|
(Edited: this got a little too E/N for this discussion.)
Three-Phase fucked around with this message at 23:07 on Mar 6, 2014 |
# ? Feb 15, 2014 01:05 |
|
|
# ? May 22, 2024 04:01 |
|
So I can't access google. I try, and instead get a scary message underneath a picture of a crossed over lock. quote:Cannot connect to the real https://www.google.ca I'm on my office network, and my officemate can access google no problem. I can access other sites, like SA. Edit: I can access google now, but I'm still curious. Did someone try to attack the network/my computer? My officemate use firefox btw, so possible that the same thing would have happened to her if she used chrome. Edit2: Just realized I hosed around with my computer time just before this happened. It stopped happening shortly after I fixed the computer time. Could this be the issue? Puseklepp fucked around with this message at 22:14 on Feb 20, 2014 |
# ? Feb 20, 2014 21:45 |
|
Well I just stumbled across something that made me say "Oh poo poo." out loud but in a good way. Sysinternals has come up before in this thread, and I was dicking around in Process Explorer after downloading the most recent Sysinternals Suite, when I noticed a new column option under View>Select Columns: VirusTotal. Enable the checkbox and then click Options>VirusTotal.com>Check VirusTotal.com and it opens a webpage for their terms of use that you have to agree to, and then it does this: Clicking on the results opens the specific webpage in a new browser tab. I think I'm in loving love. e: You can also check per file by right-clicking on it but man is it amazing to be able to sweep every active process like this at once. Mo_Steel fucked around with this message at 01:11 on Feb 21, 2014 |
# ? Feb 21, 2014 01:08 |
|
Puseklepp posted:Edit2: Just realized I hosed around with my computer time just before this happened. It stopped happening shortly after I fixed the computer time. Could this be the issue? Yes. When I had to reset my BIOS messing around with RAM it reset the system clock, Chrome got all sorts of mad about it until I fixed it.
|
# ? Feb 21, 2014 01:13 |
|
Mo_Steel posted:Well I just stumbled across something that made me say "Oh poo poo." out loud but in a good way. This is amazing. Thank you!
|
# ? Feb 21, 2014 03:50 |
|
Puseklepp posted:Edit2: Just realized I hosed around with my computer time just before this happened. It stopped happening shortly after I fixed the computer time. Could this be the issue? Yes, the certificates websites use to prove their identity have both a valid from and a valid up to date. If your computer's time is not within those dates it will assume the certificate isn't valid yet or has expired.
|
# ? Feb 21, 2014 04:19 |
|
Mo_Steel posted:Well I just stumbled across something that made me say "Oh poo poo." out loud but in a good way. This is actually very awesome, thanks for posting this.
|
# ? Feb 21, 2014 15:34 |
|
I don't know what she did, but my girlfriend can't seem to browse the Web without a ton of pop-ups getting in her face and weird installers (auto?)downloading, so she's tasked me with fixing her computer. I put MSE, Malwarebytes, CCleaner and some other stuff on it so I'm going run those overnight. I'm not sure if MSE is cutting it anymore though, because it doesn't detect anything while MB has picked up a few things only a few minutes into a full scan. If I want to remove MSE and put something else in, will an uninstall in Windows' Add/Remove Programs followed by a CCleaner wipe get it all out? I'm still paranoid about remnants of one removed antivirus screwing up a newly installed antivirus, though I don't even know if that's a thing anymore.Mo_Steel posted:Well I just stumbled across something that made me say "Oh poo poo." out loud but in a good way. What is this program, why is this so special and should I use it? I'm not as tech-savvy as the people who rely on me for tech advice think.
|
# ? Feb 27, 2014 07:07 |
|
C-Euro posted:If I want to remove MSE and put something else in, will an uninstall in Windows' Add/Remove Programs followed by a CCleaner wipe get it all out? I'm still paranoid about remnants of one removed antivirus screwing up a newly installed antivirus, though I don't even know if that's a thing anymore. You are very unlikely to run into issues doing this. quote:What is this program, why is this so special and should I use it?
