If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
How to get rid of virus and malware etc online?
I'm using AT&T and they have a package deal that they say will check out your
computer online and get rid of all virus and malware etc problems for so much per month, but they want you to agree to a contract of a year at a time and they're already charging me way more for the service I have than what I agreed to to begin with. That part's another issue but I don't want to give them even MORE... Can anyone suggest a good online service that will find that crap and keep it off the computer at a reasonable price, but that's dependable? AT&T is sending me emails saying it's infected now: "AT&T has received information indicating that one or more devices using your Internet connection may be infected with malicious software. Internet traffic consistent with a malware infection was observed on Sep 15, 2014 at 9:34 PM EDT from the IP address..." Thanks for any help! David |
#2
|
|||
|
|||
How to get rid of virus and malware etc online?
Best (and free) way to nuke viruses is to have and use a backup of
your windows C drive. |
#3
|
|||
|
|||
How to get rid of virus and malware etc online?
[email protected]. wrote:
I'm using AT&T and they have a package deal that they say will check out your computer online and get rid of all virus and malware etc problems for so much per month, but they want you to agree to a contract of a year at a time and they're already charging me way more for the service I have than what I agreed to to begin with. That part's another issue but I don't want to give them even MORE... Can anyone suggest a good online service that will find that crap and keep it off the computer at a reasonable price, but that's dependable? AT&T is sending me emails saying it's infected now: "AT&T has received information indicating that one or more devices using your Internet connection may be infected with malicious software. Internet traffic consistent with a malware infection was observed on Sep 15, 2014 at 9:34 PM EDT from the IP address..." Thanks for any help! David It's good to be skeptical of the ISP-offered packages. I've read enough horror stories about ISP-offered malware packages, to steer well clear of them. To start your cleaning, you can use the free one-shot MBAM scanner. "Think you're infected? Fire up Malwarebytes Anti-Malware Free" http://www.malwarebytes.org/antimalware/ That one runs while Windows is running. It can use heuristic behavior (watch what malware does) to figure out malware is present. The hard part of using that one, is getting it to start. As the malwares are skilled at defeating MBAM. http://www.bleepingcomputer.com/viru...lware-tutorial ******* There are also a few offline scanners. Windows is not running when they do their work. The scanners come as a "boot CD" and so the scanner has its own (clean) OS to use. The scanner cannot use heuristics, as Windows is not running, no malware behaviors can be observed. The scan is signature based. The download here is listed as "~375MB" but the size increases regularly due to the size of malware definitions. The definitions when you download will be within a week of being up to date, so if the CD attempts to download definitions at the start of the run, it won't need a lot of files to bring it up to date. Three months from now, the size of download could be pretty big. http://support.kaspersky.com/8092 ******* We'll assume MBAM quarantined the bad stuff. That leaves nuisance-ware. Which probably isn't the stuff making a "bot" out of your machine right now. Your machine is probably sending spam email, or participating in a botnet (doing denial of service attacks when commanded to do so). If all of that stuff was cleaned up, there is the milder "potentially unwanted programs" or PUP to get rid of. http://www.bleepingcomputer.com/download/adwcleaner/ http://www.bleepingcomputer.com/down...-removal-tool/ Programs like MBAM were not intended to remove everything. Programs which "claim to not be malware" are in a gray zone, and antimalware companies don't touch them. For fear of being sued by the lawyers of the companies making PUP programs. That's why small developers, in countries far away, make programs to clean your machine. ******* Your machine could have a rootkit. A popular rootkit is TDSS. http://support.kaspersky.com/viruses...?qid=208280684 Kaspersky makes TDSSkiller.exe, a program maintained specifically for the purpose of stopping variants of TDSS/Alureon. I've also seen a page on another site, with specific removal packages for some pretty nasty malware. So nasty in fact, that the chances of "saving" the installation are slim indeed. Many malwares have a "light touch" and the damage can be repaired. But some just ruin the OS (over 200 files are modified) and the chances of a specific tool fixing all of those successfully is limited. Even for a professional, such as the malware guy at the computer store, at some point they just re-install as it's faster. You can get "guided help" at bleepingcomputer.com and other sites, to help you remove stuff. But you can wait several days before they see your posting, and they're normally swamped with work. But they're also pretty good at figuring out what the machine has. Sometimes your case is unique enough, several of their experts will be working in the background, trying to defeat the new example. ******* When I got something nasty a number of years ago, I used the "trial version" of Kaspersky to remove it. It took several reboots of the computer, until Kaspersky "got in control" of the machine. And if I was doing that today, there's a good chance the malware simply wouldn't