Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: Nickbat on 19 December 2011, 17:37:22
-
Was looking at a ski-resort website (where some friends have just gone) when Windows reported a security issue and said it was closing Explorer. I immediately became suspicious and ran my Bullguard virus scan. It started OK and so I left it to run. When I came back, the screen was covered in write-error messages. Eventually a screen came up saying tht my Drive C was "unreadable" that it was "spinning 20% too slow", that my memory had reached "a critical 83-degree temperature" and so on. Needless to say, it had a box where I could buy a program that would fix all these problems. Yeah, right. :( :( ::) ::)
Anyway, using system restore, I got everything running OK and have since run SpyBot (it found threats and quarantined them) and also Trend Micro House Call to ensure it's all clean again. However, really annoyingly, the virus has randomly changed the attributes of loads of files to "Read-only" and or "Hidden". I have manually changed quite few back, but was wondering if it might not be easier to use a utility to batch change all attributes to normal and then change back the ones that need to be Read-only and Hidden. Trouble is, not sure which ones I would need to do that to.
Any useful tips for me?
BTW: Running XP SP2
Thanks in advance. :y
-
Malwarebytes freebie, run from Safe Mode if possible, as a starter for 10...
-
Although, that said, after any infection, if possible, I like to go down the rebuild route. I know thats not an option for some, and not everyone has as good a data backup policy as I do.
-
When it comes to this type of infection save what files you need (photos etc) and wipe and start again much safer
-
I find microsoft security essentials to be adequate and easy to use.. and its free..
after the system restore, open the system in safe mode with networking and install and search..
-
You sure it weren't a dodgy porn site nick. ;D ;D
-
Malwarebytes freebie, run from Safe Mode if possible, as a starter for 10...
Tried that Jaime, and nothing untoward detected. :y
Mind you, I would still like the answer as to what files should be hidden/read-only.
-
should off used widows update and got sp3, has the fix, keep windows updated.
-
should off used widows update and got sp3, has the fix, keep windows updated.
I just checked and I do have SP3.
-
should off used widows update and got sp3, has the fix, keep windows updated.
Is that dating software for more mature gentlemen? ;) ;D ;D
-
do you update each week or is it on auto?
yes it is for the more mature gentlemen
and backing up on reg time dose help.
-
do you update each week or is it on auto?
yes it is for the more mature gentlemen
and backing up on reg time dose help.
Think it's on auto, but you've got me thinking. Better go and check. ;)
-
do you update each week or is it on auto?
yes it is for the more mature gentlemen
and backing up on reg time dose help.
Think it's on auto, but you've got me thinking. Better go and check. ;)
Had a virus think it was last year that made windows update look on and it was really off, and when went into control pannel you get a box come up on page then disaper. think it was a spy root virus. got it off with comado.
-
Just had a Blaster32 worm....killed the comp. Blocks all exe programmes, System restore, Help and Support etc, etc. :( Managed to save a few essentials that were on that drive :y
This is why I only use C drive as the operating system, so a wipedown is not disasterous. All my other drives..D,E,F, I and J came off unscathed...(G is DVD, and H is my camera which was not connected)
Thought I would try Windows 7 this time....going well so far :y
-
Just had a Blaster32 worm....killed the comp. Blocks all exe programmes, System restore, Help and Support etc, etc. :( Managed to save a few essentials that were on that drive :y
This is why I only use C drive as the operating system, so a wipedown is not disasterous. All my other drives..D,E,F, I and J came off unscathed...(G is DVD, and H is my camera which was not connected)
Thought I would try Windows 7 this time....going well so far :y
Me, too. My D drive is data and is backed up daily online. :y
-
Me, too. My D drive is data and is backed up daily online. :y
I guess now is not the time to tell you that virii can replicate across drives then ;)
-
Me, too. My D drive is data and is backed up daily online. :y
I guess now is not the time to tell you that virii can replicate across drives then ;)
You can store Trojans anywhere, but as regards any other type of worm/virus, I have had a few in my time, believe me, but none have ever affected any other drive than the operating system drive (C). Must have been lucky. They are not on here long enough to settle !!! ;D ;D ;D :y
-
Malwarebytes freebie, run from Safe Mode if possible, as a starter for 10...
Tried that Jaime, and nothing untoward detected. :y
Mind you, I would still like the answer as to what files should be hidden/read-only.
Hidden will make jack all difference to operation... ...its there to stop stupid people deleting shit they don't understand.
Didn't think XP was secure enough to have much in the way of Read Only files TBH. Would need to find an XP machine to check against if you are still having problems.
Windows Update... ...bit of Billy Boolax being spoken here. Yes, its a good thing to have, and really should be on. HOWEVER, it would not have stopped this incident.
The biggest single thing you can do to prevent a repeat, is not run as a computer Administrator (I'll bet a gonad that you are). Yes, I know thats like slagging off your penile size, but honestly, try to run as a limited user. Then, anything you run, mostly only gets limited rights to your system, making it harder for it to infect it. Running as an admin gives all these website scripts (that you cannot necessarily control ;)) admin rights you your system.
