1. Visiting from the US? Why not try DIYnot.US instead? Click here to continue to DIYnot.US.
    Dismiss Notice

More darned malware - now is it dying?

Discussion in 'Software' started by ChrisR, 29 May 2011.

  1. freddiemercurystwin

    freddiemercurystwin

    Joined:
    21 Jan 2007
    Messages:
    18,519
    Thanks Received:
    2,028
    Location:
    Devon
    Country:
    United Kingdom
    Firstly my post was not directed to the OP. Secondly the 'advice' I have seen banded about in this Software Forum is embarrassing compared to the kind of thorough advice you can get on dedicated forums. I've directed posters to these kind of Forums before but they stick with the two minute half arsed fixes posters push in this Forum. I've had various bits of horrific malware or viruses bug my machine over the 5 years or so I've had it and have spent an hour or two getting rid of this bits and bobs with the good advice of proper experts. It runs as fast now as it did when I had it. Never had to do a re-install and have never been advised to do so by proper experts and frankly I wouldn't want know where to start. Like I say, it's the be-all end-all fix pushed by people who know no better. No skin off my nose if you're not the experts you think you are.
     
    • Thanks Thanks x 1
  2. Monkeh

    Monkeh

    Joined:
    25 Jan 2010
    Messages:
    4,149
    Thanks Received:
    329
    Location:
    Cornwall
    Country:
    United Kingdom
    Your so-called 'experts' would last about five minutes in the security industry. The very fact that you need their help shows you don't have the knowledge or right to criticise our advice.
     
  3. freddiemercurystwin

    freddiemercurystwin

    Joined:
    21 Jan 2007
    Messages:
    18,519
    Thanks Received:
    2,028
    Location:
    Devon
    Country:
    United Kingdom
    OOH try a few 2 second 'fixes' what do you mean it hasn't worked oh I know, lets do a re-install cos I know how to do that! I bet you work in IT! :LOL:
     
  4. Monkeh

    Monkeh

    Joined:
    25 Jan 2010
    Messages:
    4,149
    Thanks Received:
    329
    Location:
    Cornwall
    Country:
    United Kingdom
    Actually I don't presently. I have no patience for dealing with the likes of you and your 'experts'.

    Go back to a typewriter, even you can't get a virus on one of those. Unless you let someone else sneeze all over it.
     
  5. Igorian

    Igorian

    Joined:
    30 Mar 2004
    Messages:
    2,736
    Thanks Received:
    63
    Location:
    Northamptonshire
    Country:
    United Kingdom
    :D

    That's the nature of forums i'm afraid. Anyone can be who they want to be.

    I wasn't having a dig at you, I was generalising on the nature of malware. I agree, it's often the case that a repair can be made, but sometimes it is easier, from the Users point of view, to rebuild the O/S.

    Don't be too hard on those who suggest a rebuild. It's not always a cop out.

    The only part of your post I would disagree with is not wanting to know how to do a rebuild. While this is your personal choice, and I'm not suggesting that you or the OP should know, I certainly think it would be a benefit. If a hard disk were to fail for example.
     
  6. VaporTrail

    VaporTrail

    Joined:
    21 Jun 2011
    Messages:
    14
    Thanks Received:
    2
    Location:
    London
    Country:
    United Kingdom
    The best solution is this:
    A root kit virus cann NOT be detected by any anti-virus software so you have to be sure you haven't got it before you use these tools and feel safe.

    0. Starting with a 100% clean install (no borrowed dodgy copy OS)
    1. AVAST free home edition, least intrusive, fast and trustworthy.
    2. ProcessGuard by Diamond (if you use online banking this is a must). Protects from root kit viruses.
    3. Peerblocker (if you download films!)
    4. that's it.

    If you install ProcessGuard after having a root kit virus (not detected) then you basically protect the root kit virus.

    I have done extensive tests and with any major ISP, being connected with no anti-virus software for 20 minutes means you probably have a root kit virus infection.