allow the software to install. And that's where the offline scan method is better than nothing. ******* In terms of free programs, there are three of them that begin with the letter "A" that you might consider. http://en.wikipedia.org/wiki/Compari...virus_software And there are sites that test the AV programs (commercial ones), to see how effective they are. I would think a subscription to a real AV program, a good one, would be cheaper than the ISP offer. http://www.av-comparatives.org/ These would be for your "cleaned up" machine, for later. Not all of the programs are equally adept at taking over from a malware attack. Some of the weaker AVs are just "gutless" when under attack, and can't stop anything. I particularly remember a "free web scan" site, that just threw up error dialogs the whole time it was running :-) ******* Steps: 1) Back up the computer. The link in the lower left corner of the link below can be used. The purpose of making a backup, is in case any of your attempts to clean the machine, prevent the computer from booting. This software includes a boot CD, which allows "bare metal restore", so no matter how ruined C: is, you can return things to their current (infected) state. You would discard the backup image, once things are under control again. In this case, if my drive had a C: partition and a data partition, I'd just make a copy of C: onto the data partition. Macrium makes a single .mrimg file holding the whole thing (whatever you ticked to be backed up). If you want to image the whole disk, Macrium will likely ask for a second disk to hold the output. http://www.macrium.com/reflectfree.aspx You would install Macrium on your "clean" computer, make the boot CD (which cannot be infected), carry the boot CD to the infected machine, and make your backup copy by booting the CD, not booting the hard drive. The boot order of the machine should have the CD before the hard drive, as set in the BIOS. 2a) Go crazy. Knock yourself out. Run some of the tools above. If a system file is quarantined and the OS no longer boots, you can restore from your backup. or 2b) Seek guided help from bleepingcomputer.com or similar. Use a second, uninfected computer, until your helper has finished repairing the damage, one repair tool at a time. For safety, do not connect the two computers to the same router or switch at the same time, in case this is Sality. The infected machine will need to be connected to the router long enough, to get AV definition updates. You should also be careful moving data between machines with a USB key, since some (U3) USB keys have fake CDROM drives in their configuration, and an autorun can be used to infect the second computer. Microsoft thinks it is OK to run software off any CDROM, which is a dumb-ass idea. 3a) Install your new suite of tools, on the clean computer or 3b) If you're just not cleaning the stuff off, reinstall the OS from scratch. You can "browse" the Macrium backup image to get at your data files. Make sure your new AV scanner is installed, before you start browsing the Macrium backup image. Same would go for keeping the "infected" disk drive separate, using a new hard drive for your clean OS install, and then re-connecting the infected disk later. Make sure your defenses are ready. You can start with a "long scan" using your new AV, when the old disk is connected. There are some really bad malwares out there. The worst for removal so far, is called "BadBIOS", for its ability to leap from machine to machine. A malware researcher happened to get attacked by it. And it defeated virtually all efforts to remove it. Even new computers brought into the building, end up infected. The guy has some idea how it works, but still doesn't claim mastery of the thing. That's an example of what nation-states use for malware, to attack others. That's not something normally deployed against end-users like yourself. A copy of something like that, is sent as an email attachment, to the "victim". A more focused delivery method is used. They've even been known to use the "I left a USB stick in your driveway" trick, and you'd be surprised how many people are stupid enough to immediately plug that into their USB port. Good luck, Paul |
#4
|
|||
|
|||
How to get rid of virus and malware etc online?
[email protected]. wrote:
I'm using AT&T and they have a package deal that they say will check out your computer online and get rid of all virus and malware etc problems for so much per month, but they want you to agree to a contract of a year at a time and they're already charging me way more for the service I have than what I agreed to to begin with. That part's another issue but I don't want to give them even MORE... Can anyone suggest a good online service that will find that crap and keep it off the computer at a reasonable price, but that's dependable? AT&T is sending me emails saying it's infected now: "AT&T has received information indicating that one or more devices using your Internet connection may be infected with malicious software. Internet traffic consistent with a malware infection was observed on Sep 15, 2014 at 9:34 PM EDT from the IP address..." Thanks for any help! David David, Are you sure the message you are receiving is coming from AT&T? I have U-Verse and AT&T provides McAfee free for subscribers. (Most providers have something similar) Is it the best out there? Probably not. But it seems to do the job for me, and before I would accept the offer you describe I would call someone from AT&T to make sure it is from them. They might also have a free AV program you can use that you might not be aware of. |
#5
|
|||
|
|||
How to get rid of virus and malware etc online?