|
# ? Feb 27, 2014 14:37 |
|
C-Euro posted:I don't know what she did, but my girlfriend can't seem to browse the Web without a ton of pop-ups getting in her face and weird installers (auto?)downloading, so she's tasked me with fixing her computer. I put MSE, Malwarebytes, CCleaner and some other stuff on it so I'm going run those overnight. I'm not sure if MSE is cutting it anymore though, because it doesn't detect anything while MB has picked up a few things only a few minutes into a full scan. If I want to remove MSE and put something else in, will an uninstall in Windows' Add/Remove Programs followed by a CCleaner wipe get it all out? I'm still paranoid about remnants of one removed antivirus screwing up a newly installed antivirus, though I don't even know if that's a thing anymore. MSSE is pretty unobtrusive so uninstalling it should be fine, just be sure to restart after you do and then install your new AV and restart again if needed; Avast seems like a fairly solid choice nowadays though like a lot of free options it'll occasionally popup stuff about how you should buy their VPN service or it detected browser stuff that you should pay to remove (something I doubly hate because that's frequent behavior for fake AVs). quote:What is this program, why is this so special and should I use it? I'm not as tech-savvy as the people who rely on me for tech advice think. Process Explorer is basically a more detailed version of Task Manager and let's you drill down into a ton of useful information like allowing you to quickly find what is keeping you from deleting a file or what is causing so much IO activity and why.
|
# ? Feb 28, 2014 02:03 |
|
Avast also defaults to freaking the gently caress out if you don't keep every program you've ever run up to date.
|
# ? Feb 28, 2014 02:18 |
|
Puseklepp posted:So I can't access google. I try, and instead get a scary message underneath a picture of a crossed over lock. I'm having this issue but I have not messed with my computer's time. Ideas?
|
# ? Feb 28, 2014 02:28 |
|
Mo_Steel posted:Avast seems like a fairly solid choice nowadays though like a lot of free options it'll occasionally popup stuff about how you should buy their VPN service or it detected browser stuff that you should pay to remove (something I doubly hate because that's frequent behavior for fake AVs) Avast!, and no other free AV software I can think of does this. Sure, once a month it will offer you a deal on something, but never will it say "Found 12 threats pay now to see what!" or any of that poo poo. If you have a machine doing that, it is not Avast!, AVG, Bitdefender free or Avira doing it. This kind of thing was common ~10 years ago, but they've all cleaned up their act these days, and try to be as unobtrusive as possible. Ironically, it's mostly the big-name paid lovely versions, McAfee/Norton that will be very noisy, presumably such that you'll be convinced it's doing something useful and tell your friends about it. The better paid options, like Kaspersky and ESET will hardly pop up at all, even with a threat found. Rhyno posted:I'm having this issue but I have not messed with my computer's time.
|
# ? Feb 28, 2014 18:33 |
|
Khablam posted:Avast!, and no other free AV software I can think of does this. Sure, once a month it will offer you a deal on something, but never will it say "Found 12 threats pay now to see what!" or any of that poo poo. If you have a machine doing that, it is not Avast!, AVG, Bitdefender free or Avira doing it. Got a pop-up in the bottom right corner from Avast! a few days ago on my personal machine along those exact lines: And when you click Optimize My PC: That's treading close to sketchy fake AV behavior in my book. Obviously Avast! will try to promote their products because they're a business and keeping an AV running isn't free, but throwing a pop-up saying they found things you should fix and then saying you have to pay to fix those things or even see what they are beyond vague "startup apps" and "bloatware services" and "registry tweaks" is negative AV behavior, particularly when I never told to the AV to scan for "Grime" in the first place. It's not as bad as "SERIOUS THREATS PAY MONEY OR YOUR PC WILL BECOME A BOMB" but it's the kind of thing I wouldn't be surprised to hear from a less PC-savvy relative about since I advise them not to put their CC info into that sort of thing. The VPN pop-ups are not as much of an issue because it's just a generic "protect your privacy" pop-up. ----- As an aside, one of the important steps in protecting your PC is backups, and I've been handling backups to an external HDD for ages now. Does anyone have solid recommendations for web-based backup services?
|
# ? Feb 28, 2014 22:27 |
|
Is Comodo decent or should I switch to microsoft security essentials? I'm using windows 8.1 In general what should I be using for windows 8.1? For some reason windows defender is turned off, I guess because of comodo, but I can't turn it back on no less actually find it. Right now I guess I'm just using comodo and malwarebytes. Just did a malwarebytes scan and it picked up like 81 items and this computer isn't more than like 2 or 3 months old. I guess I need something better than comodo. NeoSeeker fucked around with this message at 06:40 on Mar 1, 2014 |
# ? Mar 1, 2014 04:38 |
|
Avast does the SERIOUS THREATS OH THE HUMANITY thing if you let you pdf reader get an hour out of date.
