What is this please - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: What is this please

On 2/19/2012 6:00 AM, David H. Lipman wrote:
Quoted text here. Click to load it

To do what? /Hope/ to find and get rid of all the malware? Clue David:
It won't catch everything...and even using a host of scanners (which by
the way finds stuff Malwarebytes misses) you can't be sure you got it
all in the time it takes to reload an image.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please


Quoted text here. Click to load it

Your idea that restoring images by all is ludicrous.
* First you presume one exists.
* Second you presume if one exists it is current.
* Third you presume the user has the facility to manage the data vs. the OS and
if they
restore an image they don't lose all their data.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: What is this please

On 2/19/2012 8:04 AM, David H. Lipman wrote:
Quoted text here. Click to load it

You are absolutely correct. Those that haven't taken such steps to
become self-reliant will need someone's help to get them out of trouble.

Those that have taken steps to become self-reliant will be self-reliant.

It is why I am trying to encourage people to become self-reliant. It's
very easy to do and manage, and by far the best approach to these issues.

First Order of Business (make a factory + MS updates image)
Start with or restore the Manufacturer factory image
Install Manufacturer updates if available
Install MS Updates (could take a long time)
Run AppRemover (no install) and remove bundled security programs
Install the Antivirus Program of your choice
Install portable PCDecrapifier and remove unwanted bundled programs then
remove it.
Install your imaging program and make a Factory+MSUpdates image and a
boot DVD. (I recommend Macrium Reflect or EaseUS Todo Backup.)
In the future, make a new factory + MS Updates image when future MS
Updates mount up, and re-image it. Afterwards, reload your pristine
image if you have one. This way, you will always have an updated factory
image if you ever want to start fresh again.)

Continue and Install Your Setup Programs and Clean Up (make a Pristine
image)
Install all of the programs that require setup (non-portable)
Transfer your Portable folder to My Documents (from your external hard
drive)
Use the likes of Ccleaner to clean crap files and make sure all of your
programs are updated
Make a Pristine Image (this is the image you will use until you make
permanent changes to your system)
When MS Updates mount up or you want to make permanent changes to your
system, re-load and update the original Pristine image and re-image
that. It will become your primary pristine image but save the original
pristine image as a second. (Do not re-image a pristine image that you
have been using for a while, always re-load it, make the changes and
then re-image which becomes the image you will use for a while.)
Always keep at least three images: Factory + MS Updates, Pristine Image,
and Secondary Pristine Image

Maintenance
As time goes on, reload your Factory Image and update it with new MS and
virus updates when enough mount up and make new updated Factory Image.
As time goes on and enough MS updates mount up or you wish to make a
permanent change to your system, reload your pristine image and make the
updates and save the original pristine image as a backup. You now have
three images.
Do this over and over as time goes on and always keep the Factory image
updated with MS updates, and the last two pristine images.
Always have a manufacturer factory image or recovery media as a last resort.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please

"Bear" wrote:

Quoted text here. Click to load it

Which is what David is trying to do!

Quoted text here. Click to load it

Duh! In which case the OP wouldn't be here.



Re: What is this please

On 2/19/2012 9:44 AM, Ant wrote:
Quoted text here. Click to load it

But he is not giving good or thorough advice. Using Malwarebytes alone
may very well miss the fake antivirus infection he appears to have.
There are other better tools to remove fake antivirus. If the guy needs
help, he needs hands on guidance...like from TechSupportGuy...not a
possibly ineffective toss up of simply "malwarebytes."
Quoted text here. Click to load it

David is not advising the OP that if he had such a process, he would not
need help. Why do some of you object to teaching people the very easy
process of how to do the obvious - becoming self-reliant? Are you making
your living off of them?


Quoted text here. Click to load it


--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please

bearbottoms1+ACF@gmail.com says...
Quoted text here. Click to load it

Re you married?


Re: What is this please


Quoted text here. Click to load it

There is insufficient information to give direct advice.  All we can tell from
the post is
that there is a likelihood of FakeAlert and redirect Trojans.  There is
insufficient
information on the skills of the poster to give technical advice either.  The
best that
can be done is provide a generic solution and await a repsonse and probe the
user and
depending on the response, go deeper.

Your advice, if I can call it that, is is akin to telling an automobile owner to
replace a
tire because it is become flat.  Not fill it with air and see if the pressure
drops first.
Or get a new engine block because a spark plug is fauled.

What you call an easy process is not.  Not only is there is a strong requirement
of
forethought but there needs to be ownership of additional hardware and/or
software.  One
has to do a regiment of manual and automated actions and consistent peparation
for
disaster.


--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: What is this please

On 2/19/2012 11:27 AM, David H. Lipman wrote:

Quoted text here. Click to load it

That is /not/ what you told him. You didn't say you needed more
information to properly help him. You can't properly help him in this
forum...not effectively. He should be advised to visit one of the many
free tech forums designed for such help.
Quoted text here. Click to load it

LOL...how wrong could you be. You also obviously do not understand
imaging very well. It is no big deal at all, and only takes about 15
minutes per 50GB of disk data to make or restore an image. I gotta
remember such according to you is "akin to ... get a new engine block
because a spark plug is (correction) fowled.
Quoted text here. Click to load it

Wrong again. Almost everyone, (but that is going away) has a CD or DVD
read-write drive these days. Images can be spanned to CD's. As for
software, it's a simple thing to download a free imaging program. As for
preparation and maintenance, it takes three clicks (one with Todo) to
start and make an image or restore one. When your system changes enough
to warrant a new one, make another. This is priceless, you want to tell
them how to remove malware, but think imaging is more difficult.


--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please


Quoted text here. Click to load it

BB I am not going to get into one of your infamous arguments.  You are totally
out in left
field.  So out of the ball park in you in the parking lot.

