task manager to shut down the process that brought up the ANtivirus 2009 window and did so, then all #### broke loose. Pop ups everywhere. Links to pretty nasty stuff on my desktop. Iexplorer.exe was corrupted. My restore points were disabled. Chkdisk won't even run. Apparently much worse than Antivirus 2009 but that's what showed on the screen. I had recently made backups so I went and got a new laptop. Eventually I'll try and get that one going from scratch again.

 

[Mike Labbe]

I found that same one on a client's pc a couple weeks ago. It was even smart enough to disable any antivirus or cleanup tool.

What I did to outsmart it was to rename MBAM.EXE to NOT-MBAM.EXE and then it ran and cleaned it right up. (Malware Bytes)

Mike

 

[AnneL]

Mike, what about the paid for version of AVG? Is that still a good alternative to Norton? I've replaced Norton on 2 of our computers with AVG and don't want to go back to Norton. I was planning on replacing Norton on all our computers when it comes up for renewal.

Meantime, I'm going to download this software and run it on a few computers that have been running funny.

 

[Mike Labbe]

I have been disappointed with the pay version of AVG lately, as well. The free version is virtually useless, now.

I switched all my clients over to Kaspersky Antivirus www.kaspkersky.com and it works very well. Those still on AVG Pro are doing so as it expires.

HOWEVER, some folks with LifeSaver have had an issue with the 2009 version where it incorrectly flags/blocks the installer (for program updates) as suspicious. LifeSaver and Kaspersky are working to resolve this, but it may take a while. The solution is to simply right click the red K (Kaspersky logo) down in the system tray, and EXIT. Then do your program update, which reboots the computer normally and re-enables Kaspersky.

If you can live with that on the short term, this is a great program. It not only does viri, spyware, adware, trojans, rootkits, etc but also lets you know if you are running programs that contain known exploits. (programs like java, adobe flash, adobe pdf reader, movie viewers, ms office, etc which have had patches released that you have not yet applied). It even links you to the fixes for each of them.

Mike

 

[Paul N]

I am not happy with AVG either.

I just placed an order for a Kaspersky 3 user license ($37 with free shipping) at Computersworth.com

In these days of scumbag hackers and a hellish assortment of virii, one should be really pro-active about protecting their business (and personal) computers.

Here's the link: http://www.computersworth.com/item.cfm?id=1298

 

[osgood]

I have been using Nod32 for about three or four years now. At that time both it and Kaspersky had great reviews. Can't remember why I chose Nod32, but it seems to work well.
Haven't had anything nasty in that time on two puters that are permanently connected.

 

[Steven6095]

How much do you all want to bet this is part of the Antivirus 2008/2009 virus.
8 clients this week with the issue.

If it comes back - boot info safe mode then run malware bytes.

AVG free is better than the paid version and AVG free has gone down the drain with the last update.

Kaskpersky is great!
Also had good luck with Bit Defender lately.

Seriously antivirus 08 and 09 can be CLEANLY taken off if you go into safe mode then run it.

********************************************
They key is to run the FULL scan, not the quick scan and you HAVE TO be in SAFE MODE.
********************************************

 

[Emibub]

I was reading from a search to go into safe mode Steve. The problem was it was disabling everything as I clicked on it and it freaked me out. I kept getting prompts for the anti virus 2009 too. It appeared to disable my system restore too, as it wouldn't let me do it anyway. Wow, what a mess, thank goodness for Mike! I've had a virus or two but have never seen anything take over my computer. I was telling Mike, the laptop would even be warm like it was being used when I would pick it up after hours of non-use. I'd open it up and there would be all these icons in my toolbar. Almost like a ghost was setting up shop right in my laptop. Spooky.

 

[AnneL]

Thanks for the recommendation. I think I'll look into the multi license option of Kaspersky.

