More Fing computer problems

[mister frau blucher]

Hey all,

The last few days my computer has been down from another virus, or some weird thing. I am posting from another computer right now.

I hope to get things figured out this afternoon, and get back in here.

Thanks to everyone for not posting too much nudity in my absence!

Bret

[Deleted]

you shouldn't have said that. cat's out of the bag now!

Nudy pic upload...10% complete

J/K

sorry for your computer troubles. you guys may not like some of these recommendations, as the forum may be supported by ads, but here are my recommendations for keeping a computer virus free (in addition to the normal, common-sense recommendations you hear everywhere):

1. use anti-virus software that has 'real-time' protection and keep it updated.
2. configure your browser to delete it's cache when you close it.
3. use a browser that allows you to install the Adblock Plus plugin. in the last 10 years, only a handful have viruses have even attempted to get on my computers...and it was through flash-ads.
4. keep java and adobe reader up-to-date. these are popular vectors of attack for virus-writers because their use is so ubiquitous.
5. many personal computer i come across in people's homes have blank passwords. they ship from the manufacturers this way to avoid consumer confusion and support calls. when i suggest to someone to configure their computer to require a password-protected login, they usually say something like: "but that computer never leaves my house. no one can get to it" WRONG. your computer leaves your house every time you connect to the internet. a computer on the internet with a virus trying to spread will attempt to spread to other computers on the network by simply trying to connect to them. if no password is required, they will be able to connect and deposit virus files.

a password-protected login doesn't really protect your computer from someone that has physical access to it. it protects it from other computers on the network.

6. configure your anti-virus to clean first, delete second. most AV programs default to clean first, quarantine second. this is rooted in the distant past. today, if your AV can't clean the virus from a file, it is 9 out of 10 times because the file in question is 'nothing but virus'. because 'quarantine' is such popular practice, i think virus writers have found ways to make their wares effective, even while under quarantine.

"but what if it deletes my important file?" this would be very very very rare. AV software is highly evolved today and can usually 'clean' a virus from your file if it was truly your file and not a 100% virus file. in the extremely rare case, that this would have bad results, that's what backups are for.

however, i am assuming that you have decent AV software. if you are unsure, leave it at 'clean, then quaratine' and watch what goes into quarantine over time. it should be very rare that you see one of your actual files go into quarantine (after an attempted clean operation).

[darkscar]

Sept 13, 2012 9:07:06 GMT -5 @ewookie said:

here are my recommendations for keeping a computer virus free (in addition to the normal, common-sense recommendations you hear everywhere):

My recommendation...just get an Apple ;D

[Deleted]

yes, that works for now
if you can live with the dictatorial computer. i prefer a more democratic pc...but with the way MS keeps drastically changing things from one version of windows to another and bloating things along the way, i am wishing i could just bury my head in the sand of an Apple and forget the PC world exists.

EDIT: however, my recommendation above still hold true for Apple. Apple just doesn't have enough market share to interest virus writers.

imagine you are an evil, uber mage. you can learn Majority Mind Control or Minority Mind Control. which spell would enable you to create a vast army of zombies?

[darkscar]

Sept 13, 2012 9:31:44 GMT -5 @ewookie said:

yes, that works for now
if you can live with the dictatorial computer. i prefer a more democratic pc...but with the way MS keeps drastically changing things from one version of windows to another and bloating things along the way, i am wishing i could just bury my head in the sand of an Apple and forget the PC world exists.

LOL!! ewookie, you're a funny man.

[Deleted]

i just edited above. let me know if you think that's funny too

[Deleted]

Sept 13, 2012 9:36:37 GMT -5 darkscar said:

Sept 13, 2012 9:31:44 GMT -5 @ewookie said:

yes, that works for now
if you can live with the dictatorial computer. i prefer a more democratic pc...but with the way MS keeps drastically changing things from one version of windows to another and bloating things along the way, i am wishing i could just bury my head in the sand of an Apple and forget the PC world exists.

LOL!! ewookie, you're a funny man.

i agree, it is funny. however, i do see some striking similarities between dictatorships and Apple and between the US government and MS...but i'm illegally crossing the border of politics! LOL

[Deleted]

oh, one last recommendation...

don't be looking at nudy pics! LOL

[mister frau blucher]

Hey guys,

Still having some problems with some deep-seated spy or malware. Unable to scrub it despite using the best (free) stuff on the web. Both Spybot and Malwarebytes, TDSSkiller, MilShield, and the powerful Combofix are all failing.

Basically, i normally have 35-38 processes running at any one time. But recently it has been 44-46. After I scrub it, it goes back down and stays that way for a day or two, but inevitably it climbs back up. It doesn't take a lot of my CPU space, but it makes me very nervous. All the processes seem legit, but there are a lot of those "svchost.exe" processes running - anyone know how to tell the legit from the illegit?

Anyway, hopefully i will get this crap figured out soon.

Bret

[mister frau blucher]

Hey, when did ewookie become a clean-shaven babe magnet?

[Deleted]

Sept 17, 2012 8:21:57 GMT -5 mister frau blucher said:

Hey, when did ewookie become a clean-shaven babe magnet?

mister frau blucher...i was...quite frankly...born...this way.
^notice the shatner pauses

[Deleted]

in regards to the svchost.exe...
what OS are you running? (Windows XP, 7, etc.)
there typically are a lot of svchost.exe running on a given windows pc. they should all be running as 'LOCAL SERVICE', 'SYSTEM', some other all-capital, special OS account. if you see one that is running as your windows account, be suspicious. otherwise, let it ride.

...unless you are having other problems...

[mister frau blucher]

ewookie,

Windows XP. Every svchost says SYSTEM or NETWORK SERVICE. I guess they are all legit...

[mister frau blucher]

OK, getting things squared away. Still very slow, and running too many processes, but they are fewer, now.

I have used the program Superantispyware, and it does seem to be more powerful than Malwarebytes. Between this and Combofix and tdsskiller, I think I am on the right track...

Sorry to be gone for so long, friends!

Bret

[Deleted]

those are good tools. they used to be my 'default' tools. recently, i have started using windows defender offline (windows.microsoft.com/en-US/windows/what-is-windows-defender-offline) in place of superantispyware and malwarebytes. it creates a bootable cd or usb drive so you can boot to a clean environment and scan from there.

after that, i boot into 'safe mode', login as local admin (or any unused account with admin privledges) and i run tdsskiller and things are usually good. sometimes (especially here lately) the nasty buggers have embedded themselves into the boot sector as well. from the same safe-mode session, i would run 'mbrwiz' (for XP) to repair the master boot record. (it is ok to run this without knowing if it is actually needed or not...unless you have some dual-boot stuff going on, then i'm not sure)

after that, if i feel an evil presence still lurking about, it is usually quicker and easier to just backup user data and format/reload. nothing runs better than a freshly loaded OS