Live Security Platinum

I picked this pest up today while Googling for a watch repairer!

I have run malware bytes 6 times in safe mode (re-booting between) until
it came up clean twice in a row.

I pulled my network connection then un-installed and re-installed MSFT
Security Essentials which is running a full scan - seems to have found
something but I have to wait until it's finished. Mind you it didn't catch
it in the first place.

Spybot is throwing up Microsoft.WindowsSecurityCenter.FirewallOverride is
not set to (DWORD\00, and the same for AntiVirusOverride.

I can no longer activate the Windows firewall nor can I change those keys
in the registry.

There's a fair bit about all this on Google but I'm nervous about deciding
which is genuine.

Any thoughts?

Anything better than MSFT Security Essentials to keep things like this out?

 

Have you tried a system restore ?

 

I don't use it but I have an image I can restore. I'm happy to do that but
I'd like some effective protection ready to install first.

 

Yank the drive and scan it to cleanliness from a different system.

Restore your registry from your earlier backup (which of course you
have!).

Or just blitz and reinstall. You can never really trust a compromised
host anyway.

Cheers - Jaimie

 

I'm going to have to re-install the image.
Is there anything that will protect against this sort of malware? It's not
as if I was Googling for anything naughty!

 

Use a browser with a better sandbox? Which browser were you using?

Cheers - Jaimie

 

IE9, I guess that's not good?

 

So what's the best one to use?

 

Lynx, probably. Sigh.

Cheers - Jaimie

 

John Jordan wrote:
:: On 27/08/2012 22:11, Jeff Gaines wrote:
:::
::: So what's the best one to use?
::
:: Chrome has the best technical security. Opera is the least likely to
:: be exploited. Even Firefox seems to be much better than IE in
:: practice.
::
::
:: --
:: John Jordan

Yes they are all better, but it's the operator who has to be more careful...

 

Run a virtual machine for all your online stuff? Makes recovery
virtually painless.

 

I wouldn't mind some more advice on that!
I run MSFT Security Essentials which is updated a couple of times a day.
I sit behind a NAT router (GRC Shields up tells me I am in full stealth
mode).
I got this damn thing twice - once when searching for help with php and
once when searching for an Omega watch repairer - and I know better then
to click on any of the 'fix your computer' links.
I have just put the previous image back on. I've updated MSFT Security
Essentials, installed Google Chrome, Spybot Search and Destroy and
Malwarebytes (which is running a full scan).
If there are better security suites or you have any other ideas I'd be
delighted - I lost half a day sorting this damn thing out!!!

 

That could be worth doing!

 

You remember when I recommended running your Windows in a VM? Snapshot
rollbacks are wonderful things!

Cheers - Jaimie

 

On Tue, 28 Aug 2012 09:00:41 +0100, Rob Morley wrote:

[...]

And if you run a Linux distro in that virtual machine, recovery is
unlikely to ever be necessary.

Chris

 

I think it's more the point that you can run otherwise questionable
stuff like Internet Explorer, Flash and Java without worrying unduly.

 

I must admit my Mac Pro is a lovely bit of kit.
I was uncertain about running a VM for Visual Studio (the Mac does
everything else), now I'm not so sure

 

I've just put Damn Small Linux on a Virtual PC, not sure I can live with
it though.
May try another distro or do what Jaimie suggested and go back to the Mac
with Windows in a VM.

 

Tried it, wasn't overly impressed even on an old VIA mini-ITX board
which is the sort of thing that it should excel at. I tend to end up
using minimal Debian installs on that sort of thing, trying to figure
out which specialist distro is best for low spec hardware is just too
tedious.

Apparently vlite works with Win7 for some people, although obviously
it's intended for Vista.

 

telnet 80.