What to do? I just picked up some internet clap! Help!

Can I run two scans at once? Windows security essentials is running now and thinking of running a Malwarebytes full scan after or alongside [malwarebytes quick scan found nothing]

Did you just update your pc? I see that mine says “Updates are ready for your computer” and it is not the second Tuesday of the month.
I don’t have another answer for you. I just want to know if this is a new ‘feature’ that is being rolled out

No No I had this happen once before in may and it nearly wrecked my machine. That time I think the culprit was downloading something horrid called super mega pet.

I find that a combination of Spybot S&D (which offers real-time protection, unlike Malwarebytes) and either Avast! or Avira prevents that sort of thing. They can also fix systems that aren’t too far gone.

@jerv I used to have Spybot S&D and avast! but when I got the Windows 7 machine my other half said that I should only use the Windows Essential, that running too many ongoing protections made them work against each other. He grudgingly allows that running Malwarebytes as a fix is ok. Will Spybot S & D work equally well as a fix? Will it conflict with Windows Essential if I set it up as ongoing protection?

I run Windows 7.

I shut MSE off to avoid conflicts.

You should only have one antivirus program running at a time, but Spybot isn’t antivirus, so it won’t conflict any more than wearing steel-toe boots prevents wearing leather workgloves.

I use MSE for real-time protection. It’s lightweight and quite good. I download, use and then delete Malwarebytes when I run into a problem that MSE didn’t catch. (It bogs down my machine if I leave it on there.) You may have to run it in safe mode to get rid of something tricky, though.

@augustlan why do I need safe mode?

Safe Mode loads just the basics. If there is a problem with one of your “extra” things that normally load at startup, you can’t fix it because it’s running; if you boot into Safe Mode, it won’t be running, and therefore can be deleted.

I am baffled because I ran SpyBot S&D and it found malware called Win32downloader.gen as well as a program I thought benign called Systweak RegCleaner Pro—it found 2 instances of the Systweak and one of the Win32downloader but said it coyuld only remove one because I needed to be logged on as admin! I have admin privileges. Usually I just get a little box that says contine and the operation continues as admin-privileged, but I did not get this. I rebooted and found spybot only took out one of the 2 Systweaks and I think the real dirty birdie is the Win32downloader. And it still won’t call me ADMIN.

That Win32 thing is the fucking devil. I think Malwarebytes in safe mode got rid of that one when I had it (long ago, so I may not be remembering correctly.)

I just got rid of win32 with Spybot S & D in safe mode
THANKS ALL!

Safe mode is the bomb. Glad it worked for you!

Keeerist! I just did all that stuff and ran all that stuff and the little “links” are back all over Fluther!!! Many if them seem to be featured by something called GetSavin and that other horrid thing yellowmoxie! It is the same thing that nearly wrecked my computer in may and its still not gone!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

@anartist Please tell me you don’t run Internet Explorer! The entire concept of ActiveX installing software with direct access to deep levels of my OS without the courtesy of asking.

Also, browser toolbars are evil; don’t use them. There are also certain browser add-ons/extensions other than toolbars) that do the same thing. Here is some information that may be useful.

I forgot how much stuff is blocked by running Firefox with the AdBlock add-on that I didn’t think of it until now.

@anartist Don’t run two malware scanners at the same time. At best it wastes compute cycles. Two scanners running at the same time can interfere with each other, one may prevent the other from finishing, or they may loop around each other, depending on how the program is made. If you have an on-access scanner running (the one that runs all the time in the background and pops up warnings) then it’s probably ok to run it at the same time as the on-demand scan (the one you invoke that gives you a report after it’s done.) I wouldn’t do it (I would run a live Linux, mount the drives, and use clamav) but it don’t know that it will hurt anything.

