Jump to content


Photo

Random Redirect


  • Please log in to reply
25 replies to this topic

#1 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 18 March 2010 - 12:58 PM

Alright, to start at the begining I've had quite a few years experience removing spyware, malware, adware, and viruses. So to keep myself safe from those anoying little abominations, I make sure to keep Spybot Search and Destroy (Best I've found to date) up to date. I make sure to immunize and use both system protectors (Tea Timer and Spybot Resident Shield) running. I don't go downloading anything that says "Free" on it. I limit my downloads to trusted sites like Sourceforge and Download.com. I also make sure to NOT use Internet Explorer as I might as well leave a sign up that says "COME ON IN!" and bend over. I use Firefox and just recently Opera. The reason I chose Opera is because whatever hit me also effected Firefox, and later Opera. Of course I didn't know that until it happened. So now onto the problem.
It started small at first, I would do a search and click a link and I would get redirected to a spam site. I would go back, hit the same link, and then I'd get the actuall webpage I wanted. Soon I couldn't get to sites at all. I brought up task manager and there would be anywhere between 5 and 10+ instances of IE runing. So I uninstalled IE thinking it was an IE problem. Nope, Firefox got hit too. So I uninstalled that and installed Opera. Then it got hit. I tried spybot, I tried online spyware scans, I tried process explorers that showed me what was attached to each process and would show each module. I mean I tried everything to figure out what was going on. Everything came up negative. So I decided to format and reinstall windows 7. Of course with Windows 7 formating the HDD is now optional. That's about the ONLY redeaming feature of 7. Anyway, I had to do it anyway as my system was becoming more and more corrupt. Less and less stable. I tried everything to keep from doing that. Now here I am, a fresh install of Windows 7. Everything running smooth. Installed all the usuall software, uTorrent, Opera, Spybot, Digsby, Media Player Classic, and WolfTeam (Game). The only thing uTorrent is downloading is movies, no software. Then, just about an hour ago it happened again. It was a single instance, and nothing since. Again, everything comes up clean. Has anyone else had this problem?

Edited by Emus, 19 March 2010 - 05:16 AM.


#2 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,475 posts

Posted 18 March 2010 - 04:37 PM

Hi Emus, and Welcome to SWI

There are several infections that will cause redirections, so after the fact there's no way to really tell what it was.

The only thing uTorrent is downloading is movies, no software.

That still leaves you vulnerable to infection from the downloaded files, not to mention that if it's copyrighted movies (and most are), it's wrong.

The threat is both from the downloaded files (even movies), and possible misconfiguration of your P2P program that leaves your system vulnerable.

P2P programs represent a security threat to the information on your system as they allow others to access your system. Just look at the number of high profile compromises in the news as a result of P2P software:
Data about Obama's helicopter breached via P2P?
Leak of congressional ethics document prompts calls for cybersecurity probe
Walter Reed suffers peer-to-peer data breach
Update: Seattle man arrested for p-to-p ID theft

More listed here:
Data Security Threats And Breaches
You should read the link at the bottom of that page:
Why File Sharing Networks Are Dangerous (Dartmouth study, .pdf file)

In many cases P2P programs also represent a risk of infection from the program itself, as some have installed adware/spyware, or other programs without consent. Even if the program itself is clean, many P2P networks are riddled with malware, and it's often the newest, most difficult to remove malware. There are many risks associated with P2P programs, none are worth the risks.

If you continue to use a P2P program, I would use a good antivirus, and keep it up-to-date, and even then you remain vulnerable to become infected again. I would also run Malwarebytes' Anti-Malware from http://www.malwareby...m-download.php.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#3 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 18 March 2010 - 08:41 PM

Seriously?? You really aren't running an antivirus and firewall?? Really?? It is likely that your computer was infected for a lot longer than you realized...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#4 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 19 March 2010 - 05:15 AM

Perhaps someone could recommend an AV program that won't end up screwing up my system. All the ones I've tried:
Norton
Symantec
AVG
Kaspersky
McAfee
Zone Alarm

I'm using Malwarebytes now, and it got the file. I greatly appreciate the recommendation. It's why I'm asking for another now. I'm just sick of AV programs that get in my way. I do a lot of CD Emulation, 3D Development, gaming, and setting up the occasional server. Please no lectures on the importance of AV and AS security with servers. I've never had this happen before. So it's really embarissing to get caught with my pants down like this. Any help would be apprecieated. Also, pardon the spelling. At this point I'm tired of trying to figure things out by trial and error and by myself. I'm all ears. Just let me know what needs to get done. Thanks in advance.

