Tales Posted May 25, 2011 Posted May 25, 2011 Got infected with this virus program this morning. It effectively bans me from using IE and virus programs(latter works if I spesifically run them as administrator but AVG and Ad-Aware can't find anything) and pops up fake virus warnings every ten minutes. Anyone encountered this before and have a solution that doesn't include wiping the computer?
Jimbob Posted May 25, 2011 Posted May 25, 2011 I've experienced similar programs to the one you have mentioned, follow this guide (follow the manual removal) and remove the bugger. Then update every security program you have, and scan to make sure it is all gone. http://www.spywarevoid.com/remove-vista-home-security-2011-vistahomesecurity-2011-removal-steps.html
Ten10 Posted May 25, 2011 Posted May 25, 2011 Also as a follow up download Rkill: http://www.bleepingcomputer.com/forums/topic308364.html Then perhaps use malwarebytes antimalware: http://www.malwarebytes.org/ (Need to make sure that your PC doesn't have any STI's ) Get rid the poc that is AVG and get some antivirus program that has HIPS. Only one I know of is comodo:http://www.comodo.com/home/internet-security/free-internet-security.php (includes firewall and I find this way better than Vipre) Also this video explains how it works and also how you got infected: http://www.comodo.tv/home-computing/the-good-the-bad-the-unknown/ And remember prevention is better than a cure.
Rummy Posted May 26, 2011 Posted May 26, 2011 Interesting vid there Ten10. Whats the licensing with Commodo like though? I see it's free for a year, what happens after that, can you renew again and again like avast! and AVG, or is it like just a one year free then gotta pay sort of thing? Also are there any other AVs out there using similar systems? Not that I can ever recall having my own virus problem, but I often end up having to fix some for other people, maybe commodo would do a better job protecting them from themselves.
Tales Posted May 26, 2011 Author Posted May 26, 2011 Fixed the computer thanks to a submitted user tip in Jimbob's link(instead of the manual step solution that I didn't understand) but it looks like my computer may have broken down anyway. Thanks for the help anyway.
Cube Posted May 26, 2011 Posted May 26, 2011 Interesting vid there Ten10. Whats the licensing with Commodo like though? I see it's free for a year, what happens after that, can you renew again and again like avast! and AVG, or is it like just a one year free then gotta pay sort of thing? From the link: Standard version is free. Pro version is free for 1 year then you have to pay.
Rummy Posted May 26, 2011 Posted May 26, 2011 Oh I see. I had a brief look but it seemed to imply the free version was only free for a year, then I didn't understand it and got confused. Btw is HIPS essentially what the video was explaining as default deny?
Ten10 Posted May 26, 2011 Posted May 26, 2011 Sorry that I have been unable to reply The free version is free forever, however on that page they also offer the ability to try out the pro version free of charge for a year. The difference between the free version and pro version is that you have customer support, otherwise the two are pretty much the same. HIPS is essentially default deny. Apparently MCAffee Av has HIPS. In a nutshell the purpose is to stop malicous programs from running and causing damage to the user's machine. Prevention is always better than cure. In general terms a HIPS program seeks to retain the integrity of the system in which it is installed by preventing changes to that system from unauthorized sources. Normally it does this by generating a security popup alert asking the user whether any change should be authorized. This system is only as good as the responses of the user to the popup alert. Even if the HIPS software correctly identifies a threat, the user may inadvertently approve the wrong action and the PC could still become infected. Based on your configuration you can set it up to quarantine all unknown files. As they get sent to comodo labs for testing it will eventually end up on your whitelist if it's safe. There is room for improvement with comodo however as it's AV in tests comes of a little bit worse than say Norton. I looked at some test results recently and Norton scored 100% while Comodo came in at 97% but comparing apples to oranges i.e cost I could live with it. Also don't install geekbuddy I found it annoying. Basically it's a software version of having a "computer guy friend." Probably good for those who aren't good at PC maintenance, annoying if you are.
Rummy Posted May 30, 2011 Posted May 30, 2011 Seems this thread was quite apt, the McAfee I have on my computer apparently isn't free and its license expires in like two weeks. I'm planning to install commodo, but it seems to just be an antivirus and not a firewall? Is there any real need for an additional firewall software, or just leave it up to windows(on win 7)?
