An aggressive virus?
Psychophysiological entity
Thread Starter
An aggressive virus?
Just had a centre screen pop up that informed me that I had a virus and that I should press a button to start to remove it. All attempts to shut it down only introduced more screens telling me I should do this and that. Non of the names were familiar to me except for
http//intelscanh1.com says Antivirscan Shall do ......
I forced a shut down after finding that I couldn't stop these things by any other means.
Restart hasn't shown any more stuff and am running Avast. One waits with baited breath.
http//intelscanh1.com says Antivirscan Shall do ......
I forced a shut down after finding that I couldn't stop these things by any other means.
Restart hasn't shown any more stuff and am running Avast. One waits with baited breath.
This is more common than you'd imagine, and since it's a million dollar+ business, obvioulsy takes some users in.
It's a rogue antivirus application. There are several (or several dozen) new variants of these released every day, often using seriously difficult-to-remove means to install/run, including trojans and rootkits.
That address you've posted is blocked from loading on my computer. (Thank you, hosts file.)
Wouldn't hurt to do a bit of scanning.
Try MBAM ( a very good demand scanner. ) Install the free version, update it, run a quick scan. Have it remove anything found. If prompted to reboot to complete removal, please do so promptly.
Go to Secunia.com and look at the area for "software inspectors" You have two choices, an online scan (OSI) that will require installing an activex control (safe), or downloading the PSI and running it.
The PSI is more comprehensive; running the OSI will give you an excellent idea of what is out of date or vulnerable on your computer.
My guess is Java, Adobe, or a Flash player.
A scan with Avast would be a good idea too, especially if it blocked something from loading at the time you had the warnings.
It's a rogue antivirus application. There are several (or several dozen) new variants of these released every day, often using seriously difficult-to-remove means to install/run, including trojans and rootkits.
That address you've posted is blocked from loading on my computer. (Thank you, hosts file.)
Wouldn't hurt to do a bit of scanning.
Try MBAM ( a very good demand scanner. ) Install the free version, update it, run a quick scan. Have it remove anything found. If prompted to reboot to complete removal, please do so promptly.
Go to Secunia.com and look at the area for "software inspectors" You have two choices, an online scan (OSI) that will require installing an activex control (safe), or downloading the PSI and running it.
The PSI is more comprehensive; running the OSI will give you an excellent idea of what is out of date or vulnerable on your computer.
My guess is Java, Adobe, or a Flash player.
A scan with Avast would be a good idea too, especially if it blocked something from loading at the time you had the warnings.
Psychophysiological entity
Thread Starter
Thanks for that. I've run Avast and it found nothing. I'm up due to 
insomnia and having a last look round. Nothing reared its ugly head yet.
insomnia and having a last look round. Nothing reared its ugly head yet.
Per Ardua ad Astraeus
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes
on
0 Posts
Did the invitation also invite you to part with money? It sounds like a SmitFraudFix infection.
I have cleared 3 from friends' machines and it is best done in safe mode to start. If that is what it is it will be a nuisance rather than a disaster. A Google with smitfraud will show you are not alone.
I have cleared 3 from friends' machines and it is best done in safe mode to start. If that is what it is it will be a nuisance rather than a disaster. A Google with smitfraud will show you are not alone.
Psychophysiological entity
Thread Starter
As the next screens kept popping up I was so intent on shutting down, I didn't see the details...just that I didn't recognize anything except the word intel.
I'll have a look tomorrow, when the sleeper's worn off.
I'll have a look tomorrow, when the sleeper's worn off.
Should these sorts of screens or pop-ups occur again, try alt+f4 to close them. (May not work)
Try looking in taskmanager to see what's running. This will need a little familiarity with what normally runs in taskmanager, and you may find it's been disabled.
It does sound a bit like you may have dodged it, though, if it hasn't recurred. Fingers X'd.
I would definitely run a scan with MBAM. The fact that there were no Avast warnings suggests it is a new or new-ish variant that is not in the Avast database, yet. (There are literally thousands of these things circulating.)