Edited by Emus, 19 March 2010 - 05:16 AM.


#5 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 19 March 2010 - 06:07 AM

You will not find an antivirus that lets you do a bunch of potentially illegal activities without making some fuss... And you may believe you haven't had a problem without one, but that doesn't mean you didn't and don't... A lot of infections are extremely effective at hiding, especially if you are not running an antivirus... Criminals today are not interested in bragging about how your computer is infected... They are interested in making money and an obviously infected computer interferes with that goal... The redirects that tipped you off that you were infected are the work of sloppy criminals... Some infections are even designed to block or protect against those types of obvious infections so the user goes along without even knowing that the computer is part of a botnet army...

MBAM is NOT designed to provide full protection and using it without a full set of security options is misusing it... If you are not interested in using full security, please get off the web since your computer is probably being used to infect other computers and we already have more people needing help than we have time to help...

As for recommendations: Kaspersky is a good antivirus... If you are not willing to use it, that is probably more because of you than the program... Any of the others are okay as well, but may not be as lean... NOD32 is quite lean and effective, but will probably also object if you are doing things that provoke its defenses...

And again, if you are going to be online, you need an firewall...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#6 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 19 March 2010 - 10:25 AM

Sorry if asking for help is such a bother. I use CD emulation as it's a lot easier and faster than finding physical disks and swaping them in and out. Just because someone uses CD Emulation and P2P software doesn't mean he's up to potentially illegal activities. I've gotten NOD32 and Sunbelt Kerio Personal Firewall. Hopefully this will end the problem. I just hope I'll still be able to use my computer with all this "protection." In the past all this "real time protection" did was slow down my system to the point I couldn't do anything. If the only way to make my system secure is to make it unusable perhaps I should go to linux.

#7 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 19 March 2010 - 02:08 PM

I've gotten NOD32 and Sunbelt Kerio Personal Firewall. Hopefully this will end the problem.

Should be a good choice... However, no protection programs will guarantee a clean system - keeping your system up-to date and all important programs (like Adobe Reader, Flash Player, Quick Time, etc. ...) updated is as important as running protection software... Nowadays, malware developers can "infect" legitimate web pages - if you have outdated programs installed and your antivirus' "WebShield" doesn't detect an exploit - your computer will get infected... (that was probably a case here...)

I just hope I'll still be able to use my computer with all this "protection." In the past all this "real time protection" did was slow down my system to the point I couldn't do anything.

Since you've already chosen your protection software, this link might not be of help, however, I'll post it anyway, as others may benefit from it:
Anti-Virus and Internet Security Products Performance Benchmarking (2010): antivirus_10-performance-testing-ed4.pdf

Remember, basically every good antivirus product can be configured... You can always try tweaking it a little bit (if you know what you're doing) - like excluding some files from scanning (like big files you work with, for example in 3D development), turning some protection off while working (and not using internet, for example), etc. ...
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#8 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 19 March 2010 - 06:27 PM

It is never a bother for people to ask for help... It is a bother when people find it to be too much hassle to use adequate protection on the web since every infected computer will potentially infect hundreds more and will help enrich the criminals who produce this garbage... I am not assuming you are doing anything illegal, I am assuming that whatever you are doing can be done with adequate protection in place, though it might require a little tweaking as snemelk noted...

