Just got virused! a warning

Help Support The Rocketry Forum:

dr wogz

Fly caster
Just got a nasty virus infection, take warning.

I got an e-mail form RC Universe, that I had a reply to a thread I was following. None of the warning signs went off; all the links looked legit, the forum post in the e-mail was one I recognized, and I do get eh odd 'your post has a reply' e-mail (Some sites have a global 'send reply' some have it by thread.. I never remember...) and the rocketry sub forum doesn't get a lot of action. And, I must admit I go to RCU very rarely..

So, let's see who responded with what. click the link.. oh, nice, pretty picture.. BAM!! "Defender detected a Trojan virus, please call the following number to blah blah blah..

lesson learned.. Beware any e-mails form RCU if you're on RCU.

Now going thru to get the thing removed.. M$defender didn't find it. Malwarebytes just crashed trying to 'quarantine' 3 suspect files. (crashed on re-start..) and now nothing on my home Win 10 PC works. Have recovery key & 'new windows install' USB in my pocket to (hopefully) fix it all tonight. 1) I hate hate hate hate hate windows 10!!! 1a) recovery 'restore points' got corrupted too.. 2) defender seems to be a bit holey.. 3) emails are becoming less & less reliable.. 4) While I work all day on a computer (win 7), I really don't look forward to using one at home any more. I feel Windows 10 has quashed my need / desire to use one at home. Unreliable, random reboots (updates), needing to learn & relearn how to use it, needing to rediscover where stuff went, needing to constantly tweak it & run some "new app" to manage it, need to start making weekly back ups & images, as well as restore points.. 5) despite a forced update / upgrade, it's still best policy to get a proper version and do a fresh install The_Lone_Beagle Well-Known Member That sucks! BTW, thanks for reminding me, *never* click on a link in an email, always go directly to the site...I've been getting a little lazy now. I thought Win10 was supposed to be better for security? I still use Win7 on my home computers, when I use Windows. cerving Owner, Eggtimer Rocketry TRF Sponsor TRF Supporter Windows 10 is decent at protecting itself against "known" threats, but there are plenty of ways to get around it. In a corporate environment, you lock down what people can do with their computers and where in the Windows filesystem executable programs can run from, but it's difficult to do that in a home environment. At my day job, we spend about 10% of our non-personnel IT budget on security... haven't had a serious incident yet. That includes education... we have all of our employees take a fairly extensive security training, which shows them what to look out for. Even so, when we test phish them, we get at least a 30% hit rate... markkoelsch Well-Known Member Windows Defender is not adequate. Try shutting down, and disconnecting from the network. Restart and try Malwarebytes. Might even need to start in safe mode. When you are running normally is your account setup as a regular user or an administrator? If the later, it is best to have two accounts- one an admin that you use to install stuff, and the other that you use normally. cvanc Well-Known Member Is Kaspersky still highly regarded? I know back in my Win7 days it would find/clean stuff that other programs missed. In any case, good luck getting your PC back on its' feet. mccordmw Well-Known Member I'm happy with Avira. It's free and has good detection ratings. I used to love AVG, but they got bought out and started an aggressive marketing model that spams me with pop ups to buy their addons. Got almost annoying enough for me to consider it a virus. dr wogz Fly caster Windows Defender is not adequate. Try shutting down, and disconnecting from the network. Restart and try Malwarebytes. Might even need to start in safe mode. When you are running normally is your account setup as a regular user or an administrator? If the later, it is best to have two accounts- one an admin that you use to install stuff, and the other that you use normally. tried all that.. the installation of Win 10 I have is / was not all that solid. updates would end up with the little spinny circle for hours.. any update or restart would end it up in that state. this would then require a firm unplug - plug reboot to get it going again. Not to mention the apparent "Nvidia driver" issue Win 10 has.. (one of our main issues) This time, it just degenerated to a spinney circle, no 'safe mode' reboot, then try a restore, then try a reset, and finally a try to reinstall the OS (tonight's friggin' headache) last thing I had this morning was a "error 0xc0000BC - repair needed". SO, I have a USB stick with the Win 10 install boot on it to try. I have neither the time nor the (especially) the patients to sit & learn & relearn & reinstall & tweak & tinker with the festering machine.. I'm a mechanical guy. I like mechanical & tangible stuff.. I had win 7, I liked it. It's what I use at work. I had it set up how I like. I didn't want to upgrade, M$ did, and did so without my full consent.

Sorry for the rant, but I'm soooo miffled at this..