 

[Steven6095]

That 08 / 09 has been causing a headache for a lot of my customers.
Granted it is nice to be paid to fix a virus every now and then, but this one is almost not worth it! I hate this da*g thing!

 

[MerpsMom]

Anyone using Webroot?

 

[Bogframe]

Add another nod for NOD32. When I had this machine built, they guy insisted on putting it in here. I haven't had anything sneak by yet!

 

[osgood]

I just ran Malwarebytes for the second time over the past few months and it came up with no infected files, again.

I'm not technically knowledgeable to know whether Nod32 is keeping all that bad stuff out, but it's the only protection I have apart from Windoze firewall. Whatever is keeping that stuff out, is working pretty darn well!

 

[David Waldmann]

How much do you all want to bet this is part of the Antivirus 2008/2009 virus.
8 clients this week with the issue.

If it comes back - boot info safe mode then run malware bytes.

Seriously antivirus 08 and 09 can be CLEANLY taken off if you go into safe mode then run it.

********************************************
They key is to run the FULL scan, not the quick scan and you HAVE TO be in SAFE MODE.
********************************************

Wish I had known that before I re-formatted and started over on one of our computers last week (paid version of AVG - put Kaspersky on it when re-setup).

 

[David Waldmann]

Steven/Mike or anyone who deals with larger installations,

Are you familiar with the Kaspersky Open Space Security product(s)? It's a real pain trying to keep up with multiple installations, so having a centralized administration solution is important to me.

 

[Mike Labbe]

I haven't used it personally, but i'm sure it's essentially the same thing but for larger companies to manage the status of all (25+) machines under their care. I have used the enterprise versions from some of the other companies, but not this one.

The administrator gets notified of infections immediately, machines that are not current, etc. It probably also lets him/her invoke a manual scan at any time, on any machine.

Mike

PS: I'm seeing a LOT of that "Antivirus 2009" infection, but I've never had to reboot into safe mode to remove it. Malware bytes takes care of it in regular mode, as far as I've seen. It may be that i'm manually terminating the process first, too. (preventing it from reinfecting before the scan)

 

[Mike Labbe]

Speaking of infections, there's a bad one out there now. It only attacks people who haven't kept up with updates. The fix from last October blocks this infection, but it's amazing how many folks are outdated. They're saying more than 1 million folks were infected in just the first 24 hours. The worm is called "Downadup" and "Conficker".

To make sure your pc is current, visit http://www.windowsupdate.com

Mike

 

[Bob Doyle]

Mike, I haven't been able to install SP3 but I do run the update a lot. Is my computer vulnerable?

Everytime I try to install SP3 my computer hangs. It just sits there and spins its wheels. So I have to do a system restore each time.

 

[Mike Labbe]

how strange. I suspect one of your drivers needs updating. Video card, sound card, network card, etc. I would check with each vendor and be sure to put the latest drivers in for each, wait at least a day, then try sp3 again.

Yes, you should be all set. The other updates will download, even if you don't put SP3 in.

 

[Bob Doyle]

One of my drivers, oh Mike, I wish it were so! The computer is old, been pushed to the limit and due for retirement to the back pasture. I had plans to replace it with a new system after the XMas rush. Then when the rush started fizzling I thought I'd ad a new HDD. Then I thought maybe I could afford to add ram. Now I think I might be able to get a new trackball

Actually a new system is in the works for this summer. Right after I price out a replacement leach field.

 

[Mike Labbe]

Ah no big deal then. SP2 will still be supported through this year.

Mike

 

[AnneL]

Another question about Kaspersky. One of the reasons we switched some of our computer to AVG is that Norton makes things run slow and hogs memory. Does Kaspersky create any memory problems like Norton?

 

[Mike Labbe]

AVG and Kaspersky are both very fast.

Norton or mcafee will bring even a brand new pc to it's knees.

Mike

 

[Pat Murphey]

... Norton ... will bring even a brand new pc to it's knees.