And yes, Linux is still safer than Windows because, like Apple, it is not common enough for criminals to waste their time on it... Even so, there are some things that can even mess with a Linux install...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#9 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 20 March 2010 - 03:40 AM

It's not that it's a hassle. It's the fact that I've tried just about every AV program out there with my Windows 7 and almost none work. As soon as the real time protection kicks in my system is so bogged down I can't even watch a movie. Also, NOD32 and Sunbelt firewall aren't compatible with Windows 7. This feels like Windows 95 all over again. I want my system clean. I don't want to keep fighting against people that get off on screwing up peoples computers. I want this finished and done with. I need a free solution as right now I'm unemployed. So give me some advice and I'll do what I can. As far as the firewall goes, in hindsight it makes perfect sense. However, I am behind a router. I was always told that if I had a router I didn't need a software firewall. I guess now with infections hitting websites like google you need it so you can block it from dialing out and further infecting you. Also helps run the problem down. I do a lot of online gaming, and processor intensive tasks. I hope there's something out there that can help me.

#10 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,933 posts

Posted 20 March 2010 - 03:52 AM

These programs are all Windows 7 compatible:

Avira
A Squared
Avast 5
CCleaner
ESET Anti-Virus
Hosts File
Kaspersky Internet Security 2009
MalwareBytes'Anti-Malware
Online Armor Firewall
Outpost Pro Firewall
Panda Cloud Antivirus
SpyBot Search and Destroy
SpywareBlaster
Sunbelt Vipre Anti-Virus and Anti-Spyware
WinPatrol
a112.gif


 
My help is free, but if you wish to help keep these forums running please consider a donation, see here for details.

#11 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 20 March 2010 - 04:46 AM

Update: 3/20/2010 at 7:13am
This keeps reappearing in my registry.
"Bhicatonu rundll32.exe "C:\Users\Boba Fett\AppData\Local\udanawifukine.dll",Startup"
It's under
HKEY_CURRENT_USER/Software/Microsoft/Windows/Current Version/Run
Anyone have any ideas? I'd upload the dll but I REALLY don't want to infect anyone. In my defense I am trying to protect myself. Malware keeps finding these entries, but not the file itself, or files themselves. In the scan results it lists the registry entry. I went to the entry to find the file name.

Update 2: 3/20/2010 7:31 am
I did a little editing of the registry entry. Apperantly whatever uses it relies on the entry name and not the content. I removed the startup at the end and renamed rundll32.exe to rundll2.exe. So far it hasn't reappeared in it's original form. I will keep an eye on it till this issue is resolved.
Original Entry:
rundll32.exe "C:\Users\Boba Fett\AppData\Local\udanawifukine.dll",Startup"
Edited Entry:
rundll2.exe "C:\Users\Boba Fett\AppData\Local\udanawifukine.dll","


These programs are all Windows 7 compatible:

Avira
A Squared
Avast 5
CCleaner
ESET Anti-Virus
Hosts File
Kaspersky Internet Security 2009
MalwareBytes'Anti-Malware
Online Armor Firewall
Outpost Pro Firewall
Panda Cloud Antivirus
SpyBot Search and Destroy
SpywareBlaster
Sunbelt Vipre Anti-Virus and Anti-Spyware
WinPatrol

I can't thank you enough. I've already got Spybot Search and Destroy, Malware, and CCleaner. I feel a bit strange asking which of these are free and which do you recommend for AV and Firewall purposes. Course now that I ask it's not such a big deal.

Edited by Emus, 20 March 2010 - 05:37 AM.


#12 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,475 posts

Posted 20 March 2010 - 09:53 AM

This keeps reappearing in my registry.
"Bhicatonu rundll32.exe "C:\Users\Boba Fett\AppData\Local\udanawifukine.dll",Startup"

That's part of an infection. You need to read the Forum FAQ and open a topic in the Malware Removal forum and post a HijackThis log. The infection may be from your P2P downloads; even though they are movies, unlike what you seemed to believe they can still infect you.

I feel a bit strange asking which of these are free and which do you recommend for AV and Firewall purposes. Course now that I ask it's not such a big deal.

Not a big deal at all.

