BleepingComputer.com: Suggested Safe Practices

Recently, many of the fake pop-up AV programs have started to impiment clickjacking attributes whereby if the user clicks "anywhere" on their screen or touches "any" keys on their keyboard the programs (usually MyWayWebSearch, Funwebproducts, etc.) begin to autoload.
We've also recently seen USB ports becoming disabled as well as serial ports and all internal and external devices. This makes for a little more work on a clean-up job but I definitely recommend either the reset button (if you have one) or simply hard shut down (on/off button) of the unit. As the infections and Rootkits become more sophisticated (and they will) the likelihood of more instantaneous infections are right on the horizon.
Upon seeing a fake AV pop-up, shut down the machine and give it at least 30 seconds, upon reboot you should be ok so long as you don't interact with the machine other than to shut it down.

Many of the Malware infections are also becoming integrated with several Rootkits. Do no attempt to play with these or remove them on your own!

The best way is to "preview" your emails before opening them. Using web-based email, read the text before deciding if the attachment is from someone safe. For email on your computer, use a "screener" like the free program MailWasher (I like this one so much that I bought the Pro version). It'll allow you to read the first 20 lines of an email without downloading it - and you can delete the bad one's by using it's interface.
[/quote]

I'm relatively new here but using Preview, couldn't an email running HTML infect your computer? I guess Mailwasher would take of that (awesome suggestion), or restricting preview to read 'text only.' Am I off base here? Thanks for the post!

Alt + F4? No kidding. Now I can have an easier way & can teach someone else who needs it. Thanks.

Most people I know do their daily Windows PC work with an admin account. I know, I know, it's handy and saves some steps when you are doing admin stuff but most the time we are not. When a virus/trojan/malware/spyware manages to get running on your machine it is usually running in the privilege context of the current active user (that would be you). If you are running on an Admin account it can pretty much do anything it wants. If you are running as a limited user it can still be irritating but it is less able to get it's talons deep into your OS and MUCH easier to remove. It's not likely to install a rootkit, etc. Many of the bloggers who say, "I got virus X removed without any problem, why can't you?" were probably running as a limited user when they got infected vs an Admin user.

With Windows 7, logging on as a limited user and running an application as an Admin user when you need to is pretty painless. You just need to be mindful of context when you are running as Admin. For example when you run an application as Admin and give commands like put file Q on my desktop and exit the application (and the Admin context). The file is on Admin's desktop, not your limited user desktop.

Excellent advice! I wish I had known this two weeks ago before having to go 10 rounds with a stupid scareware virus. This may explain how the damnable thing kept popping back up after cleaning. I think this tip should be added to all of the 'am I infected' post replys.

Thanks again!

MNDanger

Stang777, on Mar 9 2009, 10:52 PM, said:

I know the thread is a little old, but figured someone else might have this question as well. If there is no reset button then just pull the power plug out of the computer.

The reason for hitting the reset button rather than the front power-button is that the front power button will send shutdown command to Windows and windows turns the machine off. This could induce malware, upon seeing the shutdown signal Windows sends, to take action. The reset button forces an immediate reboot of the computer without going through the normal shutdown process. Just pulling the plug will also stop the computer cold, then just power back up.

Better to try the other methods, but I've given this advice as well. It's brute force, simple for people to understand, but also risks problems due to Windows not doing the housekeeping it normally does during the shutdown process.

i have been advised to get AVG... i noticed that there are different sites that offer it... what is the safe site you recommend for downloading

Hello, I hate to give you a contradiction, but the newest AVG is causing many issues for people.
See quietman's comment,post 11 here
http://www.bleepingcomputer.com/forums/topic370947.html

Iwould recommend •Avira Antivir or •Avast Free from our list L@@K