As @jerv points out, Safe Mode is useful in these circumstances because it doesn’t load extraneous things at boot. This is the same reason I use a live Linux for these things- most Windows malware can’t run in a Linux environment without the user forcing it, and in general things don’t run if they aren’t loaded. (Well, there’s also the fact that I use Linux for almost everything else, but that’s beside the point :^)

I’m sorry to hear that your problem has recurred. Maybe you should use something like the Avira LiveCD.

Also, as @jerv says, don’t use toolbars and restrict your use of IE. I understand you might not be able to avoid it in all cases, but it is a notorious malware vector and (in my opinion) an unacceptable security risk.

@jerv I use firefox and avoid all toolbars [always click don’t install since I had to get rid of something called whitesmoke or conduit some years back] except firefox’s web developer bar. Firefox may block a lot don’t know if Adblock is current [these constant upgrades are a pain in the A] do have better privacy but that doesn’t seem to work against this. Malwarebytes is running again only in safe mode. I found out how I got it. Fell for the same thing I did last time. I go to a trusted site [last time it was ABEbooks offering me a 50% discount on books if I took a survey—this time it was Amazon rewarding me for my x-number visit with a choice of free gift if I answered 5 questions]—stuff is sneakily seamless but this is second. “Fool a man twice . . . ”
And this thing can even crawl into the screen of something like MajorGeeks and mimic the design and ask a question because that is what it did last time. AAARRRRGGGGGHHHHHHH

It takes hours to run a full scan and maybe it will find nothing again. I have screen grabbed the phish and have the source url but don’t know what to do with it. I also tried to see which files changed after I responded to this url but don’t know how as the results of search C:\ by date were inconclusive. If I could tell maybe I could replace them with files from a 5-day-old backup. Or maybe just try to save any new work I can find and then restore the whole backup. But could the new pix and word files and txt files also be contaminated?

I had AdBlockPlus running even [I just checked] and it still came after me. Thanks, Jerv for that link. GetSavin had installed itself as an add-on to firefox.

@anartist – Here’s one thing you can do with that url: https://www.us-cert.gov/report-phishing/

If you want a tool that can report to you about historical file changes (including who / what program made them) what you are looking for is called “Host-Based Intrusion Detection” or HIDS. (Well, actually it’s called File Integrity Monitoring, but that’s a part of most HIDS suites.) It’s not a built-in part of Windows AFAIK, but the NT event log is, and that might be helpful to you.

OpenHIDS came up after a quick googling, I have never used it so I can’t verify its effectiveness nor ease of use.

It seems odd to me that things should be installable (even as Firefox plugins) without your consent or even notification. Are you usually logged-in as a “normal” (limited) user, or as one with “Superuser” or “Administrator” privileges?

@rexacoracofalipitorius as admin. I am always needing to do little admin things and I set myself up as superuser. It would be a pain to reproduce my very complex user setup in duplicaton as a regular user and I would keep forgetting which user had my work files.

Your open source HIDS went to a dead link but I found this one don’t know if it is free http://www.ossec.net/ and will keep looking

@anartist If you run as a Superuser/admin at all times, that is a HUGE vulnerability. Basically, stuff will run with unrestricted access, possibly without your knowledge due to implied consent.

Most Linux users (those with any computer savvy) use a normal account with limited privileges for everything and us the sudo command to temporarily elevate privileges for those things that require admin privileges. The root account should be used ONLY for serious, heavy-duty, voodoo ritual-type system work. Using it for anything else is just asking for trouble. Unless you’re the type of person who drives without a seat belt and leaves their car unlocked with the keys in the ignition when they park, you really shouldn’t do it.

A normal account with the occasional use of “Run as administrator” or sudo is far more secure, and prevents the sort of system changes required for most malware to work. That is, in fact, the entire point.