A Squared is free, but MBAM is also free, and much better.
Avast 5 has a free version and it's one of the better antivirus programs available
AVG also has a free antivirus, as does Avira. Both are Windows 7 compatible.
CCleaner is a free utility for cleaning temp files; I don't recommend using the registry cleaning feature (or any registry cleaner).
MVPS HOSTS file is excellent, and it's free
Online Armor has a free version of their firewall
Jetico Personal Firewall is also free for personal use and is compatible with Windows 7 (32-bit)

If you have trouble with a particular antivirus, most have configuration options that can reduce problems (although at the risk of less protection) with options like an adjustable level of heuristic detection, the ability to detect (or not detect) potentially unwanted programs like FTP programs, instant message programs like MIRC, and joke programs. There is also often an option to not scan files over a certain size, such as large movie files, but as you have already seen, that could make you more vulnerable as media files can infect you as easily as any other type of file. Block scanning of large files, and that movie file can then infect your system.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#13 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 20 March 2010 - 10:27 AM

Your frustration at having to mess with this is something we are all familiar with... That is why we volunteer at this forum... We all hate the fact that the Internet, which is a great resource, is polluted with criminals who make it harder for everyone to use it safely... That is also why we want to see everyone use adequate protection... If all computers were armored up and people used safe surfing practices, there would be no criminal element because the money would dry up... Since millions do not maintain safe systems and their systems are infected to use against everyone else, the criminals make billions and keep growing in numbers and sophistication...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#14 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 20 March 2010 - 10:42 AM

A Squared is free, but MBAM is also free, and much better.
Avast 5 has a free version and it's one of the better antivirus programs available
AVG also has a free antivirus, as does Avira. Both are Windows 7 compatible.
CCleaner is a free utility for cleaning temp files; I don't recommend using the registry cleaning feature (or any registry cleaner).
MVPS HOSTS file is excellent, and it's free
Online Armor has a free version of their firewall
Jetico Personal Firewall is also free for personal use and is compatible with Windows 7 (32-bit)

If you have trouble with a particular antivirus, most have configuration options that can reduce problems (although at the risk of less protection) with options like an adjustable level of heuristic detection, the ability to detect (or not detect) potentially unwanted programs like FTP programs, instant message programs like MIRC, and joke programs. There is also often an option to not scan files over a certain size, such as large movie files, but as you have already seen, that could make you more vulnerable as media files can infect you as easily as any other type of file. Block scanning of large files, and that movie file can then infect your system.



The problem with most AV software is the always on protection. It's constatnly scanning all files on the drive and in memory. That uses a lot of processor power to the point where my mouse lags and my system hangs for long periods of time. I do have a quad core machine with 3 gigs of ram. I defragment my hard drive on a regular basis. The strange thing is I only experienced this with Windows 7. With windows xp pro I could use the always on protection and still have power to spare and I was running on a hyper threaded 3.2Ghz with 1 gig of ram. Far less than this system.

Your frustration at having to mess with this is something we are all familiar with... That is why we volunteer at this forum... We all hate the fact that the Internet, which is a great resource, is polluted with criminals who make it harder for everyone to use it safely... That is also why we want to see everyone use adequate protection... If all computers were armored up and people used safe surfing practices, there would be no criminal element because the money would dry up... Since millions do not maintain safe systems and their systems are infected to use against everyone else, the criminals make billions and keep growing in numbers and sophistication...


Yeah. It's getting to the point that I want to see them in jail for the rest of their natural lives as, in my opinion, that software is in violation of the first amendment of the constitution, a right to privacy. It's very simple. It monitors your browsing habits and sells them to the highest bidder. It's no diffrent than someone standing over your shoulder and watching everything you do, and reporting in on it. The only diffrence is that one is electronic, and if it were an actual person you could hit him with your car. Course I wouldn't recommend that as it would probably do more damage to your car than was worth it. I honestly belive people who engage in designing malware of ANY kind, spyware and viruses, are guilty of a felony. Adware is diffrent as it doesn't have to be malicious. Say I get a totally free programing that displays an ad in it's GUI that's chosen at random. The program doesn't monitor my browsing and for all intents, stays to itself. That I have NO problems with as I can ignore that. Course it's not as effective as people want. Those are the people that enough is never enough. I really wish the government would get involved, or at least a private agency would be created to not only combat this, but would see that those guilty of this crime were punished. Oh well, enough soap boxing. I'll try AVG and look around for a Windows 7 compatible firewall. That's the other thing I liked about XP, almost everything worked for it. I feel like this is Russian Roulette with computer security.


