# picked up a trojan on HT



## aftermidnite

only had HT opened and had a pop up Win7 Security wanted to check my computer ..and from there it went downhill ..I didn't click on it but it got in anyway ..past my AVG and Mal ware..
Did a search in safe mode and got it off at last ..
Friend from my craft/chat board has it now after visiting HT and I have told her how to remove it ..

Just wanted to give a heads up ..


----------



## Kung

It's not 'from' HT. What happens is that occasionally the ad services get messed with or hacked somehow; and the trojan 'rides' the ad service. Occasionally it'll catch someone.

I'll shoot a note to the guy(s) that deal with the ad service and let them know about it.


----------



## Ed Norman

Kung said:


> It's not 'from' HT. What happens is that occasionally the ad services get messed with or hacked somehow; and the trojan 'rides' the ad service. Occasionally it'll catch someone.
> 
> I'll shoot a note to the guy(s) that deal with the ad service and let them know about it.


If I'm running adblock plus and some other addons in firefox that don't allow me to see the ads, can this kind of trojan still get me?


----------



## Harry Chickpea

Highly unlikely, Ed.

I do the limiting host file, ABP, and No-script, as well as the anti-virus, anti-malware.


----------



## Kung

What Harry said. I'm on here every day and I've never picked up a trojan on these sites.

This being said, you're not the only one who has said something about this; I'll let Chuck know.


----------



## EDDIE BUCK

A couple of days ago I had a malware page keep showing up while I was on HT.I think it just happened to reveal it self then, but was picked up else where.I ran Spybot search and destroy and solved the problem.


----------



## tinknal

I just had the "Vista 2012" Trojan show up. Giant PIA.


----------



## AngieM2

I'm here on 3 computers, 4 if smartphone counts, and nothing wrong here, either. (using firefox, ie, and droid tapphone.)


----------



## Dutchie

Kung said:


> It's not 'from' HT. What happens is that occasionally the ad services get messed with or hacked somehow; and the trojan 'rides' the ad service. Occasionally it'll catch someone.
> 
> I'll shoot a note to the guy(s) that deal with the ad service and let them know about it.


So it is through HT.


----------



## Kung

Dutchie said:


> So it is through HT.


In the sense that HT is a vehicle for the ads, sure. But is HT's actual server infected? No; and that's what I mean when I say it's not 'from' HT.

The page code has ads inserted in there that point to sources external to HT's server, and *that* is where the trojan came from.


----------



## Carol K

I just got that trojan while browsing the pig forum, it was the vista 2012 couldn't get online and had to take lap top to get fixed. I'm mighty po''d about it. 

Carol K


----------



## legacy

I should add that when I clicked on HT link in my favorites today, a microsoft warning popped up and said the link was unsafe and that personal information on my computer could be gathered at risk if I proceeded (I'm paraphrasing.) So, I backed out. First time that ever happened.

Rather than go through my favorites link, I went through google to the HT link and logged in. No problem.

Ran malwarebites jst to be sure and it didn't turn up anything.


----------



## Harry Chickpea

I certainly can understand people being upset from picking up a virus/trojan/malware by visiting here, but in defense, it take two to tango. It is user responsibility to keep anti-virus and anti-malware up-to-date and use a firewall if needed.

I do NOT think much of the ad service, for not having proper monitoring and protocol in place. IIRC, this is not the first time a similar situation has happened. Much as I hate to say it, malware is one of the main reasons I keep the reins on my computers so tight. I cannot afford to have such nonsense going on, and if it means I don't get to contribute by clicking on ad links, so be it.


----------



## Carol K

well I don't click on adds or links, I was simply browsing the pig forum when it happened. My anti virus is up dated and runs all the time, so I'm at a loss. Lucky to find a guy to fix it, I hope, I couldn't even get on in safe mode, just didn't need the expense.

Carol K


----------



## Harry Chickpea

Carol, consider doing the stuff I mentioned in the previous post. I think you'll find the internet a more peaceful place in general.


----------



## chamoisee

I just got the same virus. Cost me $40 to get my laptop fixed. I wish I'd opened up this thread before! :grump:

The techie who fixed it for me said that if this thing pops up, do not click on ANYTHING. Restart your computer right away and then clear all temp files.


----------



## SquashNut

If you have the disk set your supposed to make when you get your computer, you can get into it when some thing like this happens, then roll your computer back. That should fix it.I don't think it is too late to make the disk set even if your computer is not new.


----------



## Txsteader

Avast just gave a 'virus threat detected' warning when I opened Forerunner's 'For My Friends' thread in Current Events. I noticed the ad wasn't showing on that particular page. Opened a couple of other threads, no warning, ad showing normal. Went back to Forerunner's thread and no warning this time, ad showing normal. Using Windows & Firefox.


----------



## Gary in ohio

Kung said:


> It's not 'from' HT.


I would disagree. If I am on a website and get infected, then that site is to blame.. Its was that's site to have the off server content on it. 

Now if I click on a link and get infections, thats on me, but if it comes in the base site content its on them.


----------



## Our Little Farm

I also got blasted by it yesterday when visiting HT. 
All sorted now though, hope I don't get it again as it took me long enough to get rid of.


----------



## Packedready

I also got the virus, it cost me $75 to get the lap top fixed. I love this site, but now I am afraid to use it.


----------



## Shine

One thing that has not been mentioned is to keep the Microsoft security updates up to date. It's a sorry thing that they have to constantly patch things but they are. Things like RKILL GMER Mal-ware AntiMalbytes and a solid AntiVirus will save the day but it is not 100% certain that you are going to be protected from every threat. Kaspersky also has a bootable ISO file that will get your system up and scanned without loading the windows shell, so that's another arrow in your quiver. I would imagine that as we move to the point where more and more web sites are made verboten by TPTB then one way to stop people from going there is to hit the users, something to consider before blaming the web team here.


----------



## Shrek

legacy said:


> I should add that when I clicked on HT link in my favorites today, a microsoft warning popped up and said the link was unsafe and that personal information on my computer could be gathered at risk if I proceeded (I'm paraphrasing.) So, I backed out. First time that ever happened.
> 
> Rather than go through my favorites link, I went through google to the HT link and logged in. No problem.
> 
> Ran malwarebites jst to be sure and it didn't turn up anything.


As kung said earlier in this thread it's not the site. It's one of googles services that customizes ad content to the viewers IPand surfing info that is automatically collected . Yesterday and the day before, MSE was flagging HT and 5 other sites I visit that all use google ads to advoid charging subscriptions . The warnings were of third party add ons something or another while some google content was being transferred. The warning bar blocked the add ons so my system stayed clean.

Today all six sites are navigating warning bar free when I use IE.


----------



## Nevada

Kung said:


> It's not 'from' HT. What happens is that occasionally the ad services get messed with or hacked somehow; and the trojan 'rides' the ad service. Occasionally it'll catch someone.
> 
> I'll shoot a note to the guy(s) that deal with the ad service and let them know about it.