    PS If you dont want to re-install then this is a 99% solution:
    diconnect internet!
    1.dis-infect PC with AVG rescue CD booting Linux from USB stick or CD.
    2. install processguard from usbstick
    3.install avast from usb stick
    4. reconnect internet

    The 1% risk with this solution is that a root kit virus is already installed but not become known to anti-viral definition databases (highly unlikely).

    PS can you fix a leaking stop cock for me in lead pipes in W1, please? I will pay a reasonable fee & throw in all of the above!
     
    • Thanks Thanks x 1
  7. VaporTrail

    VaporTrail

    Joined:
    21 Jun 2011
    Messages:
    14
    Thanks Received:
    2
    Location:
    London
    Country:
    United Kingdom
    A re-install may loose all your files. XP re-install can be done without losing your files but the route to achieve this is not logical (thanks Microsoft) and people do get caught out.

    To be 100% sure, you have to install a clean OS, install up to date anti-virus software & ProcessGuard BEFORE connecting to the internet. You need both in case the viral database is out of date for your particular infection (highly unlikely but we are talkign 100% here). Millions of bank passwords were found in the US by thieves using root kit viruses.

    If I cannot do a re-install for you :) (are you near SW or W1 London) then next best bet is to run the AVG rescue CD but to study the instructions first as if done wrongly will overwrite windows with Linux which means you've probably lost everything.
     
  8. ChrisR

    ChrisR

    Joined:
    24 Jul 2003
    Messages:
    23,931
    Thanks Received:
    1,304
    Location:
    London
    Country:
    United Kingdom
    VT that all sounds pretty deperate! :eek:
    I've googled a bit and the "info" out there is inconsistent to say the least. Some places say just reinstall XP and all will be well. Others quote
    ComboFix, Root Repeal and GMER
    which claim to deal with rootkits.
    Are there such things as reliable scanners which aren't just a scam to get money out of you, which can tell if there is a virus?

    I'm not doubting what you say - I've heard similar before, but it seems ridiculous that you can just connect to the net and something can get into a computer.

    While I was away I was with a guy who now works for the OFT looking into dodgy websites. Used to be with Special Branch digging into same, and before that some sort of network consultant. Quite alarming, the stories and figures he had!

    W1 - is a pita to work in! Half a day travelling, nowhere to park, nowhere to get bits, nightmare. That's how Pimlico do so well, but they always want to do loads of work. It depend what exactly is leaking. Take a picture of the offending tap and access to it and any other polaces the lead can be reached, and post it in the Plumbing section. Can the water be turned off upstream, like on the pavement?

    I'll keep looking for the XP discs - you know how it is...
     
  9. Sponsored Links
  10. freddiemercurystwin

    freddiemercurystwin

    Joined:
    21 Jan 2007
    Messages:
    18,519
    Thanks Received:
    2,028
    Location:
    Devon
    Country:
    United Kingdom
    If you want to sort it go somewhere like this and follow their instructions to the T and read the first thread before you post, they'll sort you out. http://www.techsupportforum.com/forums/f50/ and they won't even mention a reinstall.
     
  11. Monsterminty

    Monsterminty

    Joined:
    26 May 2011
    Messages:
    238
    Thanks Received:
    29
    Location:
    Pembrokeshire
    Country:
    United Kingdom
  12. ChrisR

    ChrisR

    Joined:
    24 Jul 2003
    Messages:
    23,931
    Thanks Received:
    1,304
    Location:
    London
    Country:
    United Kingdom
    Thanks all
    I just ran the microsoft rootkit finder thingy:
    http://technet.microsoft.com/en-us/sysinternals/bb897445
    and it didn't find anything other than a few bytes here and there which looked like nothing.
    SO, for now, happy days.
    But I'll check my bank statements very carefully!
     