|
# ? Mar 1, 2014 04:39 |
|
Mo_Steel posted:As an aside, one of the important steps in protecting your PC is backups, and I've been handling backups to an external HDD for ages now. Does anyone have solid recommendations for web-based backup services? I've been using Carbonite for the last few years without problems. The only thing is, if you want to back up off your external hard drive, you need a more expensive subscription (though this may have changed since I bought my license a few years ago).
|
# ? Mar 1, 2014 14:54 |
|
NeoSeeker posted:Is Comodo decent or should I switch to microsoft security essentials? Comodo doesn't submit their AV to be tested by AV-Comparatives so barring some other independent testing comparisons I'm skeptical of Comodo's quality. It seems there's some sort of dispute between them. AV Comparatives posted their 2013 Summary: quote:AV-Comparatives' 2013 Product of the Year Award for the best overall score, considering all the tests, goes to Kaspersky Lab. WattsvilleBlues posted:I've been using Carbonite for the last few years without problems. The only thing is, if you want to back up off your external hard drive, you need a more expensive subscription (though this may have changed since I bought my license a few years ago). I'd have no issues running backup from my main PC, I'm just interested in a service that isn't principally located in the same physical spot as my computer is, in the event of a fire or some sort of horrific power surge frying everything plugged into an outlet or a swarm of angry bees taking over the place. I'll give Carbonite a look. Mo_Steel fucked around with this message at 23:26 on Mar 1, 2014 |
# ? Mar 1, 2014 22:48 |
|
Mo_Steel posted:Got a pop-up in the bottom right corner from Avast! a few days ago on my personal machine along those exact lines: Grimefighter is a stand-alone scanner that's not built into the AV, either the free version or paid. The download page does specifically tell you, in a non-obfuscated way, that you need to subscribe to use it. If you're getting a popup, it's because you went to their website, downloaded it from the page telling you it needs a subscription to work, and then ran it. I'm not sure I see the problem here. dis astranagant posted:Avast does the SERIOUS THREATS OH THE HUMANITY thing if you let you pdf reader get an hour out of date. More AV products need to take the "Patch holes, don't just stick buckets under it" approach to security, not fewer. ESET will alert you if windows it out of date, which though less of an overall threat than ancient plugins with published exploits, is still quite useful in letting people know it's a security risk.
|
# ? Mar 2, 2014 16:14 |
|
Yeah, but my off brand pdf reader with pretty much anything that even smells like executing code or connecting to the internet disabled isn't going to kill anything if I forget it exists for a month or 6 (I know I can set it to ignore that, it was still kinda silly when it happened).
|
# ? Mar 2, 2014 16:21 |
|
I posted a few weeks ago about what I suspected to be a virus or key logger on one of my home computers after an email account was breached. After changing all my passwords from another set of computers, so far I've scanned the potentially infected computer with Avast (including boot-time scans), Microsoft Defender offline scan, TDSSkiller/rkill, and I finally installed a fairly high-end antivirus/firewall (endpoint software) that did a complete system scan with maximum heuristic sensitivity (took hours), and they all found nothing. No trojans, no viruses, no nothing. Still grabbed a new hard drive and am going to rebuild the system just to be safe. I think I'm sort of being a e-hypocondriac here.
|
# ? Mar 2, 2014 19:08 |
|
Khablam posted:Grimefighter is a stand-alone scanner that's not built into the AV, either the free version or paid. The download page does specifically tell you, in a non-obfuscated way, that you need to subscribe to use it. If you're getting a popup, it's because you went to their website, downloaded it from the page telling you it needs a subscription to work, and then ran it. I'm not sure I see the problem here. I didn't download GrimeFighter as a stand-alone, and in fact I tested deploying the AV fresh ten minutes ago. Three minutes later I got the following info pop-up in the bottom right corner of the screen where Avast! does all it's pop-ups: It's included in the standard installation of the AV.
|
# ? Mar 2, 2014 20:56 |
|
Mo_Steel posted:I'd have no issues running backup from my main PC, I'm just interested in a service that isn't principally located in the same physical spot as my computer is, in the event of a fire or some sort of horrific power surge frying everything plugged into an outlet or a swarm of angry bees taking over the place. I'll give Carbonite a look.
|
# ? Mar 2, 2014 22:24 |
|
In kind of a morning haze as I clicked through several mails in my inbox, I clicked on the link in a spam mail like this:quote:A new message has arrived! Click here to view it. I realized instantly what I'd done and exited the site before it fully loaded. I then did a full scan with MSE and then with Malwarebytes, both found no threats. Do I still need to be worried? Any other scans I can/should do? For the record, I usually never follow the link in mails, no matter how credible they seem, no idea why I did this morning. Blame it on tiredness and stress.