Actually, I've had Google Ads send banners directly with a malware payload. Evidently they don't screen banner ads adequately.


----------



## Nevada

AngieM2 said:


> I'm here on 3 computers, 4 if smartphone counts, and nothing wrong here, either. (using firefox, ie, and droid tapphone.)


Malware infections will most often be delivered along with banner ads. The fact that one person got a malware infection and you didn't shouldn't be surprising. Banner ads are based on individual factors, so banners will vary by browsing history and even location. You can't expect to see the same banner ads that someone else is seeing, so the fact that you didn't happen to have similar malware problems doesn't mean much.

If anyone sees malware being blocked while browsing at HT then he should take note of the banners at the top of the page and let Kung know what they were. Kung can request that banners from that advertiser not be sent to HT in the future.


----------



## aftermidnite

I used my laptop to search for how to get rid of it and it worked like a charm ..
I was sure it didnt come "from" HT but did know that at that time I had only one window opened and it was HT .
I also have my Microsoft updated daily as well as my updates for AVG and MalwareBytes .
In this instance it slipped thru the cracks ..I did NOT click on anything ..no adds or any banners ( I never do anywhere I am visiting ) was just visiting CF here on HT as I do first thing in the morning and many times throughout the day as time allows ..On that day I spent way more time than I really wanted to to get my desktop back to 
good" BUT was able to avoid a costly repair ..


----------



## Kung

Carol K said:


> I just got that trojan while browsing the pig forum, it was the vista 2012 couldn't get online and had to take lap top to get fixed. I'm mighty po''d about it.
> 
> Carol K


Why did you 'have' to take it to get it fixed? There are more than a few threads on how to clean up malware/spyware/viruses and the like on this site; and I will gladly help someone do just that for free.

With all due respect, I see a *LOT* of people posting about how they got this or that virus and 'had' to take it elsewhere to get it fixed - and the post comes *AFTER* the PC is fixed.

Ask here first - or post on the HT Facebook page.


----------



## Kung

Gary in ohio said:


> I would disagree. If I am on a website and get infected, then that site is to blame.. Its was that's site to have the off server content on it.
> 
> Now if I click on a link and get infections, thats on me, but if it comes in the base site content its on them.


I agree - I don't expect people to NOT be upset at HT. But you yourself made the same point I did - that the source of the content is off-server.

I'm simply reassuring people that the viruses are not ON our server. That's it.


----------



## calliemoonbeam

aftermidnite said:


> I used my laptop to search for how to get rid of it and it worked like a charm ..
> I was sure it didnt come "from" HT but did know that at that time I had only one window opened and it was HT .
> I also have my Microsoft updated daily as well as my updates for AVG and MalwareBytes .
> In this instance it slipped thru the cracks ..I did NOT click on anything ..no adds or any banners ( I never do anywhere I am visiting ) was just visiting CF here on HT as I do first thing in the morning and many times throughout the day as time allows ..On that day I spent way more time than I really wanted to to get my desktop back to
> good" BUT was able to avoid a costly repair ..


This for me too, yesterday evening. I don't even see banners and wouldn't click on them even if I did, so not sure how I got it. I have Vista and do all my updates and have AVG and MalwareBytes that I keep current. 

But as the guys say, there are ways to fix it yourself without the time and expense of taking it to a shop. I cleared the problem completely in about 45 minutes, and it only took that long because I forgot a step, doh! If you don't feel comfortable doing it yourself or don't know how, talk to one of the guys here! They're absolutely wonderful and always have the answer or can figure it out, as I can personally attest from the times they've helped me! 

I just have one question for the guys...I also had a fake scan box pop up, and it said I have registry errors. Was that just part of the malware or do I need to run a registry cleaner now? I'd kind of like to just to be safe, especially since I haven't in quite a while, but is CCleaner the best these days and if not, which is? Thanks!


----------



## Hazmat54

I could use advice about this. Within the hour I was on HT and firefox shut off and some microsoft security thing popped up saying I was infected with all kinds of bad stuff. It won't go away. (Note, I am online with my old MacBook right now.)

The Microsoft thing pops up whenever I try to get on the web. Clicking on a link just gets me the warning. And it says I should activate/buy the Microsoft security stuff. I thought it was something Microsoft was doing to generate revenue.

The computer in question is a Toshiba laptop I bought within the last couple of months. I wanted a bigger screen to watch videos while traveling. I got it real cheap at best buy and paid the $100 extra to have it all updated and set up by their techs. It has Webroot anti-virus installed, which has told me periodically that it is checking things and fixing them.

So, do I have malware on my computer? Or is Microsoft just running a scare campaign to get me to buy their anti-virus? It is unusable for web surfing as it sits right now. The Microsoft warning thing will not let me access any web site. It says I need to register/buy their service. I run the Webroot program and it says no problem.

I am heading back to Peoria this afternoon and can drop it off at best buy, should be free since I paid for their service. 

Any help would be appreciated.

Scott


----------



## Shrek

If your copy of IE is legit and has proper vality key, go to www.microsoft.com and load their free microsoft security essentials program and use their fix it tool (also free) if neccesary.

If the trouble is with add ons , running the add on free IE in system tools will indicate that as the system tool no add on IE won't let any run on your system.


----------



## Hazmat54

Shrek said:


> If your copy of IE is legit and has proper vality key, go to www.microsoft.com and load their free microsoft security essentials program and use their fix it tool (also free) if neccesary.
> 
> If the trouble is with add ons , running the add on free IE in system tools will indicate that as the system tool no add on IE won't let any run on your system.


I only use Netscape(Sorry, I meant Firefox. I am getting old.), never IE. I never tried to go to the Microsoft site, maybe it will let me do that. It doesn't let Netscape go to any web site. 

Scott


----------



## Hazmat54

Okay cool, a HT Facebook page. That 'Win 7 Security 2012' is the thing I am seeing. I guess I have to be accepted into the group to post a comment on Facebook. I think there are restore disks in the box the computer came in, back in Peoria. Oh well. I got Mom's Christmas tree set up and the lights and angel on. She is picky about tinsel so I will leave her to that. Carry up some firewood and head back home. I think Best Buy will work on this for free, but if there is something easy I can do I will try it. I will check back here on my phone until I get home.

Scott


----------



## sage

I got this yesterday morning and I had not been on HT at all yesterday. took about 1 hour to get rid of it. I also do not click on any ad banners on any site I visit. Don't know where I picked it up at as I only visit certain sites and have never had a Trojan before. I have another computer that I hooked up and searched the web and found out what I had and how to remove it. All seems fine now.


----------



## Kung

calliemoonbeam said:


> I just have one question for the guys...I also had a fake scan box pop up, and it said I have registry errors. Was that just part of the malware or do I need to run a registry cleaner now? I'd kind of like to just to be safe, especially since I haven't in quite a while, but is CCleaner the best these days and if not, which is? Thanks!


No, you don't need a specific registry cleaner. I've used nothing but CCleaner for about the last 7 years, and it's done great.