BTW, I tested that link; it popped up fine for me. Maybe you hit it at a bad time, like in the middle of a server glitch?

and this http://sourceforge.net/projects/sustorid/?source=directory

@jerv yes, jerv, I sort of know and I actually set up an admin account with the face of Harold from Person of Interest. I made an animated screensaver of him too see here but my other half complained about having 2 users on my machine—he didn’t like it and he’s the resident computer kahuna when he is here. Also I created Harold/admin because at one point I got locked out of my own admin privileges [during a period when my windows wouldn’t load properly on my HP computer and just kept going….preparing desktop….preparing desktop… and dumping me into this default barren wasteland user] and I couldn’t fix it without “asking Leo” who answered thank god.

But I ended up never using Harold and I am sort of afraid of locking myself out again and I will have to copy all those utility widgets over to Harold like Malwarebytes and Recuva and CCleaner so on and so on I have a ton of em—it worries me

maybe it is not as complicated as I make it seem maybe i can set up stuff so just enough programs are shared by me and ‘Harold’ that I am not stuck on either side of the fence, and just too few to make me want to hang around in Harold’s space when I am not doing admin stuff.

Oh and I have gone to sleep with the doors unlocked have left my keys in the car etc
[not on purpose of course]

This is what I have now:
more on Harold/ADMIN than I thought
but so many admin-ish utils are on AAA
AAA desktop
AAA with some utilities displayed

Multiple accounts on my machine are pretty much mandatory for a variety of reasons, mostly that I would not tolerate using a desktop that looks like your AAA desktop. I’d choke somebody! But the difference is that I’m the computer guru between us, and we determined that the hassle of one extra mouse-click at startup was insignificant comapred ot simmering resentment.

However, I can access Spybot and Avast! from my wife’s profile anyways since those install for all users, and run with elevated privileges; they automatically have admin access even if you don’t.

As for locking yourself out, there are enough ways to reset admin passwords (that I won’t detail here; I don’t want anybody getting any ideas) that I personally never worry about that. Let’s just say that having a spare set of keys is occasionally helpful ;)

@jerv to each his own. I really need all that organized clutter. I even regularly do screen grabs of the desktop to make sure I can put them back in the same places when something disrupts them I find things like a blind man and could not bear to be without it—

that is one reason I am fighting off windows 8 kicking and screaming. All those stupid big tiles—what a waste of real estate—I could fit 4 icons where each tile is.

I am usually running 3 or 4 programs as once for the same project and usually have about 30 active tabs on firefox

Pat and I do have separate desktops on the machine we often share. I had even made him a separate desktop on this one although he rarely uses it but he didn’t like it. I guess I could at least step down to ‘power user’ from admin and run harold around the block a few times . . .

Don’t get me wrong. I know it is the wise thing to do. And I’ve even done it for a little while. But too long it’s been more like some people I knew in government—The boss would promote his top assistant to the same grade as himself—then the following year apply for a promotion for himself so he would have proper supervisory authority. It worked for several rounds . . .

@anartist I’m sorry to hear that your SO objects to the existence of multiple accounts on your machine- but it’s your machine. As such, when your machine is compromised in this way, it’s because of something you didn’t do. It’s your responsibility to secure the machine, and it’s your responsibility to pick up the pieces when an attack succeeds.

If you share a computer, you need separate accounts. DO NOT share accounts, no matter how close you are to the other person, not even if the other person is literally an exact copy of you with the same thoughts and feelings. It will, eventually, lead to heartache. There are too many reasons why to enumerate here. I hope it’s enough if I say I’ve seen it over and over lead to bad things, including the dissolution of more than one marriage.
There’s a concept in security called separation of privilege. It usually has to do with programs, but it applies to people as well.
Privilege separation has a lot of benefits, but the most relevant one here is that any sensitive data would be spread across multiple separate accounts. If an attacker breaks into your computer, he gets all of your and your SO’s data if you share an account. If you keep separate accounts, the attacker has to compromise each account separately. This can more than double the amount of work required to steal that data.
Note that having an administrative account constantly logged-in breaks privilege separatoin. An admin account has all privileges and can go anywhere, so if it gets compromised then an attacker can use it to steal all the data on the system.