==============================
Update: 3/20/2010 at 12:59 pm|
==============================
I have installed Avast. I used the MVPS HOSTS file. So far Avast is the answer to my prayers. It has all the shields I want. All the protection I want. All the configurability I want. The best part is, it's quiet. I'm doing all my normal stuff and it's doing it's scanning in the background, completely unnoticed. This is fantastic. I think when I start working I'll invest in Avast Pro. I think it's worth the money. Now that I have that, all I need now is a firewall. As far as the HOSTS file goes. It's been so long since I had a computer issue I totally forgot it existed. Thank you for reminding me. I love how Avast has P2P protection and supports uTorrent. I go to OCRemix a lot. I download full albums from there, which is legal. It uses torrent files to do so. Just to give a brief explination, OC remix stands for OverClocked Remix. It's a site dedicated to video game music. You can download the original in game music, or download user created remixes or all around original sound tracks. I recommend Dark Side of Phobos to any Doom fan out there. So anyway. I'm glad with Avast I can have my cake and eat it too, so far. If I still have problems then bye bye uTorrent and P2P in general. I'm going to go searching for a firewall now and will update this post with the results.
============================
Update 3/20/2010 at 1:59 pm|
============================
Everything is running smoothly and the mysterious entry into my registry, the one that I discussed earlier, is totally gone. It seems everything is running as it should be. Thank you for all your help.

Final Note: Did my first scan with Malware and Avast. All clean. Seems that's all for now. With all the help you all have been I felt I owed it to you to show you how it ended. Everything is going smoothly. I haven't tried gaming yet, but it seems it won't be a problem. I may have to turn down a few graphics settings, but that's fine, I'll live.

Edited by Emus, 20 March 2010 - 12:40 PM.


#15 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 20 March 2010 - 10:11 PM

The problem with most AV software is the always on protection. It's constatnly scanning all files on the drive and in memory. That uses a lot of processor power to the point where my mouse lags and my system hangs for long periods of time. I do have a quad core machine with 3 gigs of ram. I defragment my hard drive on a regular basis. The strange thing is I only experienced this with Windows 7. With windows xp pro I could use the always on protection and still have power to spare and I was running on a hyper threaded 3.2Ghz with 1 gig of ram. Far less than this system.


I am using 64 bit NOD32 in Vista and I am not even aware of it running about 99% of the time... If it is taking a lot of processor power, it is either configured badly or it is a malware infection that is actually draining your power...

Yeah. It's getting to the point that I want to see them in jail for the rest of their natural lives as, in my opinion, that software is in violation of the first amendment of the constitution, a right to privacy. It's very simple. It monitors your browsing habits and sells them to the highest bidder. It's no diffrent than someone standing over your shoulder and watching everything you do, and reporting in on it. The only diffrence is that one is electronic, and if it were an actual person you could hit him with your car. Course I wouldn't recommend that as it would probably do more damage to your car than was worth it. I honestly belive people who engage in designing malware of ANY kind, spyware and viruses, are guilty of a felony. Adware is diffrent as it doesn't have to be malicious. Say I get a totally free programing that displays an ad in it's GUI that's chosen at random. The program doesn't monitor my browsing and for all intents, stays to itself. That I have NO problems with as I can ignore that. Course it's not as effective as people want. Those are the people that enough is never enough. I really wish the government would get involved, or at least a private agency would be created to not only combat this, but would see that those guilty of this crime were punished. Oh well, enough soap boxing. I'll try AVG and look around for a Windows 7 compatible firewall. That's the other thing I liked about XP, almost everything worked for it. I feel like this is Russian Roulette with computer security.


I would still recommend that you post a topic in Malware Removal with a HJT log...