Here are the tools I have on hand at ALL times; I ensure I keep them at LEAST on a CD, or on a USB drive:

- CCleaner
- Cleanup!
- Rkill (download both the .exe and the .com version)
- Microsoft Security Essentials
- Your choice of virus checkers (e.g., Avast! AVG, etc.)
- Malwarebytes

I would have at LEAST CCleaner, Cleanup!, MSE and Malwarebytes installed, and make sure they stay updated at all times.

If one gets infected, then

a) boot into safe mode, 
b) run the 'at least' programs above, and then
c) boot back into regular Windows.

If that does not work, then run Rkill and see if it knocks anything out.

If it STILL doesn't work, then I normally would recommend a disc-based recovery/cleaner disc; I'll weigh in tonight with my recommendations on which ones are best.


----------



## Kung

aftermidnite said:


> I used my laptop to search for how to get rid of it and it worked like a charm ..
> I was sure it didnt come "from" HT but did know that at that time I had only one window opened and it was HT .
> I also have my Microsoft updated daily as well as my updates for AVG and MalwareBytes .
> In this instance it slipped thru the cracks ..I did NOT click on anything ..no adds or any banners ( I never do anywhere I am visiting ) was just visiting CF here on HT as I do first thing in the morning and many times throughout the day as time allows ..On that day I spent way more time than I really wanted to to get my desktop back to
> good" BUT was able to avoid a costly repair ..


I would like to point out that one does *NOT* have to click on an ad for it to infect a computer. Sometimes one just has to 'drive by.' :/


----------



## Kung

Hazmat54 said:


> I could use advice about this. Within the hour I was on HT and firefox shut off and some microsoft security thing popped up saying I was infected with all kinds of bad stuff. It won't go away. (Note, I am online with my old MacBook right now.)
> 
> The Microsoft thing pops up whenever I try to get on the web. Clicking on a link just gets me the warning. And it says I should activate/buy the Microsoft security stuff. I thought it was something Microsoft was doing to generate revenue.
> 
> The computer in question is a Toshiba laptop I bought within the last couple of months. I wanted a bigger screen to watch videos while traveling. I got it real cheap at best buy and paid the $100 extra to have it all updated and set up by their techs. It has Webroot anti-virus installed, which has told me periodically that it is checking things and fixing them.
> 
> So, do I have malware on my computer? Or is Microsoft just running a scare campaign to get me to buy their anti-virus? It is unusable for web surfing as it sits right now. The Microsoft warning thing will not let me access any web site. It says I need to register/buy their service. I run the Webroot program and it says no problem.
> 
> I am heading back to Peoria this afternoon and can drop it off at best buy, should be free since I paid for their service.
> 
> Any help would be appreciated.
> 
> Scott


Sounds like you do indeed have malware on your computer. If you have Microsoft Security Essentials and CCleaner installed, I would reboot into safe mode, and then run both of those utilities.

If you don't have them loaded, then I would probably recommend downloading (if you can - if not, try another computer), burning and running a 'live recovery CD' such as Bitdefender's Rescue CD:

http://www.techmixer.com/bitdefender-rescue-cd-with-auto-update-virus-definition-features/


----------



## luv2farm

Thank you for your offer........Honestly......
I have no idea what youall are talking about. You might as well be speaking german to me.....I dont understand a thing you all are saying. BUT, I appreciate the fact you will help clear up computer problems. BTW, how do you know you have a _trojan_? 

I admit...

I'm ignorant to this!



Kung said:


> I agree - I don't expect people to NOT be upset at HT. But you yourself made the same point I did - that the source of the content is off-server.
> 
> I'm simply reassuring people that the viruses are not ON our server. That's it.


----------



## calliemoonbeam

Kung said:


> snip...Here are the tools I have on hand at ALL times; I ensure I keep them at LEAST on a CD, or on a USB drive:
> 
> - CCleaner
> - Cleanup!
> - Rkill (download both the .exe and the .com version)
> - Microsoft Security Essentials
> - Your choice of virus checkers (e.g., Avast! AVG, etc.)
> - Malwarebytes
> 
> I would have at LEAST CCleaner, Cleanup!, MSE and Malwarebytes installed, and make sure they stay updated at all times...snip


Thanks Kung, knew I could count on you for good info! I never thought about putting them on a USB, but that's an excellent idea! I just bought a few on a good sale, so have extras, can't think of a better use for one. "Drive-by virus", lol, what won't they think of next??


----------



## woodsy

Picked it up here too.
Ad aware found:
Trojan.win32.Generic!Bt Malware

It didn't look legit when it popped up, misspelled words like Registred etc..

link to info on what it is removal etc

http://www.spywareremove.com/removeTrojanWin32GenericBT.html


----------



## Dutchie

Or, hold your advertisers accountable or get rid of them.


----------



## chamoisee

Hazmat54 said:


> I could use advice about this. Within the hour I was on HT and firefox shut off and some microsoft security thing popped up saying I was infected with all kinds of bad stuff. It won't go away. (Note, I am online with my old MacBook right now.)
> 
> The Microsoft thing pops up whenever I try to get on the web. Clicking on a link just gets me the warning. And it says I should activate/buy the Microsoft security stuff. I thought it was something Microsoft was doing to generate revenue.
> 
> The computer in question is a Toshiba laptop I bought within the last couple of months. I wanted a bigger screen to watch videos while traveling. I got it real cheap at best buy and paid the $100 extra to have it all updated and set up by their techs. It has Webroot anti-virus installed, which has told me periodically that it is checking things and fixing them.
> 
> So, do I have malware on my computer? Or is Microsoft just running a scare campaign to get me to buy their anti-virus? It is unusable for web surfing as it sits right now. The Microsoft warning thing will not let me access any web site. It says I need to register/buy their service. I run the Webroot program and it says no problem.
> 
> I am heading back to Peoria this afternoon and can drop it off at best buy, should be free since I paid for their service.
> 
> Any help would be appreciated.
> 
> Scott


That's the trojan. If you have the disks to reboot it or whatever you can, otherwise I guess take it to a techie.


----------



## Hazmat54

Ok, I am hosed. Downloaded the bitdefender disc using my macbook. It booted up and took a half hour to tell me nothing was found. Tried booting up in safe mode to download those other programs, no go. Cannot access the web with the Toshiba. I delayed enough, got to head home now. Will try to restore from disks when I get home. Glad I have the old MacBook. Small screen, but reliable.

Thanks All,

Scott


----------



## Harry Chickpea

It is surprising to me just how pervasive the trojans/malware/viruses have become.

DW had a problem with her computer - I traced it to a hard drive issue. Swapped in a good HD, formatted, loaded her XP onto it, downloaded a driver for her net card, then downloaded fresh copies of Firefox, No-Script, Ad-blocker plus, Avast, Spybot Search and Destroy, the restrictive hosts file, and Malwarebytes. Installed malwarebytes first and BAM! it caught a trojandropper on the very first run of the clean install. This crud is just too prevalent these days.