I am not going to get in a pissing contest with you.

Oh, and don't be so stupid as to try to correct my bad spelling with more bad
spelling.
It isn't "fauled" (mine) or "fowled" (yours) the terminology is fouled.

My application of English (grammar and spelling) on Usenet is poor only because
of ADHD,
not because I don't know any better.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: What is this please

On 2/19/2012 1:20 PM, David H. Lipman wrote:
Quoted text here. Click to load it

You already have...and you started it again, not just by giving poor
advice, but by bashing mine. You don't sound very convincing either but
more like someone desperate to regain face by stomping their feet with
gutter talk.
Quoted text here. Click to load it

LOL, you already have...and got your butt spanked again.
Quoted text here. Click to load it

Wow, I didn't think you were smart enough to catch that setup :)
Quoted text here. Click to load it
Oh relax, everyone makes those silly mistakes.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please

Bear wrote:

Quoted text here. Click to load it

Get a new engine block because a spark plug is (correction) fouled.

Using imaging to recover from a malware attack is like building a new
barn with the same open door, after your horse got out of the original
barn.

"Here I am again, same as before. Come infect me!!"

--
   -bts
   -Could. Not. Resist.

Re: What is this please

On 2/19/2012 3:50 PM, Beauregard T. Shagnasty wrote:
Quoted text here. Click to load it
Piss poor argument...and getting old at that. Most of the time, folks
have no clue where hey got infected. If they do, they won't go back, and
it should be obvious at that point that their defenses aren't good
enough...nothing is actually, but maybe they might think they could get
something better - but they probably can't. If you want them to turn
into malware experts or system hardening experts, well...don't hold your
breath. Easier to teach them how to manage their system with imaging and
data backup than make them an expert on anything...I know this from
years of experience. You should know it too.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please

Bear wrote:

Quoted text here. Click to load it

You fowled up again. You don't show that here.

--
   -bts
   -This space for rent, but the price is high

Re: What is this please

Beauregard T. Shagnasty wrote:
Quoted text here. Click to load it

With no spark for the fuel, the pigeons won't go up and down.

Quoted text here. Click to load it

Especially if you don't bother to find out what hit you - in which case
your troubles may have just begun.

[...]

Re: What is this please

On 2/19/2012 6:54 PM, FromTheRafters wrote:
Quoted text here. Click to load it

LOL - that really was a funny fuckup.
Quoted text here. Click to load it

Most people do not have such skills. At best they will ask for a better
antivirus suggestion or maybe even an anti-spyware too. Harden what???

They do have the skills to learn to recover and become self-reliant.

--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please

"Bear" wrote:

Quoted text here. Click to load it

David's answered that. There needs to be feedback from the OP.

Quoted text here. Click to load it

Then he should go to a web forum

Quoted text here. Click to load it

That would not address the OP's immediate problem at all.

Quoted text here. Click to load it

No one's objecting to that but at the appropriate time.

Quoted text here. Click to load it

I'm retired.



Re: What is this please

On 2/19/2012 12:58 PM, Ant wrote:
Quoted text here. Click to load it

That is /not/ what he told him.
Quoted text here. Click to load it

That is what he should have been instructed to do if he didn't have an
imaging plan.
Quoted text here. Click to load it

Absolutely it would. Your argument that you have to learn what happened
and where is silly. Most people won't know, and if they do they won't go
back there, and besides...no matter how good you learn safe hex, you
can't ever be certain you won't inadvertently visit an infection pit
again. Sure, try to prevent, but re-image if it happens.
Quoted text here. Click to load it

There is no better time to re-image than an infection. It's what it's
for among other things.
Quoted text here. Click to load it
No need for more suckers then.


--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please

Hi,
Ok sorry did I miss something, still non the wiser, I will try to become
self reliant, but got to start somewhere, can you run it past me again what
to do
Thanks and Regards
Bob




On 2/19/2012 12:58 PM, Ant wrote:
Quoted text here. Click to load it

That is /not/ what he told him.
Quoted text here. Click to load it

That is what he should have been instructed to do if he didn't have an
imaging plan.
Quoted text here. Click to load it

Absolutely it would. Your argument that you have to learn what happened
and where is silly. Most people won't know, and if they do they won't go
back there, and besides...no matter how good you learn safe hex, you
can't ever be certain you won't inadvertently visit an infection pit
again. Sure, try to prevent, but re-image if it happens.
Quoted text here. Click to load it

There is no better time to re-image than an infection. It's what it's
for among other things.
Quoted text here. Click to load it
No need for more suckers then.


--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail


Re: What is this please

On 2/19/2012 5:18 PM, NOSPAMfurness50@hotmail.com wrote:
Quoted text here. Click to load it

Yes, go to Tech Support Guy, register and post your issue. Someone will
take you under their wing and guide you professionally through cleaning.

http://www.techguy.org /


--
Bear
http://bearware.info
The real Bear's header path is:
news.sunsite.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail

Re: What is this please

wrote:

Quoted text here. Click to load it

    Download Kaspersky's rescue CD image, plus its utility for
burning the image to a USB drive.
    Boot from the USB. Scan your drive. Remove unwanted malware.
The scan will probably take a long time. Be patient.
    Then boot into safe mode with network and run malwarebytes.
     Links :

    http://support.kaspersky.com/viruses/rescuedisk

    http://support.kaspersky.com/faq/?qid=208286083

    http://www.malwarebytes.org /

    Then try the tech sites, if anything is still amiss.They will
probably want your hijackthis logs.
    When you are done, change your passwords.
    That will probably get rid of most of your problems.

    []'s

    
--
Don't be evil - Google 2004
We have a new policy - Google 2012

Site Timeline