|
# ? Mar 3, 2014 20:49 |
|
Puseklepp posted:I realized instantly what I'd done and exited the site before it fully loaded. I then did a full scan with MSE and then with Malwarebytes, both found no threats. Do I still need to be worried? Any other scans I can/should do? These are a couple more that won't take long to run: http://www.bleepingcomputer.com/download/tdsskiller/ http://www.bleepingcomputer.com/download/adwcleaner/
|
# ? Mar 3, 2014 22:42 |
|
Zogo posted:These are a couple more that won't take long to run: Thanks. TDSSkiller didn't find any threats and adwcleaner removed a couple of folders and registry keys. I guess my computer should be safe now?
|
# ? Mar 3, 2014 23:01 |
|
Puseklepp posted:Thanks. TDSSkiller didn't find any threats and adwcleaner removed a couple of folders and registry keys. I guess my computer should be safe now? Well, we don't know exactly what you had or what was removed so we can't give a 100% guarantee or anything like that. I'd run another adwcleaner scan until it finds nothing. If you want to be more thorough you should do a scan using: http://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline
|
# ? Mar 3, 2014 23:05 |
|
Zogo posted:Well, we don't know exactly what you had or what was removed so we can't give a 100% guarantee or anything like that. I'd run another adwcleaner scan until it finds nothing. It didn't find anything on the second run. I can't access my BIOS as my computer is second hand and I need a password, so can't use the Windows Defender Offline for now (can't get it to boot from USB as required).
|
# ? Mar 4, 2014 00:10 |
|
Puseklepp posted:It didn't find anything on the second run. First off, are you sure there isn't a separate option for boot device? On some BIOSes, there is a key to open up the BIOS menu on boot, but there are often other shortcuts that allow you to select a specific boot device. I'll bet you can access the BIOS! On some computers, you can reset the CMOS (including clearing any passwords) by either: 1. Finding the CMOS reset pins - there'll be a set of three pins (metal bits sticking out of the motherboard) and a jumper (plastic thingy connecting the pins together electrically). If you move that plug so the reset pin is connected, it'll reset the BIOS. (Again, this depends on the motherboard.) 2. Removing the CMOS battery - if the BIOS has a little coin-cell battery, removing it, waiting a few seconds, then putting it back in will wipe the BIOS Just be careful, if there are unusual settings in the BIOS you might not be able to reboot successfully after doing this. Like on my system there is a selector between IDE and ACHI mode (how the SATA hard disks are talked to) and if that gets changed, the computer won't be able to boot until that's fixed.
|
# ? Mar 4, 2014 00:27 |
|
Three-Phase posted:I posted a few weeks ago about what I suspected to be a virus or key logger on one of my home computers after an email account was breached. Was that password 100% unique, and not used anywhere else? How easy was it to guess? Does it ever get used on a connection that isn't encrypted? Ever used that password on a different machine, that you can't verify as clean? It sounds like your password was acquired somehow, not related to anything on your machine.
|
# ? Mar 5, 2014 14:50 |
|
So I figured out the password to my BIOS and changed the boot order to boot from USB first. But when I restart my PC with the USB with Windows Defender Offline plugged in, nothing happens. The computer just skips straight to booting up like normal, as there was no USB plugged in. I've tried all the different USB entries, and no difference. Not sure what the problem is, or how to fix this...
|
# ? Mar 5, 2014 19:03 |
|
Puseklepp posted:So I figured out the password to my BIOS and changed the boot order to boot from USB first. But when I restart my PC with the USB with Windows Defender Offline plugged in, nothing happens. The computer just skips straight to booting up like normal, as there was no USB plugged in. I've tried all the different USB entries, and no difference. Not sure what the problem is, or how to fix this... You used a blank flash drive right?
|
# ? Mar 6, 2014 05:03 |
|
Puseklepp posted:So I figured out the password to my BIOS and changed the boot order to boot from USB first. But when I restart my PC with the USB with Windows Defender Offline plugged in, nothing happens. The computer just skips straight to booting up like normal, as there was no USB plugged in. I've tried all the different USB entries, and no difference. Not sure what the problem is, or how to fix this... Easiest thing to try is a different USB stick. You can also try making USB the only boot option, and seeing if it works or gives an understandable error. Also try different USB ports. Try it ensuring it is the only USB plugged in. They can occasionally be awkward. Most times, it's because the stick is manufactured to have weird partitions.