Mike

Mike,

That's just not true. Maybe you haven't used it for a while? I don't know about Macafee.

 

[Bob Doyle]

Mike,

That's just not true. Maybe you haven't used it for a while? I don't know about Macafee.

Wow, I agree with Pat Murphey (Bob Doyle 1/15 2009 @ 1:23 EST)!

Mike, my machine is dying, a 2001 P4 1.6 and with all my ther issues Norton has been running just fine. I hated it a bunch of months ago, but Norton 360 seems a little less of a memory hog.

That said when I do get my new machine I will be in the market for a better, slimmer anti-virus program.

 

[Pat Murphey]

Wow, I agree with Pat Murphey (Bob Doyle 1/15 2009 @ 1:23 EST)!

Recorded for posterity!!!

 

[AnneL]

Is that why it's so cold today. Bob and Pat agreed and he11 froze over!

 

[Bob Doyle]

Is that why it's so cold today. Bob and Pat agreed and he11 froze over!

Doing our part for global warming

 

[Mike Labbe]

So THAT's why it's so cold today?

Well, to be honest - I haven't played with Norton for at least 6 months. When I did, it was the old (2008) version. The last several versions have been PAINFULLY slow. (2006, 2007, and 2008). I haven't tried 2009, but can't imagine it being any better

The basic version wasnt quite as bad as the NIS (Norton Internet Security) version, which blocks things such as drive and printer sharing by default. You set it not to do so, they it decides to start blocking again a week or so later. Frustrating in a business POS environment, with multiple workstations

If you're happy with it, and it isn't getting in the way.... Then it's fine.

Mike

PS: Here is an article comparing some of the speeds, but they don't do the difference justice in my opinion. PC's with Norton are usually noticeably slower, unless they're loaded up with a lot of RAM as they were for these tests. (and yours may have a lot of ram, so it would be less noticeable) http://reviews.cnet.com/1990-6600_7-6768133-1.html

 

[Paul N]

The most important aspect to me, aside from very good anti virus performance, is boot speed.

My experience with older Norton (pre Norton 2009) and current AVG is they take forever to boot because their scanning speed is very slow on bootup.

 

[AnneL]

The boot speed and slow running were definitely issues we are looking at with our computers, even the ones with lots of RAM since those are the ones we run Photoshop on and do our image processing with. We need them to run fast.

 

[Steven6095]

I'll jump in with Mike on this -
I have seen the brand new norton's bring brand new machines to their knees and beg for mercy. I would say more, but I am afarid of lawyers.
Now, I have not seen the antivirus byitself run. The suite has made me a lot of money taking it off

Mike - the first few outbreaks of 08 / 09 I dealt with regular mode +Malware Bytes fixed everything.

The last two weeks though the virus seems different. It is not as "in your face" as the previous one was, but is harder to get off. Safe mode is the only thing working for me with these new infections. I can kill the processes, but there are still three locked files that are skipped during the scan that reinstall on startup.

 

[Steven6095]

You know something............ Malware Bytes is $25 to buy and looks like you never have to pay a subscription fee....

Tossing the idea around in my head of just running it

 

[Luddite]

Recorded for posterity!!!

I third that.Of course both computers have Norton on them anyhoo,so I just kept it paid up. Doesn`t slow things down unless its running a scan while I`m trying to work.In that case I back off and go get a sandwhich or something and let it run . L.

 

[MerpsMom]

I guess no one runs Webroot? Sure would like to know.

MM

 

[BILL WARD]

timely thread--I was about to start one to say:

I have adaware, malware, skybot that I routine use to clean---had not done it for a week or so til tuesday(& load times had gotten loooong)---
1st used maleware---which coughed up 10 or so
then used skybot which found nothing
then used adaware which produced 80 or so!!!!!!!!!!!!!!!!

I cant figure it out........all aps were updated before running, and they are all pretty good at picking stuff.......but that is crazy! glad I ran them all.