These two things are the main reason why Windows has such a terrible reputation for security. By running as root and sharing accounts, users invalidate at least half of the hard work that Microsoft has put in to securing Windows. (Of course, Microsoft doesn’t advertise that fact or make much attempt to educate their users, so some blame must redound to them as well.)

Your multitasking needs are noted, but moot. Right now I have 25 tabs open in one Firefox, 4 in another, and 12 in Chrome; a key manager, two text editors, a PDF reader, eight terminals and a file manager all going, and I’m not really even doing anything. I’m logged in as a normal user account, and all these programs run fine. If they didn’t I could accord them elevated privileges in the usual way.

As far as finding stuff, do you find it by name or by picture or by position? I tend to remember either the name of the program or the name of the task, so I have a search thing (GNOME Do) configured so that I type in a few letters of what I want and get a list to choose from. It’s easy for me and fast. If you find things by position or picture then there’s probably some way to automate finding stuff that’s easier than you having to take screenshots and painstakingly recreate your icon layout (never mind that you have to keep looking at your desktop. I haven’t seen my desktop in weeks, and I have four of them!)
At the very least I could probably help you to write a script to automate re-setting your icons, if you think that would help.

oh p.s. when I am in a clean-up, organizing mood after some projects are done, the stuff in the center gets filed away. It’s the perimeter stuff- 3 columns wide left and right, 2 rows deep top, and one row across the bottom, that must stay put.

By the way, suStorID is meant for web servers, and it does not look like it would be very good for general-purpose desktop machines.

@anartist I have enough things going on that I need many, many, many nested subfolders to keep things organized enough to remain workable. Just my collection of PDF versions of my pen-and-paper RPGs contains a bunch of folders dedicated for each system, and a few have subfolders for each edition as certain editions of certain systems may have 50–100 books to themselves. My music collection is similar, and I have enough utilities to require categories there as well. I find it easier to navigate a logical series of sub-folders based on purpose/contents than to find a needle in a haystack. I find ”Utilities -> Defragmentation -> Defraggler” easier than ”Which one of these 825 icons here is it?”. Even then, my desktop have more stuff on it than I like (about 5 columns worth) for the myriad of things I use at least every other day, half of them shortcuts to oft-used spots in my file tree.

My wife, on the other hand, has no issues with a desktop that has a kajillion files that are a mix of pictures, recipes, application shortcuts, PDF copies of bills/receipts, and more all mixed together. Thus her and I cannot share a desktop, and must have separate profiles. To each their own, but I find that the best case scenario is that two people will always have different enough organization schemes that sharing a profile is impractical. It’s fine to share towels, a toothbrush, and a bed, but not desktops; that tends to cause tensions you really don’t want to deal with.

Lastly, I am with @rexacoracofalipitorius when I say, ”Only 30 tabs?! Amateur!”.

Actually @jerv this is almost like subfolders for me except visual, which is what I am:
Left side Computer BASIC, first row user libraries computer network control trash, lower hp computer specific, main browsers-next row AV, more browsers, more HP, next row kindle and cloud related, more AV

Top: first row main programs: a few fave accessories, open office, MS office, Adobe CS4, a few more design-related programs
second row: my own ongoing website development, my writers’ groups, issues with computer problems

right side: folders I access most often, basic breakdowns [drives, major subfolders]top and bottom, next row my photo archives, next 2 rows my most naacessed personal files, next 3 rows, my clients files, grouped by client.

corners adobe reader, adobe acrobat, crossloop

across the bottom, must have things—backup software-thunderbird—text files with needed things like my rolodex, all of my online accounts and access information, infor about my setup on my webhosts & registrars for all accounts, software keys, a few more handy needed, utilites

It is merely a visual directory and doesn’t take a bunch of clicks just a peripheral glimpse.

“chacun à son goût” said the old lady as she kissed the cow.

@anartist So long as it makes sense to you, that’s the important part. However, I think it illustrates the difficulties of sharing profiles.