----------



## Nevada

Okay, I just got a malware hit in the Countryside Families forum. Avast blocked it successfully so I can't see the banner. This is the warning.










The full URL is:

*CAUTION: DO NOT CLICK THIS URL.* IT IS ONLY FOR KUNG'S USE, IT ALMOST CERTAINLY CONTAINS A MALWARE PAYLOAD!
http://www.xorongraph.com/beginlns/087927611


----------



## Kung

Dutchie said:


> Or, hold your advertisers accountable or get rid of them.


THAT'LL be the day. That's like holding the specific Chinese person who assembled your Wal-Mart widget responsible. :happy2:


----------



## woodsy

We are still working on getting my user back up on a shared PC , DW's user is OK.


----------



## woodsy

OK so we've come to a situation where AVG has removed 3 trojan horses
but a win.32/ Heur virus remains.
It can be removed with a prompt but forced removal can cause system to crash or
system instability .
What course of action should we take here ?
Thanks


----------



## Nevada

woodsy said:


> OK so we've come to a situation where AVG has removed 3 trojan horses
> but a win.32/ Heur virus remains.
> It can be removed with a prompt but forced removal can cause system
> instability .
> What course of action should we take here ?
> Thanks


Scan with something else. Try the free version of Adaware.


----------



## woodsy

Nevada said:


> Scan with something else. Try the free version of Adaware.


Already ran Ad aware.


----------



## AverageJo

Kung said:


> No, you don't need a specific registry cleaner. I've used nothing but CCleaner for about the last 7 years, and it's done great.
> 
> Here are the tools I have on hand at ALL times; I ensure I keep them at LEAST on a CD, or on a USB drive:
> 
> - CCleaner
> - Cleanup!
> - Rkill (download both the .exe and the .com version)
> - Microsoft Security Essentials
> - Your choice of virus checkers (e.g., Avast! AVG, etc.)
> - Malwarebytes
> 
> I would have at LEAST CCleaner, Cleanup!, MSE and Malwarebytes installed, and make sure they stay updated at all times.
> 
> If one gets infected, then
> 
> a) boot into safe mode,
> b) run the 'at least' programs above, and then
> c) boot back into regular Windows.
> 
> If that does not work, then run Rkill and see if it knocks anything out.
> 
> If it STILL doesn't work, then I normally would recommend a disc-based recovery/cleaner disc; I'll weigh in tonight with my recommendations on which ones are best.


I just spent 5 hours with GeekSquad letting them clean up my computer and make it usable! I am not a techie and all this is foreign to me. I thought loading and using Norton would catch all these issues and you're recommending *6* programs that all need to be updated and run? What does all THAT cost? Or are all these free downloads? I'm confused and just a bit miffed that it takes all this to use HT without fear that my computer will crash and burn. Seriously, I'm thinking of leaving HT if this happens again.

Just today, being ONLY on HT, Norton has blocked an "unauthorized access", 2 "intrusion attempts" and 19 "Tracking cookies"... sigh...


----------



## Travis in Louisiana

Yep, I got slammed with the WIN 7 SECURITY virus yesterday while surfing HT at home. Son-in-law, the computer geek is working on my computer now. I put HACKERS up there with CHILD MOLESTERS, shoot them on site!!!


----------



## Nevada

Travis in Louisiana said:


> Yep, I got slammed with the WIN 7 SECURITY virus yesterday while surfing HT at home. Son-in-law, the computer geek is working on my computer now. I put HACKERS up there with CHILD MOLESTERS, shoot them on site!!!


I"m not sure why, but we draw a line between viruses and other malware. The difference is in the motivation behind distribution. The motivation behind viruses is generally considered to be vandalism. Spyware and other malware is for commercial interests. It used to be that antivirus software only targeted vandalism viruses, but that line is beginning to blur, if not fade completely. Antivirus software vendors are taking commercial malware more seriously now.

I think the idea was that it was evil to distribute a virus for fun, but for some strange reason distributing a virus for profit was acceptable. We are perhaps a decade behind in controlling the virus problem because of that. We only have ourselves to blame for not insisting on better protection.

When something like this happens to you it's a good time to rethink your security policy. If a virus got through it might be time to consider a different malware blocking solution.


----------



## Kung

AverageJo said:


> I just spent 5 hours with GeekSquad letting them clean up my computer and make it usable! I am not a techie and all this is foreign to me. I thought loading and using Norton would catch all these issues and you're recommending *6* programs that all need to be updated and run?


Bluntly put, YES, that's exactly what I'm recommending. Notice I didn't say they need to be run all the time; but to respond to an infection, yes.

And at the risk of making you upset, I have to be truthful and say that being surprised that Norton missed a virus/piece of spyware is tantamount to being surprised that you have to do repairs on a vehicle, despite expecting it to be reliable due to its brand.

The simple fact is that you *WILL* get viruses and spyware from time to time. It just so happens, unfortunately, that this time, the 'vehicle' for that infection happened to be the ad service that HT uses/used. 



> What does all THAT cost? Or are all these free downloads?


They're all free.



> I'm confused and just a bit miffed that it takes all this to use HT without fear that my computer will crash and burn. Seriously, I'm thinking of leaving HT if this happens again.


Well, I can't stop you from doing that; all I can do is assist people when something like this happens. I do have to confess, however, that there's not much else I can do. As it is, the server to run this site costs more than a few $ a month; and ALL of the time I and others devote to keeping this site running is pro bono (free). If you want to leave because you chose to spend money to get a computer fixed (rather than have one of us walk you through it, which we CAN do), then I can't stop you. :shrug:


----------



## Nevada

Kung said:


> all I can do is assist people when something like this happens. I do have to confess, however, that there's not much else I can do.


A couple of alternatives come to mind, but they all center around not using the advertising company who currently delivers banners to HT. The banners come from Evidon, who gets banners from a variety of sources. While we can individually opt-out of receiving banners from certain sources and categories, there is no way to know which advertisers malware is likely to come from. Evidon's TOS states a zero tolerance policy for spyware/malware distribution, but they don't seem to be very effective at controlling it.

If the problem doesn't go away then you will have little choice except to recommend a different advertiser to the powers-that-be here at HT. The reputation of the board is at stake. If income is the issue then you certainly can't afford to be blacklisted at search engines for delivering unsafe content, regardless of the source.

This thread appears to be a good bellwether for the safety of our advertiser. I suggest that the HT powers-that-be check this thread often and take contributions very seriously.


----------



## Harry Chickpea

Nevada is shooting it to you straight, Kung. It is standard knowledge in business that every customer who has a horrible experience will tell at least ten times more people about that, than any good experience. The site could shrivel away far easier than you might think.

Invasive ads and SPAM are the bane of those who drive your marketing figures. People are already on overload with advertising, and to have one reach out and seriously mess with their system to the point that they have to call in help is intolerable, pure and simple.