And you definitely should perform that secunia check (or something similar) because out of date and vulnerable software is probably the number one way (closely ties with user click-happiness) to get these things.
Also consider a two way firewall control of some sort. This will alert you if something unknown attempts to connect outbound. (Such as a trojan attempting to download its dirty cargo.)
Try looking in taskmanager to see what's running. This will need a little familiarity with what normally runs in taskmanager, and you may find it's been disabled.
It does sound a bit like you may have dodged it, though, if it hasn't recurred. Fingers X'd.
I would definitely run a scan with MBAM. The fact that there were no Avast warnings suggests it is a new or new-ish variant that is not in the Avast database, yet. (There are literally thousands of these things circulating.)
And you definitely should perform that secunia check (or something similar) because out of date and vulnerable software is probably the number one way (closely ties with user click-happiness) to get these things.
Also consider a two way firewall control of some sort. This will alert you if something unknown attempts to connect outbound. (Such as a trojan attempting to download its dirty cargo.)
Spoon PPRuNerist & Mad Inistrator
Without question, the single most effective thing you can do to protect your PC when online is NOT TO RUN WITH AN ADMINISTRATOR OR POWER USER ACCOUNT.
That way, nothing gets to install.
SD
That way, nothing gets to install.
SD
Plastic PPRuNer
Sudo for Windows | Get Sudo for Windows at SourceForge.net
"Sudo for Windows (sudowin) allows authorized users to launch processes with elevated privileges using their own passphrase. Unlike the runas command, Sudo for Windows preserves the user's profile and ownership of created objects."
And that folks, is the answer to Windows security.
Mac
"Sudo for Windows (sudowin) allows authorized users to launch processes with elevated privileges using their own passphrase. Unlike the runas command, Sudo for Windows preserves the user's profile and ownership of created objects."
And that folks, is the answer to Windows security.
Mac
Join Date: Apr 2005
Location: Here
Posts: 44
Likes: 0
Received 0 Likes
on
0 Posts
Saab Dastard
My other half has just started to venture out onto the internet on her new Laptop, so I'm not really worried about anything happening to that one. Nothing of any value is on there should it crash...
Problem is that I would like to create an account that she can use on my Laptop but without any admin priveleges
I've been able to generate a Guest login, but I want to have all the current programs that are used by myself (as the administrator) on my login also available (saves me from having to log off from her's should I need to check something quickly)
Thanks in advance
Without question, the single most effective thing you can do to protect your PC when online is NOT TO RUN WITH AN ADMINISTRATOR OR POWER USER ACCOUNT.
Problem is that I would like to create an account that she can use on my Laptop but without any admin priveleges
I've been able to generate a Guest login, but I want to have all the current programs that are used by myself (as the administrator) on my login also available (saves me from having to log off from her's should I need to check something quickly)
Thanks in advance
Spoon PPRuNerist & Mad Inistrator
Don't create a Guest account - create a proper named user account. Make sure it isn't in the Administrator or Power user groups.
You don't mention what OS - with XP, programs that have been installed by an administrator or equivalent are available for all users, with a couple of caveats.
You will probably have to find the shortcut(s) to launch the program and make it available to All Users or copy to the new account, and some badly written programs may assume that the userdata location when installed originally should always point to the profile of the installer, which may cause problems.
But most mainstream applications (e.g. MS Office) will work fine.
If you have problems with account creation and privileges, the MS website is usually a good place to find "how to's".
SD
You don't mention what OS - with XP, programs that have been installed by an administrator or equivalent are available for all users, with a couple of caveats.
You will probably have to find the shortcut(s) to launch the program and make it available to All Users or copy to the new account, and some badly written programs may assume that the userdata location when installed originally should always point to the profile of the installer, which may cause problems.
But most mainstream applications (e.g. MS Office) will work fine.
If you have problems with account creation and privileges, the MS website is usually a good place to find "how to's".
SD