  13. VaporTrail

    VaporTrail

    Joined:
    21 Jun 2011
    Messages:
    14
    Thanks Received:
    2
    Location:
    London
    Country:
    United Kingdom
    W1- yes, I can't get a decent plumber that leaves things dry. They want 4 times the rate for a 4 hour day. I've reverted to doing it all myself but this leaking stopcock on lead pipes might be beyond me. I can turn the water off (I fitted stop valves post this stopcock) but I haven't dealt with the leak. There is about 10 inchs either side of the stop cock. I think it just needs re-packing but turning the water off and draining is a 30 minute affair so I'd rather get someone to do it right first go. Pimilico charged me £600 to replace a toilet (2 hrs & used stupid flexi pan connector so I couldn't boss to a sink) and left it dripping. Like I say, I mostly do it myself now, if I can.

    Anyway, pm me!

    I have found variuous dodgy root kit/virus scan sites. I used to use Panda Anti-virus until I caught them releasing 'new' (therefore undetectable)viruses themselves- 100% verified. ProcessGuard gives you this information. Windows7 has ProcessGuard technology built-in. I helped write it and so I can give you it for free as I think there are some dodgy copies of it on the net & the main web site is no longer maintained.

    In my opinion there is no point doing any virus scan if there is reasonable suspicion that there is a root kit virus installed. Hence the AVG rescue disk recommendation. Its a DOS like product and if you use the CD version there is no risk of damaging windows. (It is the process of making a USB stick bootable that might damage windows). If you are not confident, then do not use the USB stick version.

    Can you burn an image to an ISO disk then boot from it? Get the ISO here, choose the ISO file http://www.avg.com/gb-en/avg-rescue-cd-download

    How to use here http://www.avg.com/ie-en/226386

    or here:
    "go into BIOS to boot from CD or select BOOT OPTIONS during computer startup"
    "Boot from AVG Rescue CD & wait!
    Select “AVG Rescue “
    Select Update, offline & use local files, navigate to USB stick with viral definition updates *.bin files, probably on sdb1 or sdb2 etc., sda1 would be C:
    Return to main menu, & run viral scan
    Choose delete or rename all infected files. This may disable Windows OS but you have no choice in order to be virus free.
    If Windows is dis-abled, obtain replacement files or re-install & over write existing installation to leave data & programs. A new install can loose programs & data.
    "

    This should remove root kit viruses. The proble is that if a Windows system file is infected (likely) then you'll need to do a re-install anyway (pm me!)
     
  14. VaporTrail

    VaporTrail

    Joined:
    21 Jun 2011
    Messages:
    14
    Thanks Received:
    2
    Location:
    London
    Country:
    United Kingdom
    Root kits are a real problem because htey look like Windows updates. Microsoft cannot detect them. No one can 100% detect them. A poorly written root kit might be detected but serious root kit writers don't write poor designs. The poor ones come from internet free source code compiled by some twacker.

    May I humbly point you to what micrsoft say about this tool you have quoted: "Is there a sure-fire way to know of a rootkit's presence?
    In general, not from within a running system. "

    But the AVG rescue disk boots linux so it can detect the fingerprint of the root kit virus (unless you mess up the scan options etc.). basically a root kit tells Windows to lie about its presence. There is no back door viewer in Windows. linux can look at all windows files so can see the root kit.

    Seriously, don't online bank unless you are 100% root kit virus free. The only reason people don't get hit more often is that these hackers have so many bank passwords that only a few are used for crime.
     
  15. VaporTrail

    VaporTrail

    Joined:
    21 Jun 2011
    Messages:
    14
    Thanks Received:
    2
    Location:
    London
    Country:
    United Kingdom
     
  16. VaporTrail

    VaporTrail

    Joined:
    21 Jun 2011
    Messages:
    14
    Thanks Received:
    2
    Location:
    London
    Country:
    United Kingdom
     
Sponsored Links
Loading...
Related Threads
  1. DIYspanner
    Replies:
    16
    Views:
    1,548
  2. JohnBoyII
    Replies:
    4
    Views:
    638
  3. Alison556
    Replies:
    16
    Views:
    1,338
  4. fitter
    Replies:
    9
    Views:
    1,428
  5. fitter
    Replies:
    0
    Views:
    514
  6. fitter
    Replies:
    0
    Views:
    457
  7. fitter
    Replies:
    0
    Views:
    481

Share This Page