Win 7 Security 2012

14 comments, 316 views, posted 2:28 pm 03/01/2012 in Rantings & Flame Bait by Rosie
Rosie has 2928 posts, 1358 threads, 107 points, location: FL USA
Uber Something
Tweet

http://www.teoti.co.uk/teh-internet/112259-tv-alternative.html?p=501872

And would you believe that it bit me again? I opened an html document that referred to MajorGeeks.com to answer a question in the above thread, and it started.

Again.

Comments

[1]

2:34 pm 03/01/2012

backroom

rogue killer
hitman pro
combofix
malwarebytes
superantispyware

in that order and in safemode.

2:36 pm 03/01/2012

Vormid

System Restore to a date prior to the day you caught it. Easiest way hands down.

2:41 pm 03/01/2012

Cnik

Just out of curiosity, does anyone know how a PC gets infected via an HTML page if the user is using antivirus software?

2:51 pm 03/01/2012

griffin

Quote by Cnik:

Just out of curiosity, does anyone know how a PC gets infected via an HTML page if the user is using antivirus software?

AV looks for known virus patterns and also (depending upon setup) looks for virus-like patterns. It generally isn't smart enough to figure out that a non-virus executable is a trojan (or will load one). Once it starts running the malware (because it may not be a virus) can shutdown or disable you AV, or even just not permit various operations (like system scan). The key thing is that the human either clicked on something or else loaded a page which contained malicious code. It is almost always human initiated.

Rosie should do a complete system scan, using several different tools, one after the other.

And also stop trying to get 'free' stuff off of seriously dodgy sites. Bad Rosie.

3:10 pm 03/01/2012

Rosie

I run the company selected McAfee.

Quote by griffin:

And also stop trying to get 'free' stuff off of seriously dodgy sites. Bad Rosie.

Sidereel.com Which is supposed to be a decent site.

3:20 pm 03/01/2012

griffin

Quote by Rosie:

Sidereel.com Which is supposed to be a decent site.

Which hosts user submitted links.
Edit: and you already told us about the malware you picked up from it.

3:40 pm 03/01/2012

Rosie

Quote by griffin:

Which hosts user submitted links.
Edit: and you already told us about the malware you picked up from it.

Yes, and I haven't been there on this computer since. It started when I clicked on an html document (for majorgeeks, no less) that opened in IE.

4:27 pm 03/01/2012

Quaektem

IE.... 'nuff said

5:26 pm 03/01/2012

thomasslavin

Sandboxie

7:25 pm 03/01/2012

Viscera

Quote by backroom:

rogue killer
hitman pro
combofix
malwarebytes
superantispyware

in that order and in safemode.

we use those two everyday at work

7:27 pm 03/01/2012

Rosie

I ran it all but combofix. That one scared me, and Bytey was asleep. Looks fine now.

7:30 pm 03/01/2012

backroom

I believe combofix is the one that does most of the heavy lifting.
It is safe... even if it generates a false positive w/ your av software.

10:42 pm 03/01/2012

Rosie

I think I got it.

11:22 am 05/01/2012

FlyOnTheWall

Not just IE to those unbelievers out there!!!!!!!!! We have clients that only use Chrome and Firefox who gets the same malware problems that we have to fix....

As to AV - antivirus products like Norton, McAfee, Sophos, Kaspersky, etc, are checking for VIRUSES. The stuff you pick up like this is not VIRUSES, but other types of malware. This is why you also use a malware checker over and above a virus checker.
Malware checkers will typically be nailed by proper viruses, as they expect users to also have AV products installed that check for viruses.

And then it is like any other system - these products pick up KNOWN problems. If they are not programmed to check for a specific signature/footprint/action, they won't pick it up - the same as having a flu-vaccine - it will only protect you against the specific virii you were innoculated against.....

[1]

Add Comment

Log in via teoti, or register to add a comment!

Teh Nook • MayrHayasdan • JaranWeb • AngryShirts • GoneGeek • Eat Liver