I picked this pest up today while Googling for a watch repairer! I have run malware bytes 6 times in safe mode (re-booting between) until it came up clean twice in a row. I pulled my network connection then un-installed and re-installed MSFT Security Essentials which is running a full scan - seems to have found something but I have to wait until it's finished. Mind you it didn't catch it in the first place. Spybot is throwing up Microsoft.WindowsSecurityCenter.FirewallOverride is not set to (DWORD\00, and the same for AntiVirusOverride. I can no longer activate the Windows firewall nor can I change those keys in the registry. There's a fair bit about all this on Google but I'm nervous about deciding which is genuine. Any thoughts? Anything better than MSFT Security Essentials to keep things like this out?
I don't use it but I have an image I can restore. I'm happy to do that but I'd like some effective protection ready to install first.
Yank the drive and scan it to cleanliness from a different system. Restore your registry from your earlier backup (which of course you have!). Or just blitz and reinstall. You can never really trust a compromised host anyway. Cheers - Jaimie
I'm going to have to re-install the image. Is there anything that will protect against this sort of malware? It's not as if I was Googling for anything naughty!
John Jordan wrote: :: On 27/08/2012 22:11, Jeff Gaines wrote: ::: ::: So what's the best one to use? :: :: Chrome has the best technical security. Opera is the least likely to :: be exploited. Even Firefox seems to be much better than IE in :: practice. :: :: :: -- :: John Jordan Yes they are all better, but it's the operator who has to be more careful...
I wouldn't mind some more advice on that! I run MSFT Security Essentials which is updated a couple of times a day. I sit behind a NAT router (GRC Shields up tells me I am in full stealth mode). I got this damn thing twice - once when searching for help with php and once when searching for an Omega watch repairer - and I know better then to click on any of the 'fix your computer' links. I have just put the previous image back on. I've updated MSFT Security Essentials, installed Google Chrome, Spybot Search and Destroy and Malwarebytes (which is running a full scan). If there are better security suites or you have any other ideas I'd be delighted - I lost half a day sorting this damn thing out!!!
You remember when I recommended running your Windows in a VM? Snapshot rollbacks are wonderful things! Cheers - Jaimie
On Tue, 28 Aug 2012 09:00:41 +0100, Rob Morley wrote: [...] And if you run a Linux distro in that virtual machine, recovery is unlikely to ever be necessary. Chris
I think it's more the point that you can run otherwise questionable stuff like Internet Explorer, Flash and Java without worrying unduly.
I must admit my Mac Pro is a lovely bit of kit. I was uncertain about running a VM for Visual Studio (the Mac does everything else), now I'm not so sure
I've just put Damn Small Linux on a Virtual PC, not sure I can live with it though. May try another distro or do what Jaimie suggested and go back to the Mac with Windows in a VM.
Tried it, wasn't overly impressed even on an old VIA mini-ITX board which is the sort of thing that it should excel at. I tend to end up using minimal Debian installs on that sort of thing, trying to figure out which specialist distro is best for low spec hardware is just too tedious. Apparently vlite works with Win7 for some people, although obviously it's intended for Vista.