It is foolish to think that most users are fully capable of doing what we do with computers, and even we have to work to keep our level better than those who would do us harm. It IS the obligation of the site to serve ads that are clean from malware and viruses. In my opinion, the company providing that ads needs to provide reimbursement to the people who had to pay to have their computers cleaned.

I understand that you are working pro-bono. A lot of us do stuff pro-bono, and that is not relevant to the problem at hand. If I was site admin, I'd be looking at a way to gain more control over the ads, maybe even to the point of only allowing a whitelist of reliable advertisers to post vetted banners, at least until the problem is resolved. Next to impossible? Yes. Lots of stuff in business is. The ones that can't figure out how to handle the impossible go belly up.


----------



## HeelSpur

Now I know why McAfee interupted my using the computer the other day.
Said there was a trojan and it had successfully removed it.
Sorry to interupt your conversation.


----------



## Kung

Nevada said:


> A couple of alternatives come to mind, but they all center around not using the advertising company who currently delivers banners to HT.


Yes, but still, *I* can't do much about it. Chuck controls the ad sourcing.



> If the problem doesn't go away then you will have little choice except to recommend a different advertiser to the powers-that-be here at HT. The reputation of the board is at stake. If income is the issue then you certainly can't afford to be blacklisted at search engines for delivering unsafe content, regardless of the source.


I would agree 100%.



> This thread appears to be a good bellwether for the safety of our advertiser. I suggest that the HT powers-that-be check this thread often and take contributions very seriously.


I would also agree.


----------



## Kung

Harry Chickpea said:


> Nevada is shooting it to you straight, Kung. It is standard knowledge in business that every customer who has a horrible experience will tell at least ten times more people about that, than any good experience. The site could shrivel away far easier than you might think.


I'm well aware of this; but I don't own the site or the server. I just help with the server administration. I can make recommendations to Chuck, who owns the site and pays for the server and is utilizing the ad service on this site; but ultimately, I can do just that - make recommendations.



> It is foolish to think that most users are fully capable of doing what we do with computers, and even we have to work to keep our level better than those who would do us harm.


Correct - which is why I have offered many times to assist those who have had problems. I don't believe I've ever intimated that most users are fully capable of doing what we do.



> It IS the obligation of the site to serve ads that are clean from malware and viruses. In my opinion, the company providing that ads needs to provide reimbursement to the people who had to pay to have their computers cleaned.


Actually, it's the obligation of the AD service to serve ads that are clean from malware/viruses; it is our obligation to evaluate that ad service (as we are obviously doing) if something like this happens, and 'adjust fire.'

Chuck may not be around all the time, but trust me when I say that he's quite aware of what's going on with the ads. It's why he's blocked some of the ad sources that were/are serving up malware/adware.

It's also why we ask for the links and names of the sites that foist malware on us when it does happen.



> I understand that you are working pro-bono. A lot of us do stuff pro-bono, and that is not relevant to the problem at hand.


Actually, it is. The fact that my time here is pro-bono has a direct correlation on how much time I am able to spend on the site. My 'pro bono' statement was essentially an admission that I simply don't have the time (at least right now) to convince someone to stay if they don't want to stay. I have to prioritize, and right now, it's obvious what the priority should be, and is.



> If I was site admin, I'd be looking at a way to gain more control over the ads, maybe even to the point of only allowing a whitelist of reliable advertisers to post vetted banners, at least until the problem is resolved.


Who says we aren't? As I said above, Chuck is aware of the problem; I may be a site admin but Chuck controls the ad service.

My post(s) above aren't my way of saying "Sorry we're not gonna do squat about it." We *ARE* doing the things you have suggested, or are in the process of doing so. My posts have essentially been meant to say "I understand you're upset; but we can only do so much in the short term." Like it or not, these same ads pay for a large chunk of this server; and we can't just up and change ad services. We CAN adjust who gets through and who does not (which we are doing); we can communicate with the company that serves the ads (which we are doing), and so on.


----------



## Immaculate Sublimity

The thing is with THIS fake antivirus, virus, is thaqt it goes directly TO your regular antivirus and renders it inoperative, meaning even in safe mode its not affecting the virus... I have a screenshot of my Microsoft security essencials showing me where that virus ALLOWED itself in warnings I never actually got ratherthan asking me if I wanted to remove or quarentine. You can not access IE or any messengers while this thing is fake scanning your pc and the only way I've found to get rid of it - temporarily at least is by doing a sys restore in safe mode (which will tell you it failed - but it didnt) and then reloading malwarebytes and rerunning my MSE. The virus -is- coming through HT, and its a wicked one for those that know little to nothing about pc's you cant log on to 'ask for help' and this REALLY should be posted as a sticky at the top of all the forums to warn people - getting your machine reformatted at 'the shop' aint a cheap endeavor.


----------



## Kung

Immaculate Sublimity said:


> The thing is with THIS fake antivirus, virus, is thaqt it goes directly TO your regular antivirus and renders it inoperative, meaning even in safe mode its not affecting the virus...


We know. This has been the thing with HUNDREDS of fake antivirus programs.

This is why - again - I mention that we are MORE than glad to help people get rid of this thing when/if it pops up. I recently got this on a machine of my own, and it took me about 10 minutes to get rid of.

I'm NOT downplaying the severity of the infection, please understand this. But what I AM saying is that for many people here, it's an ENORMOUS problem. For me, it's merely a run-of-the-mill malware infection; and we can help with this.



> I have a screenshot of my Microsoft security essencials showing me where that virus ALLOWED itself in warnings I never actually got ratherthan asking me if I wanted to remove or quarentine. You can not access IE or any messengers while this thing is fake scanning your pc and the only way I've found to get rid of it - temporarily at least is by doing a sys restore in safe mode (which will tell you it failed - but it didnt) and then reloading malwarebytes and rerunning my MSE.


That's not the only way to get rid of it. But I can't HELP people with this unless they ask us. :shrug:



> this REALLY should be posted as a sticky at the top of all the forums to warn people - getting your machine reformatted at 'the shop' aint a cheap endeavor.


There *IS* a sticky already in this forum that shows how to combat spyware. It's the Basic Steps for Removing Spyware thread. (It does need to be updated a bit; and I am in the process of doing so, and will do so, this week and the next.

If one downloads the programs we recommend (and keeps them updated on a regular basis), they will both prevent the vast majority of spyware/malware/adware out there, AND will help respond to infections when they DO occur.


----------



## Chuck

It appears most of the trouble with Google ads comes from third party networks, which Google does not control. Therefore, I have just blocked all third party ads. I'm hoping that will fix the problem. I'm sorry for the trouble - this has been a recurring problem that Google has yet to get a handle on.


----------



## danielsumner

Got hit also. Everyone should have a copy of Malware bytes on a thumb drive. If you get hit, reboot your PC, run in safe mode and run Malware Bytes from the Thumb drive. You can fix most infections yourself and not have to pay someone to do basically the same thing.

