Computer problem

Here is a General picture of what I'm seeing, but not exactly....


Under the Virus Protection is where it's giving me the option to fire it up, but when I click on Yes, I get asked permission to proceed. When I give permission, it doesn't change.

When I first made the purchase, I was able to almost immediately get on the internet. Like the Defender ran and repair in 2 seconds.

I ran a quick scan then, and then did a complete scan, which took, you know, a couple/few minutes.

I shut down again, but nothing.

Well, it was a fraudulent activity.
The bank emailed me on it.
Good thing I used a card I never use otherwise.

But how did they prevent me from accessing the internet until I authorized something?
Rebooting had no effect, I could not proceed.

I think it was the mormons.

So no one is interested in chastising me for being an idiot?

It was actually from the Ukraine. I'm sure someone named Peggy.

There are several ways they keep you from accessing the Internet, depending on the exact malware that you ran into.

Basically, they install a firewall that blocks or redirects traffic.


Things to remember:

1) Microsoft Security Essentials is free. There is no premium version.
2) Never, ever, purchase the software that they prompt you to purchase. If you're going to purchase antivirus, then purchase it by going directly to the manufacturer's site.

There's your problem. You called customer service!!!

My default steps would be to restart Windows in safe mode with internet access. Then attempt to run malwarebytes (usually will catch and quarantine it). If that didn't work, google the name of the suspected virus (MS Security Essentials Virus) and follow removal steps.

Also, you can usually find some dude on Craigslist that will clean your machine for a flat fee. Usually around $30-50.

Drop it off, he/she cleans it, pick it up the next day.

And to prevent the issue in the future: Sandboxie.

Boy, I would really be cautious about that. I can't imagine handing my box over to a third-party that I met on CL; how do you know he's not rooting your box, or installing a keylogger or something?

****, I ought to go into that business, never thought of doing a human hack from that angle

Cycloptichorn

I have always considered that. I feel marginally better with Staples or Geek Squad. Not a lot better, but at least they have an address.

Actually, I'd be cautious about it too. I'm just saying there are alternatives.

Currently, we advise customers with an infected machine to perform a bare-metal reinstall. While cleaning can be effective, this is the most secure method.

Yup, that's what we do. I am pretty paranoid guy when it comes to computer security, though.

Do you remember the argument I was having a while back with someone about SSL and how you shouldn't log in to email and other sites over public wi-fi? Turns out that there have been fake certificates handed out left and right

You can't be paranoid enough on the internet.

Cycloptichorn

Most folks don't want to be computer security experts, though.

This is why I'm a fan of tablets and/or thin clients.

Have you seen THIS?

I saw it a couple of months ago on a different site, followed the FBI's instructions (which revealed I wasn't infected).

Then I felt kinda foolish lol.

PS...If you're a MAC guy, you might not need to do the test.

So, what should I have done if I couldn't get on the interweb?
I thought MS security essentials was free, that's what first made me suspecious.

What's sandboxie?

I was hoping you'd come along DD.

So, now that I can access the internet, and the bank is reversing the charge, and I've run a scan using my ms essentials/defender, should I be good to go?

I don't want to access certain accounts websites until.

I recently took my puter to PC Guru because otis pushed the whole magilla onto the floor.
Am I going to have to take it back over?

The way I've cleaned machines for my friends and family has been this:

1. Make a full backup of the infected machine. My preferred tool is Clonezilla. This is insurance, so that if you make a mistake you can always recover your data. Reasonably large-capacity, external drives (USB and/or eSATA) are available for under $100.
a) Download Clonezilla and burn it to a CD
b) Boot to the CD, backup all partitions to the external drive.

2. Download several antivirus/anti-malware tools and either burn them to a CD or put them on a thumb drive. My favorites: Malwarebytes, Gmer, Trend Micro's Housecall, HijackThis!, Rootkit Revealer

3. Boot the infected machine to safe mode.

4. Run Gmer and/or Rootkit Revealer to see if there are hidden services. Remove any hidden services.

5. Run Housecall (or other stand-alone virus scanner)

6. Run HijackThis! This program is somewhat intimidating, but there are places where you can post the logs to get help. Also, you have a full backup from step 1, so even if you mess something up, it can be fixed.

7. Run Malwarebytes. Frankly, I can't remember if it will run in safe mode. You may have to boot back to normal mode.

8. Reset TCP/IP.
A. Boot to normal mode.
B. Run a command prompt (Start->Run->cmd->OK)
C. Run the command to reset TCP/IP (netsh int ip reset c:\resetlog.txt)
D. Reboot

9. At this point, it's time to see if the machine is working. See if you can browse normally. See if you can download a virus scanner. (Microsoft Security Essentials, AVG, etc.) Download, update the definitions, and run a full virus scan.

10. Make another backup! Schedule regular backups! If you have stuff that you can't recreate (pictures, videos, your unpublished novel), then get an offsite backup such as Carbonite or Mozy!



Any tweaks to this procedure are appreciated. This is just what I remember going through the last time my mother-in-law's laptop was infected.

Other good tools: ComboFix, Spybot Search & Destroy

Wow!

This is great information.
I'll follow it when I get home.

This would be useful to many people to know.

Thanks!

I had a hunch it was malware or whatever you call it, but didn't post as I'm ignert on what to do about it, especially re pcs. No chance I'll call you an idiot. Just that I've read - probably on a2k - about such stuff happening being a scam.

I had a similar experience and got great step-by-step help from the folks at geekpolice.net

I described it here

They helped me get all the downloads I needed (one at a time) and had me post back my logs and then they'd go onto the next step. I'd definitely use them again. In my case I couldn't start up half the time so they directed me where I could get downloads from another computer and transfer them over to my usb port with a flash drive.

Also, try to think of what you were doing when you got infected. Lyrics sites are notorious. Opening links that other people post is also risky.

If you act right away (don't click on anything in the pop-up warning), you can try shutting down, rebooting in safe mode and doing a system restore to a previous set point. That didn't work in my case because the trojan eliminated all of my set points and disallowed the used of any anti-virus software.