Winston

Lorenzo von Matterhorn
Is Kaspersky still highly regarded?
Very. Considering that so many viruses still come from Eastern Europe, it's no wonder. They probably hire former malware writers.

Winston

Lorenzo von Matterhorn
1) I hate hate hate hate hate windows 10!!!
Sorry to hear about this, but you shouldn't hate Win10 since what happened can happen to any OS that is targeted by malware. You should hate malware and want to castrate malware writing scum. iOS and Android are both becoming major targets just as Windows has always been because malware writers logically go after the most popular OSes.

OverTheTop

Well-Known Member
TRF Supporter
Is Kaspersky still highly regarded?
I put it on a PC a while back because it was highly regarded. Far worse for productivity than a virus IMHO. Got rid of it. Now using Windows Defender.

Dave A

I put it on a PC a while back because it was highly regarded. Far worse for productivity than a virus IMHO. Got rid of it. Now using Windows Defender.
I've been using Norton since it came out on floppies. There were older versions that had to use a removal tool from their site once in a while, but not anymore. It may use a fair amount of resources but it catches, quarantines and removes anything, 100%, I have ever stumbled across.
I've used Norton 360 or Norton Security as of late for the security protection and the password manager.
I bought some newer premium package for about $100/yr and got a license for every computer and phone I have. Between the wife and all my home and work stations it was a bargain with 360. Also, I have never had to buy or use a malware or any other program while using Norton. Last edited: markkoelsch Well-Known Member Folks, a number of things, and yes, I do IT for a living 1) do not run as an administrator. This allows anything coming into your computer to execute at that permission level, and to have access to the system files. 2) Windows Defender is subpar 3) there are a number of good AV packages. That said, unless you have taken care of point one you are spitting in the wind. 4) Norton is good. Kaspersky is very highly rated. I use Avast at home, and it has been working really well for me. 5) Security is not absolute. It is possible to lock a system down and make it nearly bullet proof. The thing is that this system will not be useable. You have to accept a little risk to have a functional system- sorry, but it is a fact. Zebedee Well-Known Member I've been using Norton since it came out on floppies. There were older versions that had to use a removal tool from their site once in a while, but not anymore. It may use a fair amount of resources but it catches, quarantines and removes anything, 100%, I have ever stumbled across. I've used Norton 360 or Norton Security as of late for the security protection and the password manager. I bought some newer premium package for about$100/yr and got a license for every computer and phone I have. Between the wife and all my home and work stations it was a bargain with 360.
Also, I have never had to buy or use a malware or any other program while using Norton.
I've been using Norton for a long time too - I also have the package where I get X licenses and can install it anywhere. I also endorse it.

The other somewhat security related thing I use is Ghostery - it blocks all adware, trackers etc. which makes my browsing experience many times smoother and nicer.

mpitfield

Moderator
Staff member
Global Mod
Microsoft Windows protection is almost 100% ineffective when it comes to heuristic scanning and as a result relies on definition scanning exclusively. Even with definition scanning it is consistently ranked in the bottom 10% for actually protecting your system. It is ranked high in usability though, for whatever that is worth in this case. Also there is no actual winner in this race when it comes to protection as they fluctuate over time. What you need to do is forget the paid for advertising or thinly veiled fake reviews from companies like PC mag. Instead you need to look at third party, at arms-length reviewers who publish the testing methods and have a reputation for posting unbiased results.

If you look at these results over time you will see the same trends, a product will be ranked high, gain popularity then drop considerably while they ride the wave and pull resources from R&D. McAfee and Symantec are classic examples of this. What you should be looking for is a company or product that is trending up then pay attention to it and once it starts to slide down consistently, then make a change, but don't fall into the lull that "X" is the best product.

One thing you should be doing is reading your email in plain text and not HTML. It does not look sexy, however you can clearly see hyperlinks that often do not match the sender's domain. Also viewing in HTML can execute code depending on your security settings just by viewing your email, plain text does not allow this. Once you have given the email a quick look over you have the option to flip it to HTML, which is often easier to read if it is HTML heavy.

Also as Mark said it is very important that your user account does not belong to the local administrators group. I run an IT company, manage and train IT consultants and run a NOC (Network Operations Center), and none of our systems run with local admin. Simply create another user who is a member of local admin and when it prompts for administrative permission use those credentials. The minor inconvenience is well worth the added pause that you will be presented with if something requires admin to execute. Technically you can still get infected however using a limited account vs. an admin account limits the infection to areas of the system you have write permissions to...technically. Of course there are threats that can get around this.