As for the government getting involved and private agencies doing so, there are many private agencies already involved... Even Microsoft has entered the battle and gone after some major scumbags... The government of the USA and InterPol have done a number of major busts over the years... However, this is a hydra with many heads... When they take out one, another springs up and they usually can't take out the whole thing... The Russian gang that was doing most of the worst stuff a couple of years ago got shut down and chased out of Russia, only to land somewhere in China and then some other places... There are too many safe havens for them and they just move around if they lose one of them... Some countries, like China, may even help some of them when it involves attacking the USA... There is evidence that Al Quaida and other terrorists groups are behind some as well... It will take a worldwide effort and individual users being responsible to shut them down... Unfortunately, that makes it unlikely that it will happen anytime soon, so we still keep hoping for a tool or operating system that is actually effective at making it all secure without requiring technical expertise on the part of the user...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#16 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 21 March 2010 - 02:03 AM

I am using 64 bit NOD32 in Vista and I am not even aware of it running about 99% of the time... If it is taking a lot of processor power, it is either configured badly or it is a malware infection that is actually draining your power...


Well, so far Avast is doing a great job. I can't even tell it's there. Finally got one that works.

I would still recommend that you post a topic in Malware Removal with a HJT log...


I'll do that as soon as I'm done doing windows update.

As for the government getting involved and private agencies doing so, there are many private agencies already involved... Even Microsoft has entered the battle and gone after some major scumbags... The government of the USA and InterPol have done a number of major busts over the years... However, this is a hydra with many heads... When they take out one, another springs up and they usually can't take out the whole thing... The Russian gang that was doing most of the worst stuff a couple of years ago got shut down and chased out of Russia, only to land somewhere in China and then some other places... There are too many safe havens for them and they just move around if they lose one of them... Some countries, like China, may even help some of them when it involves attacking the USA... There is evidence that Al Quaida and other terrorists groups are behind some as well... It will take a worldwide effort and individual users being responsible to shut them down...


Unfortunately, that makes it unlikely that it will happen anytime soon, so we still keep hoping for a tool or operating system that is actually effective at making it all secure without requiring technical expertise on the part of the user...


I'd love to see that happen. Thing is, as far as that latter part. All you'd need to do is explain things in a common language, it's called laymans terms. I've read the descriptions that Microsoft uses for it's settings and options. It's another language. Fine, leave it in that language but give a translation next to it. But it's a long way off so long as marketing and PR have such a heavy say in it's development it's going to be slow. I just think that Windows is rushed into production too fast. I do understand why. Tell me something, Linux is open source and comes with development tools in the OS itself to allow the user to make changes. If Windows were more user configurable would that help any or make it worse? I'm not saying make Windows open source.

#17 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 21 March 2010 - 08:03 AM

There actually was an effort to make at least part of Windows open source -- I am not sure whatever came of it... Linux has the advantage of being used by a small number of users, mostly tech types who understand security pretty well already... If it suddenly acquired a 40% market share of the OS market, you can bet that the criminals would be on it like flies to fecal matter... And yes, MS and a lot of other companies could go a long way to fixing some of the problems by writing things in a way that make sense... One of the things that bugs me most is when a pop-up asks if I want to close or open something that has a problem, but doesn't give me any clue what it is referring to...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#18 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 21 March 2010 - 10:10 AM

I can't even begin to tell you how many times I've gotten a mysterious error. I've gotten "An error has occured." I sit there and go "Okay. And?" Just the random nature of the message and lack of information almost makes it humerous. These are 2 true stories of bizzar error messages, pardon the spelling.
Error 1:
I do a lot of development. Well I needed to install Adobe Flash. I belive it was Adobe Flash 5 at the time. I go on with the install. Enter registration info. It does it's little song and dance. Then suddenly I get "Error: 40" and that's it. I hit okay and the thing closes down. Wow. Wonderfuly descriptive. I do a web search. Nothing. For some reason that moment I had the distinct feeling Adobe Flash was laughing at me.
Error 2:
This is way back in the days of Windows 98/ME. To this day 98 is one of my favorite OSes, anyway. So I'm installing Windows ME. Everything is going along fine. Then suddenly durring the install I get a very strange error message. "An error has occured: Win_FU." I hit okay and the thing reboots. It tries to start over but has the same problem. So I start from the beginning and format the HDD. Solved the problem. But as I sat there I thought of the error message. "Win_FU." It occurs to me that it probably couldn't display a space so it put an underscore. Then it hit me. Windows was telling me F You, or at least that's how it sounded. Even in it's earlier years Windows was a stuborn OS.