Ten10 Posted May 31, 2011 Posted May 31, 2011 (edited) Seems this thread was quite apt, the McAfee I have on my computer apparently isn't free and its license expires in like two weeks. I'm planning to install commodo, but it seems to just be an antivirus and not a firewall? Is there any real need for an additional firewall software, or just leave it up to windows(on win 7)? Their marketing can be quite confusing but I think regardless of what package you download it gives you the option to install either the antivirus, firewall or both, yeah pretty dumb but I guess it's kind of like an upsell even though its free. I usually use the link on the internet security package page which is the AV Defense+ and firewall in one: http://www.comodo.com/home/internet-security/free-internet-security.php As for an additional firewall I'm quite sure that microsoft has improved the built in firewall of windows 7. But I do remember with windows xp it only monitored incoming traffic but not outbound traffic so you were kind of screwed if you got infected with an ET phone home malware. Edited May 31, 2011 by Ten10
Rummy Posted May 31, 2011 Posted May 31, 2011 Tbh I don't imagine getting infected with anything, but it's always good to be safe. I do find Commodo's site a bit confusing, seems to be all sorts of different things that are the same or not same and mehhhh. Ty for the recs though, I'll probs stick with Windows if Commodo doesn't do firewall, I don't like to mix and match too often with security softwares in case they hate each other.
Jimbob Posted May 31, 2011 Posted May 31, 2011 Their marketing can be quite confusing but I think regardless of what package you download it gives you the option to install either the antivirus, firewall or both, yeah pretty dumb but I guess it's kind of like an upsell even though its free. I usually use the link on the internet security package page which is the AV Defense+ and firewall in one: http://www.comodo.com/home/internet-security/free-internet-security.php As for an additional firewall I'm quite sure that microsoft has improved the built in firewall of windows 7. But I do remember with windows xp it only monitored incoming traffic but not outbound traffic so you were kind of screwed if you got infected with an ET phone home malware. Still don't trust using the Windows stuff, still installed my own for my own protection.
nightwolf Posted May 31, 2011 Posted May 31, 2011 This virus was doing my tree in on my desktop the other week, I ended up running malware about 4 times before it got rid of it completely! But I suppose I have to wipe my computer anyway.
Ten10 Posted June 1, 2011 Posted June 1, 2011 Tbh I'll probs stick with Windows if Commodo doesn't do firewall. Well after checking up on the performance of the Windows 7 Firewall this morning I have come to the conclusion you should kick it to the kerb as hard as you can while hopefully breaking its ribs in the process. Seriously the comodo firewall is highly regarded: Comodo Internet Security is currently ranked number 1 in Matousec's Proactive Security Challenge, and passing 100% of the 148 software firewall tests, and is the only firewall and host intrusion prevention system to consistently score number 1 or tie for number one (usually with Online Armor) in all independent tests; it has never left first place since version 3.14.13009 released in June 2008, and as a firewall and HIPS application, even this nearly three-year old software still passes 100% of the latest security tests, the only software of that era to pass more than 70% (Zone Alarm Pro v7 from the same time passes only 27%). Report here: http://www.matousec.com/projects/proactive-security-challenge/results.php
qiuyinffy Posted June 3, 2011 Posted June 3, 2011 This virus makes my tree on my desk the other day, I found myself running malware about 4 times before disposing of it completely! But I guess I have to wipe my computer anyway.
Ten10 Posted June 3, 2011 Posted June 3, 2011 This virus makes my tree on my desk the other day, I found myself running malware about 4 times before disposing of it completely! But I guess I have to wipe my computer anyway. Download and run rkill, it looks for any common running processes from malware and stops them. This allows malware removal tools to stop malware more effectively. However, for peace of mind I probably would wipe everything too.
Ike Posted June 3, 2011 Posted June 3, 2011 Should probably run a scan for bots while your at it as well.
Ten10 Posted June 3, 2011 Posted June 3, 2011 Should probably run a scan for bots while your at it as well. Hey it's Friday, tired and slacking off at work. It happens dude.
Ike Posted June 3, 2011 Posted June 3, 2011 Hey it's Friday, tired and slacking off at work. It happens dude. Me too I was aiming at "qiuyinffy" rather than you though.
Recommended Posts