Here is a resource for you to look at for Windows 10 solutions, specific to home users. https://www.av-test.org/en/antivirus/home-windows/windows-10/

Johnly

Well-Known Member
I've switched over Bitdefender on our computers. Very happy with the performance and low processing impact. MS Defender is at best OK, and clearly better than nothing.

John

ksaves2

Switch to Linux and run from a user account. Ubuntu is pretty easy although in the 14.X version it was hard for me to make an app with a desktop launcher. That may have been fixed
in 16.X version. I ran Slackware for years as "root" as I had troubles getting access to peripherals. Never had any troubles with viruses but I mainly confined my time at rocketry sites and list-servs. I finally figured out how to access everything from a user account and went that path to be safe in light of "modern" times. Use the linux machine for email and online stuff
and Winblows to run application software one needs.

it can program a lot of altimeters with no sweat.

I've run some free Linux virus detection programs and never really came up with much. Some minor things I just deleted the offending code but have never had a big problem.

That's not the deal with MS stuff. I have an autistic adult son who has whacked two computers over the years with virus infestations. He is like a 7 year old who goes to kid
sites and he likes flight simulators and goes "travelling" on Google APRS or Google Earth. (He's 22 years old FYI) The computer is out in the open so we can keep tabs on what he does.

Kurt

Winston

Lorenzo von Matterhorn
4) Norton is good. Kaspersky is very highly rated. I use Avast at home, and it has been working really well for me.
I also use Avast simply because it's free. Not super well rated compared to Kaspersky, but it has alerted on some web site links that were, correctly or incorrectly, claimed to contain malware.

Winston

Lorenzo von Matterhorn
Switch to Linux and run from a user account. Ubuntu is pretty easy although in the 14.X version it was hard for me to make an app with a desktop launcher. That may have been fixed
in 16.X version. I ran Slackware for years as "root" as I had troubles getting access to peripherals. Never had any troubles with viruses but I mainly confined my time at rocketry sites and list-servs. I finally figured out how to access everything from a user account and went that path to be safe in light of "modern" times. Use the linux machine for email and online stuff
and Winblows to run application software one needs.

it can program a lot of altimeters with no sweat.

I've run some free Linux virus detection programs and never really came up with much. Some minor things I just deleted the offending code but have never had a big problem.

That's not the deal with MS stuff. I have an autistic adult son who has whacked two computers over the years with virus infestations. He is like a 7 year old who goes to kid
sites and he likes flight simulators and goes "travelling" on Google APRS or Google Earth. (He's 22 years old FYI) The computer is out in the open so we can keep tabs on what he does.

Kurt
The VAST collection of high quality freeware for Windows is what keeps me with it.

farsidius

semper discens
I love these "I hate windows 10" threads. So, I'll buck the trend and say: I love Windows 10. It's vastly superior to windows 7. It uses less resources, it's more efficient and runs faster. I love how mobile friendly it is and how much of my computer experience I can synchronize between my devices. And yes, you should allow the auto-updates because most of the security holes that these viruses target are fixed regularly and quickly through the updates. I find Defender to be pretty good, and I also find that many of the sites that rate Defender poorly are run/operated by companies or interests that make money from selling anti-virus software (do you see the advertising links on those pages?). I know I've read at least two articles in the last few months arguing that you should ditch after-market AV software if you have Windows 10 set up properly. Many of the aftermarket AV software packages are loaded with bloat and cause significant performance issues with your computer.

If you want Defender to scan your emails then use the mail client in Windows 10 - it will scan the emails as it imports it from the mail server. You probably shouldn't read your email in a web browser if you're in the habit of clicking links embedded in messages. Also, if the virus message is telling you to call a number or go to a website to fix it, then it's just a fake advertising ploy to prey on the ignorant.

:2:

I can honestly say that I've had no virus or performance issues in the last year and half that I've been running Windows 10.

scottrc

Well-Known Member
I run two 3D cad machines. One I upgraded to Windows 10 and left the other on 7. I can honestly say running 10 on a CAD workstation as compared to 7 is like a comparing colonoscopy to a hernia exam. At least that has how my experience has been.

If your a multi-tasking, WEB dependent, everthing on the Cloud, Facebook committed hipster, then 10 is wonderful. If you want to stay and work within your own secured network and rock within only secured domains, stick with 7.

dr wogz

Fly caster
+1 on that Scott..

What cad you running? I do Creo & Inventor..