Daniel


----------



## AngieM2

Chuck said:


> It appears most of the trouble with Google ads comes from third party networks, which Google does not control. Therefore, I have just blocked all third party ads. I'm hoping that will fix the problem. I'm sorry for the trouble - this has been a recurring problem that Google has yet to get a handle on.


thanks for making that change. I'm letting a few friends know so they won't feel anxious about logging in again.


----------



## calliemoonbeam

Thanks Chuck! Sorry you're having to deal with the hassle. I just wanted to say that, in spite of the malware and virus problems, I appreciate this site so much and thank you for maintaining it and to all the mods and techs who keep it going. 

I do my share of criticism when something goes wrong, but I also like to compliment when things are good, and I love HT, so thanks to all who make it possible for me to be here.


----------



## Kung

Thanks Chuck - I hate(d) to keep saying 'Chuck does this' but I needed people to realize there is a difference between doing site admin and controlling the ads, lest I get inundated with requests to block this or that, which I can't do.


----------



## chickenslayer

The truth is if you spend enough time on the net you are going to pick up a nasty or two. I just read recently that the New York Times had their ads hacked and were infecting readers. I'm sure that the Times has a small army of tech's running their site 24/7 and a substantial security budget. My point is that fighting malware is an ongoing battle and I think the admin's here are doing a fine job. Remember that it's your computer and you need to understand that the security is up to you.


----------



## mrs oz

I got mine when I was reading Cabin Fever's thread about making a SPAM pie for Wind In Her Hair. I personally blame SPAM.


----------



## fordy

..................I rece'ved a free trojan yesterday PM while surfing on the net but I honestly don't know where I picked it up ! Took about an hour to finally run Malware bytes , then I did a Restore and it seems to be gone ! , fordy


----------



## katydidagain

Immaculate Sublimity said:


> The thing is with THIS fake antivirus, virus, is thaqt it goes directly TO your regular antivirus and renders it inoperative, meaning even in safe mode its not affecting the virus... I have a screenshot of my Microsoft security essencials showing me where that virus ALLOWED itself in warnings I never actually got ratherthan asking me if I wanted to remove or quarentine. You can not access IE or any messengers while this thing is fake scanning your pc and the only way I've found to get rid of it - temporarily at least is by doing a sys restore in safe mode (which will tell you it failed - but it didnt) and then reloading malwarebytes and rerunning my MSE. The virus -is- coming through HT, and its a wicked one for those that know little to nothing about pc's you cant log on to 'ask for help' and this REALLY should be posted as a sticky at the top of all the forums to warn people - getting your machine reformatted at 'the shop' aint a cheap endeavor.


Bingo! Except I temporarily disable it by hitting Ctrl Alt Delete and turning off bfg.exe. That works until I try to do more than surf stupid stuff. If I search about it or open a new program or do something it doesn't like , it returns again until I turn it off--kinda.

Believe it or not I have never had a virus in over 20+ years on a computer. Lucky? Maybe or maybe really careful but now I've got one. Reformatting isn't an option right now and my computer guru isn't nearby.

I haven't been on HT in a long time then wandered in to PM someone and I was fried by this nonsense. It won't let anything that might shed it run! How do you get rid of it safely? Free, hopefully. BTW, AVG was up to date but is disabled now as is Adaware and Spybot; it seems to know its enemies and prevents all attacks. I can download lots of fixes but they won't run. What a mess! What to do?


----------



## fordy

katydidagain said:


> Bingo! Except I temporarily disable it by hitting Ctrl Alt Delete and turning off bfg.exe. That works until I try to do more than surf stupid stuff. If I search about it or open a new program or do something it doesn't like , it returns again until I turn it off--kinda.
> 
> Believe it or not I have never had a virus in over 20+ years on a computer. Lucky? Maybe or maybe really careful but now I've got one. Reformatting isn't an option right now and my computer guru isn't nearby.
> 
> I haven't been on HT in a long time then wandered in to PM someone and I was fried by this nonsense. It won't let anything that might shed it run! How do you get rid of it safely? Free, hopefully. BTW, AVG was up to date but is disabled now as is Adaware and Spybot; it seems to know its enemies and prevents all attacks. I can download lots of fixes but they won't run. What a mess! What to do?



..................What worked for me........when I would click on the Icon on the screen nothing would happen , But ......you can right click on the same icon it will bring up a whole list of choices , ONE of which says 'Start' , when I clicked on that choice Malwarebytes activiated and I ran a full scan , and 5 bugs were flagged , which I then removed . 
..................Once I had run the scan , I then Ran Restore and No more Trojan ! , fordy


----------



## calliemoonbeam

Katy! Good to see you girl, was just wondering where you'd gotten off to for so long, lol. You may have to boot into safe mode, and that's better left or wiser minds than mine to explain, lol. But Kung or one of the guys should be able to talk you through it, PM one of them if you don't get a response here soon. Hope you get it fixed!


----------



## Kung

katydidagain said:


> Bingo! Except I temporarily disable it by hitting Ctrl Alt Delete and turning off bfg.exe. That works until I try to do more than surf stupid stuff. If I search about it or open a new program or do something it doesn't like , it returns again until I turn it off--kinda.
> 
> Believe it or not I have never had a virus in over 20+ years on a computer. Lucky? Maybe or maybe really careful but now I've got one. Reformatting isn't an option right now and my computer guru isn't nearby.
> 
> I haven't been on HT in a long time then wandered in to PM someone and I was fried by this nonsense. It won't let anything that might shed it run! How do you get rid of it safely? Free, hopefully. BTW, AVG was up to date but is disabled now as is Adaware and Spybot; it seems to know its enemies and prevents all attacks. I can download lots of fixes but they won't run. What a mess! What to do?


Did you try the Rkill download/fix? Specifically, download both the Rkill.com and the Rkill.exe files; and try running the .exe. If that doesn't work, run the .com file. The links are in the "Basic Steps for Removing Spyware" thread.

Once THAT runs, it SHOULD allow you to run your other antispyware/antivirus programs; then you can run them once, remove what they remove, and then I'd update them and run them again.

Try that and let us know what happens.


----------



## katydidagain

I've been busy packing so haven't had much time to devote to this but...

I downloaded the .com file--I couldn't find the .exe easily.

I ran it in regular mode and my AVG came back but was disabled.

So I went to safe mode, ran it again and then tried AVG. I backed away from the screen the 1st time because it wasn't what I was used to using. (Both looked like old DOS apps which is a bit startling in 2011.) Then I figured I'd go ahead because I was stuck anyway. 

I'm not sure if it turned off or I accidentally hit a stop but it ended. It did find the bfg.exe and a couple of other Trojans. 

I restarted in safe mode, ran Rkill again and then AVG. (I got interrupted and ran both 2x just in case.)

Back in regular mode I downloaded AVG and reinstalled because I could not get my installed version to scan; I did the same with AdAware. AVG insisted that I restart which I did because for some reason I suddenly couldn't write e-mails. I can now. I'm doing a deep scan which is still running; so far nothing has been detected. AdAware wants me to restart which I will when AVG is done. 

