• Welcome to Camera Craniums: The Photography Community for Enthusiasts.
 
Members
Stats
  • Total Posts: 62,411
  • Total Topics: 5,704
  • Online today: 297
  • Online ever: 856 (January 21, 2020, 09:07:00 AM)
Users Online
  • Users: 0
  • Guests: 216
  • Total: 216
7ds
Amazon Spring Deal: SanDi...🌸🌼 Get Ready to Blossom w...Marantz Professional MPM-...Google Pixel 7a and Pixel...JasmineSanDisk Ultra 64GB USB Fl...SanDisk 512GB Extreme PRO...GiaDo You Shoot Photos With ...Which eye do you use with...SanDisk 256GB Extreme PRO...Duracell Plus Alkaline 1....RØDE VideoMicro Compact O...I must be one of the rare...Learning ResourcesPhotography and Time of D...

Antivirus

Started by bones615, February 27, 2011, 03:12:22 PM

Previous topic - Next topic

bones615

Just recovered from a nasty little thing called "system tool", took over, changed my wallpaper, kept telling me i had all sorts of problems & looked very much like its part of xp. Did some research on my sons laptop and found that it wanted me to click yes then take money from me to fix non-existant problems.
Started in safe mode. Avast was not right, spybot found nothing so following online advice downloaded Malwarebytes which I believe has cleared it but am about to run everything i have to double check.

Simon

Mick

Simon, Malwarebytes is pretty good at sorting some of these nasties.  :tup:

I've used the freebie version myself in the past.  It seems to find stuff that even the most expensive AV programs don't even see lurking on your PC.  http://www.malwarebytes.org/
Thank You, "Guest" For Reading This Post.

My Gallery
Tinyportal.net Running SMF 2.1.4 / Tinyportal 3.0.0
Guitarist Guild Running SMF 2.1.4 / Tinyportal 3.0.0
The Garden Machinery Forum Running SMF 2.1.4 / Tinyportal 3.0.0

OpenSea

Alfonso_Frisk

How strange
I am at the moment in process of cleaning this nasty from my brothers lappy and its the second time he has had it
You need to do a little more than run malwarebytes.
have looks here
http://www.bleepingcomputer.com/virus-removal/remove-system-tool
http://www.fluidr.com/photos/nosmo_king2007
http://www.seateamimages.com/search.php
Wine improves with age, The older I get the more I like it.

bones615

Thanks Alf, all ok apart from changing the host file. New to me - will it cause problems to programs that were not part my original set up? Might search for a list of what should be there to compare with what i have got.
Everything seems ok, i can update virus software etc.

The wife thinks it came from the weightwatchers site which she just opened when all the bells and whistles started going off, she started a search on my boys laptop and there was mention of it but he told her to get off sharpish in case he got it.

Simon

Alfonso_Frisk

I just downloaded and placed the host file in there as instructed and have no issues at all.
Brother says he got this problem whilst on youtube searching for saxaphone music.
http://www.fluidr.com/photos/nosmo_king2007
http://www.seateamimages.com/search.php
Wine improves with age, The older I get the more I like it.

Oldboy

Have you got a firewall? Shouldn't be able to get on your system unless you downloaded it attached to something else. Not sure on this program, but some can be downloaded by opening a strange email. That's why I delete any email I don't know.  :o

bones615

Running zonealarm firewall + avast antivirus. Zonealarm picked it up when it tried to connect to the internet but missed it coming in??
Avast should be monitoring incoming mail and yes i do occaisionally get funnies as powerpoints or vids but not recently. Just seemed odd that as soon as the boss opened  the weightwatchers site everything went wrong.

Still running antivirus programs now, spybot, bitdefender, avast, microsoft onecare & cc cleaner. So far only the m$ program has found anything more but could not remove 12 of 13 threats.

Simon

Oldboy

Just had a quick read-up on the internet on this virus, and it appears to be close to Microsofts System Tools. Makes me wonder if a Microsoft update has missed 's' off, as nothing anyone has done is the same.  :uglystupid2:

The trouble with viruses is, that a small change can stop your anti-virus seeing it, until a new update is released, which may take a few days. I wonder if your wife put WeightWatchers into Google and then clicked on one of the returned suggestions? It could have been a fake site to download the virus.  That's why you should check the address looks OK before clicking on the link. :o

bones615

She uses a link in her favourites, same one she has used for a while. May not have been that site but coincidental the virus hit just as she opened it.
Bitdefender shifted another 6, cc cleaner cleared 200+ registry entries.

Oldboy

Quote from: bones615 on February 28, 2011, 05:12:51 PM
She uses a link in her favourites, same one she has used for a while. May not have been that site but coincidental the virus hit just as she opened it.
Bitdefender shifted another 6, cc cleaner cleared 200+ registry entries.

That blows that theory out of the water then!  :doh:

Perhaps it has a delay build-in, so it's only activated a few days later making it hard to trace where it came from? It is possible that the WeightWatchers site was infected but unlikely, so we may never know.  :'(

Oldboy

#10
Quote from: bones615 on February 28, 2011, 05:12:51 PM
She uses a link in her favourites, same one she has used for a while. May not have been that site but coincidental the virus hit just as she opened it.
Bitdefender shifted another 6, cc cleaner cleared 200+ registry entries.

Just come across this on AOL.  :o

Cyber-criminals have infected advertisements online and suckered a load of people into thinking they had a virus and needed to pay for an update. They used a Trojan - something that creeps into your system and installs itself - to display a warning on Windows' wallpaper background.
Closer inspection of the message on the fake wallpaper reveals that it actually has a couple of spelling errors in it, but a few people will no doubt have clicked through and paid up. Meanwhile it stops your computer working by blocking programs.


Innocent sites

The most frustrating thing is that the criminals managed to put the ad carrying the trojan onto some innocent and reputable sites. Our own household has been struck by this because my wife bought tickets from Vue cinemas on Saturday, clicked an ad and that was it.


Other carriers include the London Stock Exchange and Auto Trader. I should stress there is no question of any wrongdoing from these sites - they're as much innocent bystanders as the people hit by the virus.


What to do

If you're one of the estimated tens of thousands of people affected, the first thing to do is don't click through and pay any money. I'm glad we got that straight.

Try a Windows rollback to a date before you were hit. If that doesn't work run a full virus check (if the computer lets you) then download the malware remover I've put in the link below from Microsoft.

And whatever you do, keep your security software up to date.

http://www.microsoft.com/security/pc-security/malware-removal.aspx

Tripod

I've run AVG free for years and it has always caught nasty's. Upgraded to AVG full last year and never suffered any problems at all. Lucky no...in to-days world you have to be ultra careful and it is worth paying for peace.

Camera Craniums is a participant in the Amazon EU Associates Program. This affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to products on Amazon.