Ken Ken invalid.com wrote:
mur .not. wrote: I'm using AT&T and they have a package deal that they say will check out your computer online and get rid of all virus and malware etc problems for so much per month, but they want you to agree to a contract of a year at a time and they're already charging me way more for the service I have than what I agreed to to begin with. That part's another issue but I don't want to give them even MORE... Can anyone suggest a good online service that will find that crap and keep it off the computer at a reasonable price, but that's dependable? AT&T is sending me emails saying it's infected now: "AT&T has received information indicating that one or more devices using your Internet connection may be infected with malicious software. Internet traffic consistent with a malware infection was observed on Sep 15, 2014 at 9:34 PM EDT from the IP address..." Are you sure the message you are receiving is coming from AT&T? Good question. But, either way there's something wrong. |
#6
|
|||
|
|||
How to get rid of virus and malware etc online?
John Doe wrote:
Best (and free) way to nuke viruses is to have and use a backup of your windows C drive. FALSE! At best (or wort, depending on viewpoint) backup makes a copy, and do ALL programs, virii, rootkits, adware, etc are retined intact. |
#7
|
|||
|
|||
How to get rid of virus and malware etc online?
Ken wrote:
[email protected]. wrote: I'm using AT&T and they have a package deal that they say will check out your computer online and get rid of all virus and malware etc problems for so much per month, but they want you to agree to a contract of a year at a time and they're already charging me way more for the service I have than what I agreed to to begin with. That part's another issue but I don't want to give them even MORE... Can anyone suggest a good online service that will find that crap and keep it off the computer at a reasonable price, but that's dependable? AT&T is sending me emails saying it's infected now: "AT&T has received information indicating that one or more devices using your Internet connection may be infected with malicious software. Internet traffic consistent with a malware infection was observed on Sep 15, 2014 at 9:34 PM EDT from the IP address..." Thanks for any help! David David, Are you sure the message you are receiving is coming from AT&T? I have U-Verse and AT&T provides McAfee free for subscribers. (Most providers have something similar) Is it the best out there? Probably not. But it seems to do the job for me, and before I would accept the offer you describe I would call someone from AT&T to make sure it is from them. They might also have a free AV program you can use that you might not be aware of. ....and McAfee, to be polite, is not exactly the best AV program. I like Avast, one of the better ones. |
#8
|
|||
|
|||
How to get rid of virus and malware etc online?
Robert Baer robertbaer localnet.com wrote:
John Doe wrote: Best (and free) way to nuke viruses is to have and use a backup of your windows C drive. FALSE! At best (or wort, depending on viewpoint) backup makes a copy, and do ALL programs, virii, rootkits, adware, etc are retined intact. I don't know what "wort" or "and do ALL programs" are supposed to mean, but apparently that's trolling for answers. And here's the answer... When I do an installation, and at all times during use of that installation, I perpetually make incremental backups of the Windows C drive. Of course the backup makes a copy, so I simply revert to a copy that was made prior to the infection. That makes my system bulletproof. It's the shotgun method, and it works like a charm. I think that's pretty simple. Then again, if you can't write worth beans... -- Path: eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!feeder.erje.net!eu.feeder.erje.net!f eeder1-2.proxad.net!proxad.net!feeder2-2.proxad.net!nx01.iad01.newshosting.com!newshostin g.com!69.16.185.112.MISMATCH!peer02.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post02.iad.highwinds-media.com!fx26.iad.POSTED!not-for-mail From: Robert Baer robertbaer localnet.com User-Agent: Mozilla/5.0 (Windows NT 5.0; rv:10.0) Gecko/20120129 Firefox/10.0 SeaMonkey/2.7 MIME-Version: 1.0 Newsgroups: alt.computer,alt.computer.workshop,alt.comp.hardwa re.pc-homebuilt Subject: How to get rid of virus and malware etc online? References: raek1a9mqaf03j709mvmevprl19ejp98k6 4ax.com lvde8o$ohs$1 dont-email.me In-Reply-To: lvde8o$ohs$1 dont-email.me Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Lines: 7 Message-ID: VPCSv.171527$p7.48152 fx26.iad X-Complaints-To: abuse teranews.com NNTP-Posting-Date: Thu, 18 Sep 2014 15:25:41 UTC Organization: TeraNews.com Date: Thu, 18 Sep 2014 08:25:44 -0700 X-Received-Bytes: 1081 X-Received-Body-CRC: 580485517 Xref: news.eternal-september.org alt.computer:14723 alt.computer.workshop:833 alt.comp.hardware.pc-homebuilt:31111 |
#9
|
|||
|
|||
How to get rid of virus and malware etc online?