The program you recommended is the only 1 that this stupid thing didn't block--perhaps that should be malicious thing. (I hope stating that here doesn't make the hackers hack it.)

Fingers crossed the nightmare is over soon.

Thanks!

PS Hi, Callie! My life is about to really change a lot--for the good I hope. Every heard of a Mail Order Maid? I hadn't but I've known my new "employer" for over 7 years though we've never met so I'm taking a chance.


----------



## Hazmat54

So have you come up with a recommendation for the disc-based recovery/cleaner disc?


----------



## Kung

katydidagain said:


> I've been busy packing so haven't had much time to devote to this but...
> 
> I downloaded the .com file--I couldn't find the .exe easily.
> 
> I ran it in regular mode and my AVG came back but was disabled.
> 
> So I went to safe mode, ran it again and then tried AVG. I backed away from the screen the 1st time because it wasn't what I was used to using. (Both looked like old DOS apps which is a bit startling in 2011.) Then I figured I'd go ahead because I was stuck anyway.
> 
> I'm not sure if it turned off or I accidentally hit a stop but it ended. It did find the bfg.exe and a couple of other Trojans.
> 
> I restarted in safe mode, ran Rkill again and then AVG. (I got interrupted and ran both 2x just in case.)
> 
> Back in regular mode I downloaded AVG and reinstalled because I could not get my installed version to scan; I did the same with AdAware. AVG insisted that I restart which I did because for some reason I suddenly couldn't write e-mails. I can now. I'm doing a deep scan which is still running; so far nothing has been detected. AdAware wants me to restart which I will when AVG is done.
> 
> The program you recommended is the only 1 that this stupid thing didn't block--perhaps that should be malicious thing. (I hope stating that here doesn't make the hackers hack it.)
> 
> Fingers crossed the nightmare is over soon.
> 
> Thanks!
> 
> PS Hi, Callie! My life is about to really change a lot--for the good I hope. Every heard of a Mail Order Maid? I hadn't but I've known my new "employer" for over 7 years though we've never met so I'm taking a chance.


Yep, not surprised that Rkill.com found/terminated it. That's the file that works when darn near EVERY other one doesn't. 

It's not 'fun' to have to do all this...but my point is that cleaning a computer that's infected

a) can be done and
b) doesn't have to cost money.

I'm not trying to 'talk smack' towards anyone who had to pay money - don't get me wrong, I'd be upset if I were them as well. But pretty much every tech who has ever posted on this site has offered assistance before. 

I'm just glad that it's working.


----------



## Kung

Hazmat54 said:


> So have you come up with a recommendation for the disc-based recovery/cleaner disc?


There are a couple of them, actually; I've not had the time to personally try them, but I'm getting ready to.....*SO* if you download and try to use these and something happens, understand that until about Monday/Tuesday, I have *NO* clue how they'll work.

Anyways, here's what I've found: (FYI - the 2nd and 3rd links will require CD burning software that can burn ISOs to a CD, such as ImgBurn or CDBurnerXP.

- This link will tell you how to create an Ubuntu Live CD.

- Kapersky Rescue CD

- BitDefender Rescue CD

These are just some of the ideas. One can also (assuming they have a copy of Windows XP) create an Ultimate Boot CD for Windows (also known as UBCD4Win).

www.ubcd4win.com

It's essentially a customized bootable version of Windows. ALL of the antivirus scanners (as well as Ubuntu, and UBCD4Win) will be more effective than anything scanning while you're actually logged on, simply because of the fact that when you're using a bootable CD, you're NOT logged onto Windows, and therefore nothing can run from that Windows partition - including the spyware.


----------



## akane

I don't see why people have so much trouble avoiding virus and malware... Don't use IE, install an adblocker, and you are probably better off than using an antivirus program by itself irregardless of the quality. 90% of the stuff I clean off computers of friends and family is from ads and popups that could have quite easily been avoided with a popup/ad blocker and using firefox, chrome, opera, etc... Most people don't download or click on much besides the fake antivirus ads that will get them a virus. I actually deleted IE and installed firefox with adblock on the personal computer at my mom's house (she has 4 work computers in her home office as well) so that my stepdad who kept getting things from popups couldn't avoid everything I was doing to stop them. I don't really bother with keeping the antivirus up to date on that computer because that takes care of it given the sites that computer is used for. It has some version of avg I haven't touched in 2 years since. I do have trend micro paid subscription on our computers and my mom's work computers. I used to use comodo firewall but found no point these days. 

I did a new windows 7 install on a computer, ran all the updates including security ones, but continued to use IE without a popup blocker and with the latest popular free antivirus software. It worked for all of 3 days before the os was trashed and I just ended up reinstalling since saving 3 days of use on a computer was not worth removing everything that it had picked up. I also had a heck of a time watching vidoes and using certain sites because autoplay video ads would start with loud volume. I'm really not sure how anyone uses the internet without adblock. I have to turn it off when doing certain work tasks and it sure is annoying when I forget to turn it back on. I like the useful icon in the bottom corner of the browser with this version that you can just click to enable/disable instead of having to go to options.


----------



## katydidagain

akane said:


> I don't see why people have so much trouble avoiding virus and malware... Don't use IE, install an adblocker, and you are probably better off than using an antivirus program by itself irregardless of the quality. 90% of the stuff I clean off computers of friends and family is from ads and popups that could have quite easily been avoided with a popup/ad blocker and using firefox, chrome, opera, etc... Most people don't download or click on much besides the fake antivirus ads that will get them a virus.


I've never had an infection; I've been online for many years. I use Firefox and have ads blocked; I don't click on fake antivirus ads and shut down immediately if I get a warning or some window persists in opening. I periodically run spyware scans. My virus protection was up to date; I guess using it makes me a lemming but it doesn't hurt so why not? As careful as I am, it still got me--really fast!

I'm the last person to pay for service; I've been under the hood of Commodores (seriously), Macs and PCs too many times to go that route without trying to resolve the issue on my own or with help. But I was stuck before Kung recommended Rkill; it's on my thumb drive now! 

Thanks again.


----------



## Kung

For the record (and this kinda proves a point I made a few times - not directed towards you, katy), I've had that Rkill link on my 'Basic Steps for Removing Spyware' thread for a year or so now. You've seen how effective it can be....

...and now you see why I get frustrated when people get upset because they 'had' to take it to a shop.


----------



## katydidagain

Kung said:


> For the record (and this kinda proves a point I made a few times - not directed towards you, katy), I've had that Rkill link on my 'Basic Steps for Removing Spyware' thread for a year or so now. You've seen how effective it can be....
> 
> ...and now you see why I get frustrated when people get upset because they 'had' to take it to a shop.


In all fairness to those of us who don't need help often, I've noticed the spyware sticky but totally ignored it since it didn't apply to me and appeared "dated" so I didn't think to look there when this happened. I needed help immediately--up to date help. A creature of the Net, I went searching for an answer, got scared uncertain I could trust any result so I e-mailed my 25 year old son who, BTW was playing with my Commodore when he was 3 and has been free to mess up all my systems since (which he did for ages--he's now in the field--yikes the pain of getting him there!) but he was too busy to give me a quick answer. I just happened to wander back here, saw this thread and posted a "help me" so I got a free fix with a little effort. Not sure how to help others to not spend money.