Same with disabling UAC on Vista or Win7 - you'd have to be pretty retarded to do so, or to quote and old boss of mine, "a bigger *cough* than you think you are".
-
Me, too. My D drive is data and is backed up daily online. :y
I guess now is not the time to tell you that virii can replicate across drives then ;)
You can store Trojans anywhere, but as regards any other type of worm/virus, I have had a few in my time, believe me, but none have ever affected any other drive than the operating system drive (C). Must have been lucky. They are not on here long enough to settle !!! ;D ;D ;D :y
A fair few will scan other drives for things to infect, but in this case, it wasn't a virus, but a piece of malware.
-
can i have a medal now?? i've not mentioned fruity raincoats even ONCE ......
:y
-
can i have a medal now?? i've not mentioned fruity raincoats even ONCE ......
:y
They have plenty of virii now, moreso since the publication of the source for a PoC one a couple of years back. And malware. Although soon (actually now I believe, with most recent OSX), only code that the late Jobs says is OK will be runnable. And if you thought Jobs was nuts (he clearly was), he was the one playing the sensible game....
-
Malwarebytes freebie, run from Safe Mode if possible, as a starter for 10...
Tried that Jaime, and nothing untoward detected. :y
Mind you, I would still like the answer as to what files should be hidden/read-only.
Hidden will make jack all difference to operation... ...its there to stop stupid people deleting shit they don't understand.
Didn't think XP was secure enough to have much in the way of Read Only files TBH. Would need to find an XP machine to check against if you are still having problems.
Windows Update... ...bit of Billy Boolax being spoken here. Yes, its a good thing to have, and really should be on. HOWEVER, it would not have stopped this incident.
The biggest single thing you can do to prevent a repeat, is not run as a computer Administrator (I'll bet a gonad that you are). Yes, I know thats like slagging off your penile size, but honestly, try to run as a limited user. Then, anything you run, mostly only gets limited rights to your system, making it harder for it to infect it. Running as an admin gives all these website scripts (that you cannot necessarily control ;)) admin rights you your system.
Same with disabling UAC on Vista or Win7 - you'd have to be pretty retarded to do so, or to quote and old boss of mine, "a bigger *cough* than you think you are".
Thanks, Jaime. I am running under a name, but that name is in the administrator's user group, thus you are correct in your assertion (not about my penile size, but my lack of IT IQ! :-[ ).
I'll make the necessary changes. Thanks, again. :y
-
Me, too. My D drive is data and is backed up daily online. :y
I guess now is not the time to tell you that virii can replicate across drives then ;)
You can store Trojans anywhere, but as regards any other type of worm/virus, I have had a few in my time, believe me, but none have ever affected any other drive than the operating system drive (C). Must have been lucky. They are not on here long enough to settle !!! ;D ;D ;D :y
A fair few will scan other drives for things to infect, but in this case, it wasn't a virus, but a piece of malware.
Yep ageed not a virus but malware. And XP3 wont do break all to stop that. Remove by running freeby version of Malwarebytes to clean or post a Hijackthis logfile on a hijackthis forum (or email a copy to me)
-
Me, too. My D drive is data and is backed up daily online. :y
I guess now is not the time to tell you that virii can replicate across drives then ;)
You can store Trojans anywhere, but as regards any other type of worm/virus, I have had a few in my time, believe me, but none have ever affected any other drive than the operating system drive (C). Must have been lucky. They are not on here long enough to settle !!! ;D ;D ;D :y
A fair few will scan other drives for things to infect, but in this case, it wasn't a virus, but a piece of malware.
Yep ageed not a virus but malware. And XP3 wont do break all to stop that. Remove by running freeby version of Malwarebytes to clean or post a Hijackthis logfile on a hijackthis forum (or email a copy to me)
Thanks, dbug. I've done a HijackThis scan and would like to take you up on the offer to check over the log. Can you PM me your email?
Cheers
Nick :y
-
All this is baffleing stuff to me I can only comment that I have used Norton for about 4Yrs
Laptop is presently Windows 7
I can say never had any problems
In fact I think Norton possibly seems to do a tune up/back up etc every so often
It also looks after my passwords/signing in
Just thought I'd mention what a help I've found it to be
For what it costs well well worth it to me :y :y
-
Me, too. My D drive is data and is backed up daily online. :y
I guess now is not the time to tell you that virii can replicate across drives then ;)
You can store Trojans anywhere, but as regards any other type of worm/virus, I have had a few in my time, believe me, but none have ever affected any other drive than the operating system drive (C). Must have been lucky. They are not on here long enough to settle !!! ;D ;D ;D :y
A fair few will scan other drives for things to infect, but in this case, it wasn't a virus, but a piece of malware.
Yep ageed not a virus but malware. And XP3 wont do break all to stop that. Remove by running freeby version of Malwarebytes to clean or post a Hijackthis logfile on a hijackthis forum (or email a copy to me)
Thanks, dbug. I've done a HijackThis scan and would like to take you up on the offer to check over the log. Can you PM me your email?
Cheers
Nick :y
pm sent mate :y
-
pm sent mate :y
...and responded to! :y :y :y :y