Just thought I'd share those with you.

#19 screen317

screen317

    SWI Sentinel

  • Global Moderator
  • PipPipPipPipPip
  • 8,814 posts

Posted 21 March 2010 - 09:16 PM

that software is in violation of the first amendment of the constitution, a right to privacy.

Thought that was the 14th amendment... :rolleyes:


In all seriousness though, as has already been said, we share your frustration and we redirect it in an effort to combat the criminals.


In addition, I've been using MBAM and Microsoft Security Essentials with Windows 7 (32 and 64bit) with great success. It is very light on resources too, which is always great.

Please consider donating to help support the continued prompt and excellent services of this site.


#20 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 22 March 2010 - 02:46 PM

You're right. It is the 14th. Thanks for the correction. I'm just really happy this can be resolved and there are forums and sites like this one that helps people like me. I know a fair share about computers, it's just when it comes to securing yourself there are so many products that say so many things. I'm glad this site was able to point me in the right direction. So far I've been able to keep things clean, I hope. Like Budfred and I talked about, the only time you can tell is when someone gets sloppy. Thank God for the human condition. With all the admins and experts around here I'm supprised they all haven't gotten together to make a few programs that would help with all this. That way you wouldn't have to download 20 tiny programs to do 100 diffrent things, to see if you have an infection. I know I'm exagerating, but still. Course the obvious answer is that they're all busy. A guy can dream though.

#21 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 22 March 2010 - 07:42 PM

MBAM was created by a number of people who are on our staff, including one who was formerly an Admin... Most of the other tools we use to kill infections were created by people on our staff and most try to deal with more than one thing at a time if they can... It takes a huge amount of effort to keep even one targeted tool updated... A tool like MBAM requires an entire staff and can afford to pay people because they sell it in addition to offering the free version...

Also, not all of us are computer programmers who can write code...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#22 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 23 March 2010 - 05:10 AM

MBAM was created by a number of people who are on our staff, including one who was formerly an Admin... Most of the other tools we use to kill infections were created by people on our staff and most try to deal with more than one thing at a time if they can... It takes a huge amount of effort to keep even one targeted tool updated... A tool like MBAM requires an entire staff and can afford to pay people because they sell it in addition to offering the free version...

Also, not all of us are computer programmers who can write code...


Well, perhaps a list should be compiled of the tools used by this site, and how to use them to clean an infection. It might reduce the number of help requests if people can do it on their own. Watch, with my luck there's already a post somewhere that does just that.

#23 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 23 March 2010 - 05:15 AM

Two of them:

http://www.spywarein...showtopic=79038

http://www.spywarein...showtopic=60955

Many of the tools we use are too complex and powerful to just ask people to run independently... Running them on a computer when they are not needed can sometimes make the situation worse... Those tools are not in those articles...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#24 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 23 March 2010 - 06:41 PM

I don't know what's going on. I think I got hit with something. All of a sudden my system is slowing down. It's not running programs. Browsing is almost impossible. Avast is taking up massive amounts of memory and processor power. I have no idea what's going on. I'd rather not have to format as I have hundreds of gigs of movies that I have no way of backing up.

#25 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,525 posts

Posted 23 March 2010 - 08:56 PM

I believe you are getting help in another topic in Malware Removal... Please focus on that topic for cleanup... It is possible that you got hit or it is possible that whatever you cleaned was only the clumsy attack and you have a persistent infection under the surface... I suggest you find a way to back up those hundreds of gigs, but scan them with more than one tool before using them... If you can't afford an external drive to back them up, if you have a decent sized old hard drive, a kit to make it connect by USB can be found for under $20...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#26 Emus

Emus

    Member

  • Full Member
  • Pip
  • 21 posts

Posted 24 March 2010 - 05:31 AM

I think you're right. I think I'll just have to put all that stuff on some old hard drives.




Member of UNITE
Support SpywareInfo Forum - click the button