John Doe wrote:
Robert Baerrobertbaer localnet.com wrote: John Doe wrote: Best (and free) way to nuke viruses is to have and use a backup of your windows C drive. FALSE! At best (or wort, depending on viewpoint) backup makes a copy, and do ALL programs, virii, rootkits, adware, etc are retined intact. I don't know what "wort" or "and do ALL programs" are supposed to mean, but apparently that's trolling for answers. And here's the answer... When I do an installation, and at all times during use of that installation, I perpetually make incremental backups of the Windows C drive. Of course the backup makes a copy, so I simply revert to a copy that was made prior to the infection. That makes my system bulletproof. It's the shotgun method, and it works like a charm. I think that's pretty simple. Then again, if you can't write worth beans... 1) I did NOT ASK for an answer, READ! 2) I misspelled "worst", which you should have figured out in context. 3) I meant that backup copies ALL programs. Just doing a backup is NOT a "solution". Get back into your cave. |
#10
|
|||
|
|||
How to get rid of virus and malware etc online?
Yeah, I know what you meant. But if you put that sort
of gibberish into a computer, heaven help you... -- Robert Baer robertbaer localnet.com wrote: Path: eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!usenet.blueworldhosting.com!feeder01 .blueworldhosting.com!peer01.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post01.iad.highwinds-media.com!fx02.iad.POSTED!not-for-mail From: Robert Baer robertbaer localnet.com User-Agent: Mozilla/5.0 (Windows NT 5.0; rv:10.0) Gecko/20120129 Firefox/10.0 SeaMonkey/2.7 MIME-Version: 1.0 Newsgroups: alt.computer,alt.computer.workshop,alt.comp.hardwa re.pc-homebuilt Subject: How to get rid of virus and malware etc online? References: raek1a9mqaf03j709mvmevprl19ejp98k6 4ax.com lvde8o$ohs$1 dont-email.me VPCSv.171527$p7.48152 fx26.iad lvfe22$ldi$1 dont-email.me In-Reply-To: lvfe22$ldi$1 dont-email.me Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Lines: 37 Message-ID: 73NSv.205867$DJ7.5819 fx02.iad X-Complaints-To: abuse teranews.com NNTP-Posting-Date: Fri, 19 Sep 2014 03:04:35 UTC Organization: TeraNews.com Date: Thu, 18 Sep 2014 20:04:37 -0700 X-Received-Bytes: 2062 X-Received-Body-CRC: 1262253425 Xref: news.eternal-september.org alt.computer:14727 alt.computer.workshop:836 alt.comp.hardware.pc-homebuilt:31114 John Doe wrote: Robert Baerrobertbaer localnet.com wrote: John Doe wrote: Best (and free) way to nuke viruses is to have and use a backup of your windows C drive. FALSE! At best (or wort, depending on viewpoint) backup makes a copy, and do ALL programs, virii, rootkits, adware, etc are retined intact. I don't know what "wort" or "and do ALL programs" are supposed to mean, but apparently that's trolling for answers. And here's the answer... When I do an installation, and at all times during use of that installation, I perpetually make incremental backups of the Windows C drive. Of course the backup makes a copy, so I simply revert to a copy that was made prior to the infection. That makes my system bulletproof. It's the shotgun method, and it works like a charm. I think that's pretty simple. Then again, if you can't write worth beans... 1) I did NOT ASK for an answer, READ! 2) I misspelled "worst", which you should have figured out in context. 3) I meant that backup copies ALL programs. Just doing a backup is NOT a "solution". Get back into your cave. |
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
USB Thumbdrives & Malware? | Davej | Homebuilt PC's | 9 | January 23rd 14 08:39 AM |
¿Free online virus scan? | [email protected] | Homebuilt PC's | 9 | February 16th 09 10:10 AM |
Does Downloaded DMR updates come from MS, or is it possible to download a virus/malware when I DL DRM if it comes from somewhere else? | BonnieÜ@Peebles.Com | Homebuilt PC's | 1 | June 4th 08 04:25 AM |
help deleting malware | [email protected] | Homebuilt PC's | 2 | February 6th 05 04:53 PM |
Malware | Echuca | Compaq Computers | 0 | October 15th 04 05:42 PM |