|
# ? Mar 6, 2014 14:05 |
|
Puseklepp posted:So I figured out the password to my BIOS and changed the boot order to boot from USB first. But when I restart my PC with the USB with Windows Defender Offline plugged in, nothing happens. The computer just skips straight to booting up like normal, as there was no USB plugged in. I've tried all the different USB entries, and no difference. Not sure what the problem is, or how to fix this... Make sure that you've got legacy USB support enabled in BIOS.
|
# ? Mar 6, 2014 14:08 |
|
Khablam posted:Was that password 100% unique, and not used anywhere else? Yes, unique, and not used elsewhere. It was changed about two or three months before the incident. Not easy to guess with a straight dictionary attack. More than twelve characters, caps/lower and numbers. This last bit is an interesting one. The connection to the mail server always acted a little weird. I was using Outlook 2007, and I believe the ports I selected on the server were encrypted. But it was never simple to configure and I had to fiddle with it in the past. I also routinely got security warning messages when contacting the server saying "Hey, you're pointing to this web site, but something doesn't match up" because of the way the host configured their mail server. I wonder if that could have been part of the problem. I am increasingly thinking, based on the fact that I've run so many different security scans that have revealed nothing, that the exploit was somewhere on the server side. That might sound like it's narrowing it down too far or passing the buck, but this was an old Cpanel site, so there may have been security vulnerabilities (like old scripts) that could have been exploited. Three-Phase fucked around with this message at 23:09 on Mar 6, 2014 |
# ? Mar 6, 2014 23:01 |
I'm helping out an aunt with her computer. From the sounds of it there's probably nothing major wrong and I'm reasonably sure she's keeping it maintained. That said, I'd like to give it a quick checkup anyways in order to make the drive more worth it. I've heard you guys recommend AdwCleaner, Windows Defender Offline, and TDSSKiller. Are there any other programs I should consider? And if she doesn't have a firewall, antivirus, or anti-spyware installed already what should I install?
|
|
# ? Mar 15, 2014 03:33 |
|
RandomPauI posted:And if she doesn't have a firewall, antivirus, or anti-spyware installed already what should I install? Install Adblock Plus on all web browsers.
|
# ? Mar 15, 2014 22:12 |
|
I am a little surprised that nobody has mentioned the Kaspersky Rescue Disc for bootable system scanning and repair. Has anyone had good or bad luck with that? I think that once that scans my system and detects nothing, I should be pretty sure that (barring something like a hardware key logger) nothing is infected on my system. (Again, having scanned with pretty much all of the other scanners recommended in the OP, having found no infected files or other evidence of an infection.) ADDED: The bootable Kaspersky Rescue Disk worked great - it booted easily into a Linux GUI, was able to do a very deep scan with heuristics, it was configurable, even allowed internet access, online definitions update, and even web browsing. (It even warned me before starting that the hard disk it was going to mount to scan wasn't properly shut down, so it told me to make sure I loaded the OS and then shut it down properly to avoid damage to the partition.) OP should consider listing it, it looks to be an excellent tool. That scan didn't find anything either, so I am probably in the clear. Three-Phase fucked around with this message at 21:03 on Mar 16, 2014 |
# ? Mar 15, 2014 22:17 |
|
RandomPauI posted:I'm helping out an aunt with her computer. From the sounds of it there's probably nothing major wrong and I'm reasonably sure she's keeping it maintained. That said, I'd like to give it a quick checkup anyways in order to make the drive more worth it. As mentioned, AdBlockPlus for all browsers is a solid thing. Other things I would suggest are Avast! Antivirus (one of the top-rated AVs by AV-Comparatives for 2013) and MalwareBytes (you can setup automatic scans and updates with the free version using the Task Scheduler). Windows Firewall seems pretty competent at it's job without being an intrusive pain in the rear end, make sure it's turned on. Also make sure she has Automatic Updates setup and active for Windows. You could install something like Secunia PSI as well to help keep other programs up to date if you feel so inclined, though there are a other tools for that sort of thing that I have yet to try.
|
# ? Mar 16, 2014 21:28 |
|
|
# ? May 22, 2024 04:01 |
|
I've trusted Avast! and think it's reliable and robust. However, my two complaints about Avast are that it updates itself (I mean the program/UI, not definitions) way too frequently and it's done some other funny stuff recently, like adding in these weird components (like that Grimefighter thing) unless you specifically do a custom install. The Grimefighter bit was particularly bad because it behaved in almost exactly the same ways some malware behaves - the whole "Hey, your computer is messed up, give me money to fix it!"
|
# ? Mar 18, 2014 00:22 |