----------



## copperkid3

that something was up, was right after checking in for one of my daily doses of HT and suddenly 
noticed a pop-up from Norton Anti-virus in the lower right corner of the screen, letting me 
know that a trojan had been prevented from entering and that there was nothing to worry 
about (or words to that effect). I closed that pop-up notice and within another minute or so, 
it popped up again with the same message. Upon closing *THAT* one, the entire screen 
clicked off and went black and then came back on with a notice from Microsoft (just like HazMat54 
mentioned in post #31) and that it was performing a scan.......when it finished several minutes later,
it stated that I had a variety of viruses, trojans, worms, malware, etc., totaling 29 different types and 
suggested that I buy an update to take care of it. Of course I resisted as I had no idea whether it would 
help, but also because it would not allow me to 'escape' and kept looping me back to the same warning ad 
and I don't do business with extortionists......besides, I didn't have a clue on what to do and couldn't access
this thread even if I'd wanted to. So.......took it in the following day to my local computer geek and he spent 
the weekend working on it.......but even he had problems with it and he gave it to one of his support personnel
to take home and work the final 'bugs' out. Got it back on the following Monday evening, *(after paying $35) 
took it home and hooked it back up (which was a small miracle in itself, as the xwife had always done that in 
the past) and logged on and used it for approximately 6 hours. The next morning (having *NOT* logged off,
since my MagicJack phone system is tied into the computer), I started to check my favorite site (HT) and within
20 minutes, the screen suddenly made that click and blacked out and there was the Microsoft warning doing a scan 
and when it finished, it announced that my 'puter now had 32 assorted bugs!!! Immediately shut it down and contacted 
the secondary geek who had allegedly cleansed it and made arrangements to drop it off for him to fix again. He spent 
the entire day on it and got it going that evening and assured me that it was now fixed. Have been on it for 4 days
now and it seems to be holding, but have noticed that I've had two instances where a small pop-up in the center of the
screen comes up and tells me that some system has temporarily gone down and it may be because of some power outage.....
I closed the box and nothing else seems to happen......so far. It might sound like I know what Kung and others are talking 
about....but it's like having a little bit of understanding on speaking Spanish.....can get the idea across with a few words and 
a lot of hand signals, but if we're trying to carry on a "normal" conversation......then I'm lost. :yuck:


----------



## Nevada

copperkid3 said:


> Microsoft warning doing a scan and when it finished, it announced that my 'puter now had 32 assorted bugs!!!


When you see a high number of objectionable objects that fast they are mostly going to be tracking cookies. Those aren't particularly harmful and can be cleared with something like Adaware free. There really is no reason to take your computer to your geek for that.


----------



## Immaculate Sublimity

Nevada, this was a fake antivirus virus, those bugs didnt exist on his pc... but bet your sweet bippy that the fake antivirus did. The first thing I tell people to do in these instances is - 

Disconnect from the internet... unplug the modem if you need to.... 
Restart in safe mode... This particular bug still tried to RUN in safe mode... 

If the bug doesnt self launch in safe mode... run something like malwarebytes from an outside source like a flash drive - since this nasty virus disables any AV you presently have on your machine.

For this particular annoying virus, the easiest way to rid it - for me was to do a system restore to sometime at the end of november... With this virus it WILL say the sys restore failed - even in safe mode. It doesnt. when you restart the restore did take effect and you're almost 'clean' on your machine.... THEN run a full scan with the AV of your choice... a quick scan will not de-bug your PC.


----------



## Nevada

Immaculate Sublimity said:


> Nevada, this was a fake antivirus virus, those bugs didnt exist on his pc... but bet your sweet bippy that the fake antivirus did.


I'm not so sure, but a complete system scan in safe mode certainly couldn't hurt.

I would run the scan as an overnight job. It may take that long.


----------



## Kung

katydidagain said:


> In all fairness to those of us who don't need help often, I've noticed the spyware sticky but totally ignored it since it didn't apply to me and appeared "dated" so I didn't think to look there when this happened.


There are/were parts that were not up to date, but the pertinent parts were, in fact, up to date. I make sure of that.

(For the record, I'm going to update it now completely.)


----------



## Our Little Farm

Kung said:


> For the record (and this kinda proves a point I made a few times - not directed towards you, katy), I've had that Rkill link on my 'Basic Steps for Removing Spyware' thread for a year or so now. You've seen how effective it can be....
> 
> ...and now you see why I get frustrated when people get upset because they 'had' to take it to a shop.


Well some of us find it frustrating when this was first reported and you said we were not getting it from the HT site.


----------



## tallpines

our little farm said:


> well some of us find it frustrating when this was first reported and you said we were not getting it from the ht site.


Amen!


----------



## Kung

Our Little Farm said:


> Well some of us find it frustrating when this was first reported and you said we were not getting it from the HT site.


And I stand by what I said. Technically, it WAS NOT from HT. The actual infection came from an ad link leading to an off-site (as in, not on our server) location. I can't apologize for being truthful.

*HOWEVER*....I can and will apologize for adding to the frustration level at the time; I could have explained things better. As my father says, perception is a very real thing. Regardless of technical explanations, yes, you were on HT when you received it. And for that, I apologize. 

For the record, the reason I hastened to point out "It's not 'from' HT" was NEVER to say "Nope, not our fault/responsibility, nanner nanner boo boo."  My intention was to point out the difference between getting an infection from an ad link on our site, and getting it from our actual SERVER. (Trust me when I say that as bad as getting an infection passed by an ad service was/is, it would be a MUCH bigger PITA if it was our actual server that was infected. :shocked

Again, however, perception is everything. Regardless of how assured I was/am that our server wasn't infected, all anyone knew is that

a) their computer was infected and
b) it happened at HT

and that's the name of that tune. LOL Again, my apologies for the frustration.


----------



## Melissa

I am going to close this thread since the necessary information has already been given and discussed.


----------



## Kung

Agreed. There's a *lot *more I could add, or explain; but bluntly put, when frustrations run high, people read and hear what they want.

I will add two things. One; while I did everything that I have the ability to do (e.g., I was running virus/malware scans on our server as soon as I read of this thread, regardless of assumptions to the contrary), there are things that I DON'T have access to - e.g., the ad service. Assumptions that nothing was being done were unfounded; I was speaking to Chuck from the very first time I read this. But if we're both busy....:shrug:

Two, however, what *IS* under my control is how I represent HT, how I come across to the board, etc. Being in 'techie' mode at the time did not help to defuse matters; if anything, it added to frustration. For that, I apologize. Regardless of what people may think of me personally, I can assure you that I have read and will continue to read this thread (even the deleted posts), so I can analyze what I did wrong, what I can do better, in an effort to improve myself.


----------

