Virus alert
- Thread starter iAndy
- Start date
Was on earlier today and got hit by some malware....... Computer now dead so be careful if anything pops up don't click! I clicked cancel and still got hit, our IT guy been trying all afternoon and is still struggling
what did it pop up, advert or something?
GrumpyTwig
"the troll hunter" with added boost!
Had to fix a relatives laptop at the weekend for something similar, only took an hour (most of which was just waiting for it to load/run things).
Horrible stuff malware these days as they often alter registry settings that hide and lock you out of the exact parts of the OS you would usually need to fix it.
A tip to people is to not use IE and use Firefox/Chrome and keep your antivirus up to date.
If anything asks for credit card details DO NOT enter them lots of people get trapped on those.
Horrible stuff malware these days as they often alter registry settings that hide and lock you out of the exact parts of the OS you would usually need to fix it.
A tip to people is to not use IE and use Firefox/Chrome and keep your antivirus up to date.
If anything asks for credit card details DO NOT enter them
lots of people get trapped on those.
GrumpyTwig
"the troll hunter" with added boost!
The browsers above have pop-up blockers so you shouldnt get any, hit ctrl+shift+esc for task manager and kill the process manually if you're concerned.
ALT+F4 is liked writing a letter and sending it second class to the program to ask it nicely to close if it could be so kind. Task manager is like cutting it's heart out with a Bowie knife
Best thing to do is stop visiting those dodgy sites paul
ALT+F4 is liked writing a letter and sending it second class to the program to ask it nicely to close if it could be so kind. Task manager is like cutting it's heart out with a Bowie knife
Best thing to do is stop visiting those dodgy sites paul
Only time I turn pop-up back on is when banking as they like to spawn new windows when viewing accounts history.
Also I ensure all active stuff off and don't even have java plug-in anymore.
I use to write some nifty VB & Java based scripts & Apps while I was in IT so know how easy it is to remotely change & install my code especially when you got admin rights.
Task manager is good, but you sometimes need to know what process your looking for.
Also I ensure all active stuff off and don't even have java plug-in anymore.
I use to write some nifty VB & Java based scripts & Apps while I was in IT so know how easy it is to remotely change & install my code especially when you got admin rights.
Task manager is good, but you sometimes need to know what process your looking for.
GrumpyTwig
"the troll hunter" with added boost!
IExplorer.exe/Firefox.exe/Chrome.exe
If they've managed to hit and run any other EXE then it's usually too late!
steps to happier online fun
1. dont use IE. EVER
2. install chrome / firefox / opera
3. install noscript variant
4. install sanboxie and dont trust your webrowser outside of the sandbox
and if you really want to protect yourself, just run an internet appliance via vmware
I dont use windows so please take this advice with a large dose of salt..
1. dont use IE. EVER
2. install chrome / firefox / opera
3. install noscript variant
4. install sanboxie and dont trust your webrowser outside of the sandbox
and if you really want to protect yourself, just run an internet appliance via vmware
I dont use windows so please take this advice with a large dose of salt..
If the malicious code was java based then you'd need to kill the java runtime as well, as that will run in it's own space after being launched and that can be hidden as anything on a website.
Why I no longer have it
Why I no longer have it
iAndy
Platinum Member
It came up with a like grey box with loads on codes about 40 boxes opened so I said cancel to them, then a scan window came up which I thought was AVG doing its stuff as it had put a Trojan horse into a vault (must be a big vault to fit a horse in) then it had error messages saying hard drive had got to 93 degrees and said fix errors.... Instead of clicking fix i rang out IT geezer and he said close it and I'll come down and it wouldn't close so just powered off, he has taken it away to cure, from now on.... Tapatalk on iPad or iPhone lol
---
I am here: http://maps.google.com/maps?ll=53.706625,-1.687554
---
I am here: http://maps.google.com/maps?ll=53.706625,-1.687554
What section were you in when it happened, as last night was bored so fired up my win7 and basically opened up Ie going here but not found any pop-ups launching.
Also your IT dept. might want to check their group policies as assume your work machine is on a network and if so it'll prob. be Active Directory. As it sounds like your desktop's aren't locked down enough and for a business machine that's dangerous, even its it's stand alone still needs to be more secure.
I spent many years in design and architecture of windows server & desktop platforms, Core O/S & Active Directory, group policy, DNS, DHCP & VMware, Citrix & MSTS were my key area's of specialisation.
Also your IT dept. might want to check their group policies as assume your work machine is on a network and if so it'll prob. be Active Directory. As it sounds like your desktop's aren't locked down enough and for a business machine that's dangerous, even its it's stand alone still needs to be more secure.
I spent many years in design and architecture of windows server & desktop platforms, Core O/S & Active Directory, group policy, DNS, DHCP & VMware, Citrix & MSTS were my key area's of specialisation.
GrumpyTwig
"the troll hunter" with added boost!
Did it look like this? (obviously without the FAKE)
Seems to be the latest iteration of one of many programs that hold your PC at ransom essentially.
That's what the laptop had caught that I had my hands on, wasn't all that difficult to remove though.
Seems to be the latest iteration of one of many programs that hold your PC at ransom essentially.
That's what the laptop had caught that I had my hands on, wasn't all that difficult to remove though.
My personal choice after machine has been affected is to re-image. Since Vista always use the system backup and create restore image after you've installed all your stuff, that way you can just boot with windows disk or startup disk (system backup creates) then erase partition & go with restore using image and then you know you got a completely clean machine and put any extra data back on via backup again from USB drive or NAS box.
For companies used to deploy remotely via Deployment services server (MS ADS), much quicker than messing around with a machine.
For companies used to deploy remotely via Deployment services server (MS ADS), much quicker than messing around with a machine.
iAndy
Platinum Member
Exactly like that! Our IT guy says will be quite quick to remove its just a case of doing a few scans which take time but he is gonna leave running, can't remember where i was i was justmunching some lunch and browsing then bang! Am no IT minded at all! Took me all my time to get wifi set up lol
GrumpyTwig
"the troll hunter" with added boost!
Thought so it wasn't difficult to remove in the end, a lot of documentation online for what specific bits of malware do and shouldnt take him more than an hour.
it wasn't difficult to remove in the end, a lot of documentation online for what specific bits of malware do and shouldnt take him more than an hour.Similar Thread Suggestions
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
|
New owner alert, 200 supercharged | New Members | 11 | |
| M | Helloooo, newb alert. | Clio General Chat | 21 | |
|
Welsh Noob Alert!! | New Members | 25 | |
|
Spoiler alert! | eBay Finds | 0 | |
| M | Heartbleed virus | Site Announcements | 8 |