I booted up the family computer this morning and got hit with the 5 following. Exploit.java/cve-2009-3867.eh Hacktool:win32/wpareset.b Trojandownloader.java/openstream.al Exploitjava/cve-2008-5353.gm Adware,is/pornpop.a First of I noticed the java update box which I didnt click on, And when I tried to exit I noticed AVG wasnt working and IE wasn't working either although it was online, I got a message saying there was some windows update's which I didn't install of course, So I disconnected it from the internet I couldn't remove AVG or run it so I downloaded the AVG removal tool and MSE on one of my other rigs. I removed the AVG and installed MSE and run a full scan after 3 hours it found those bugger's removed and alls good thank god. I have no idear where they was picked up from.
Look at your parent computer web surfing history, it's for sure it comes form there. Teach them of updating Windows, and on your way, defrag the HDD if it's not using Vista/Win7 (as Vista/Win7 does it automatically... unless the time set to do the work is when the computer is turned off). I would try my best to teach them about file extensions. They probably opened picture.EXE, with the Windows picture viewer icon on it. Also, this is the most difficult one, teach them that the computer is not fragile, and doesn't' contain explosive ready to go boom if you click on something wrong. And how it is CRITICAL to read every message box from A to Z (that one is also extremely difficult), and use good judgement by the look of it. If they are not sure, make them ask you, and you make them ask why do they think it's fishy, so that they look and try to identify fishy things. Like the window boarders doesn't match the one of Windows, and you can't move it, and things pop-up when I tried to move it. Therefor it's an add, in such case I close everything and hit Cancel on anything that pops-up until everything is closed, and not panic, and do things fast or impatiently. I know I just asked the impossible, but if you can get them to know/do 1 thing correct then it's a big step. My tactics, is that I **** scare them, like saying that because you were using the computer in a careless way, by ignoring things, now the virus makers most likely has all your e-mail and bank password. They panic, change all their password and stuff, a few calls here and there to make sure nothing happen, and it usually end up in a lesson learned. A lie? Most likely... but for the greater good.
I know my parents didn't do it they have been dead for 15 years now LOL. When I say family rig I mean the wife / kids and just about anyone thats in the house Windows is fully upto date and defraged its got vista ultimate 64 on it I think it came from a forum in the USA we use sometime's, It wouldn't be the first time they have had virus's on their site. Just bad luck I reckon strange though AVG didn't pick them up I'm actually surprised it dont get more thats the first virus's I can remember it having.
Wait... I have a deja vue.. here... I recall already reading this once... Anyway, I though it was your parents computer. Well apply what I said on all your users. and if there your kids, then some teaching is needed.
It can only be one person then mate. The misses, you need to tune her up a bit about going on those dodgy sites. looking at that lot it's a trojan that's probably come from a hijacked site. it'll redirect to another site and bombard you with crap. Lucky it never buried itself in the root. My son had one like that from the Pokemon site about 8 years ago which directed everything to child porn sites the minute the internet was connected.
Yeah the moment I noticed it I disconnected from the internet and got to work on it. All clear now though.
I'd check all the open shares too.. might not be a bad idea to turn on the uac on the vista rig.. then least you'll see when something is trying to go wild or your kids can come get you if it pops
The UAC is on. This one really caught me out, yesterday it was ok and today it wasn't it was very strange. I've left AVG uninstalled now and using MSE see how that does.
Then what you should do is a create a limited account. This way if anything wants administrative privileged (virus), then it can't be approved without you allowing it by entering a password of an account set with admin privileges.
ill offer you a little bit of advice get ubcd4win it is a bootcd which you can update and then bootfrom either a usb or cd/dvd+/-rw then becasue it is a bootable antivirus it is easy to get rid of virus and any you acsidently get by updating it while it is in use will be deleted becasue it works using ram as a virtual hdd i have to use this a couple times a month to fix stepdads computer a good tip is install comodo it is a hips (host-based intrusion protection system) this prevents viruses and unsigned programs from accsesing things they shouldnt and the parently control option works by allowing you to hide the popus if it tries to do something suspisiouse so they will come to you to fix it and you know they have done something they shouldnt have
I dislike avg, i know alot of people will scoff at the thought but buy a decent antivirus, i picked up mcafee 3 user OEM for about £9. Got viruses whilst using AVG too.
In the early days, AVG free edition was kick-ass.. it was like MSE.. not AS fast, but pretty fast, and was competing with most paying software. Then, things changed. And today AVG is actually like any other anti-virus, heavy and bloated. It's still finds great stuff, by MSE finds more, and is extremely light in comparison. You don't feel MSE running.. it's a breath of fresh air. It's literally like you don't have an anti-virus on your system, but you do. McAfee is cheap because for the second time, they deleted critical system files of Windows as it marked them as virus. Now McAfee is desperate, as they lost A LOT of market share and businesses, because of this. Another porblem with McAfee .. download my tool... it will say it's a virus. You know why? Because it's a packaged exe. where all it needed files are grouped together, to have 1 files. I did this so that you have to install it, and is easy portable. I take notepad do the same combine trick and now it's a virus. Also, thanks to one of my users, who I provided a decompress version of my tool so McAfee doesn't freak out, notice that, one of my library files is marked as a virus with the default name by McAfee , if you rename it to wtv, but still keep the same extension, it's not longer a virus. You can scan the whole system, and no virus found, rename it back.. it's a virus again. Don't you love crappy a/v solutions?
Yeah and there's a new version of AVG right now seems a bit buggy aswell I'll probably change all my rigs over to MSE.
Happy NOD32 user here, altho the best viruses are the undetected one's... no one for sure can say they don't get any viruses, because you just don't know.
In my experience both AVG and Mcafee miss viruses. I'm well aware nothing catches everything there is, but both of those are to be avoided IMO. And buy? You don't need to EVER buy an anti-virus. Try Avira, Avast!, Microsoft Security Essentials ect..
Is surprising to be recovered after 5 viruses deleted.Often needs a fresh os reinstall.Keep antivirus turned on.i use AVG free edition and is working fine.