Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to protect against the Google redirect virus?


  • Please log in to reply
15 replies to this topic

#1 keyboardNinja

keyboardNinja

    Bleepin' Ninja


  • Members
  • 4,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh interwebz
  • Local time:07:31 PM

Posted 30 December 2009 - 05:10 PM

Well, browsing through the HJT and Combofix sub-forums has revealed a lot of computers infected with the Google redirect virus/malware.

What steps can we all take to prevent an infection like this?

I have Windows 7 Pro, Windows firewall, Sunbelt Software Anti-virus/anti-spyware, Malwarebytes, SUPER Antispyware, and Mozilla Firefox with NoScript addon.

Besides safe web-surfing, is there anything else I can do to prevent that nasty virus?

Thanks. :thumbsup:
PICNIC - Problem In Chair, Not In Computer

Posted Image Posted Image

20 Things I Learned About Browsers and the Web

BC AdBot (Login to Remove)

 


#2 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 30 December 2009 - 08:48 PM

Hiding Hidden Files
Please set your system to hide all hidden files.
Click Start, open My Computer, select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, uncheck Show hidden files and folders.
Check: Hide file extensions for known file types
Check the Hide protected operating system files (recommended) option.
Click Yes to confirm.

One of the most common questions found when cleaning Spyware or other Malware is "how did my machine get infected?". There are a variety of reasons, but the most common ones are that you are going to sites that you are not practicing Safe Internet, you are not running the proper security software, and that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer so that you will not be infected again in the future.


Practice Safe Internet

One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will. Below are a list of simple precautions to take to keep your computer clean and running securely:
  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.

  • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.

  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.

  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of popups, or Foistware, you should read this article: Foistware, And how to avoid it.

    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. For a list of these types of programs we recommend you visit this link: Rogue/Suspect Anti-Spyware Products & Web Sites

  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you. We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake.

  • Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.

  • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.

  • Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.

  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site.

  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
Visit Microsoft's Windows Update Site Frequently

It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

See this link for a listing of some online & their stand-alone antivirus programs:

Virus, Spyware, and Malware Protection and Removal Resources


Update your AntiVirus Software

It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. If you use a commercial antivirus program you must make sure you keep renewing your subscription. Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.


Make sure your applications have all of their updates

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.


Use a Firewall

I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

For a tutorial on Firewalls and a listing of some available ones see the link below:

Understanding and Using Firewalls


Install an AntiSpyware Program

2 highly recommended AntiSpyware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

Another free, AntiSpyware program is Spybot - Search and Destroy
Installing these programs will provide spyware & hijacker protection on your computer alongside your virus protection. You should scan your computer with an AntiSpyware program on a regular basis just as you would an antivirus software.

Tutorials on using these programs can be found below:

Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers


Install SpywareBlaster

SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

A tutorial on installing & using this product can be found here:

Using SpywareBlaster to protect your computer from Spyware and Malware


Update all these programs regularly
Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

#3 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:08:31 PM

Posted 30 December 2009 - 10:39 PM

@xblindx
Why hiding files is important for preventing infection?

#4 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 30 December 2009 - 10:42 PM

Its just an important thing in general. If you don't know what you are doing, and accidentally delete an important file, you are in bad shape. Hiding hidden files can help prevent this.

#5 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:08:31 PM

Posted 30 December 2009 - 10:49 PM

Yes I have to agree with you on that. Good tip :thumbsup:

#6 keyboardNinja

keyboardNinja

    Bleepin' Ninja

  • Topic Starter

  • Members
  • 4,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh interwebz
  • Local time:07:31 PM

Posted 30 December 2009 - 11:07 PM

Thanks! :thumbsup:

I'll pass the word along to everybody I know. :flowers:

And if I do find somebody that has problems, I'll send them to bleepingcomputer.com first. :trumpet:

Thanks again!
PICNIC - Problem In Chair, Not In Computer

Posted Image Posted Image

20 Things I Learned About Browsers and the Web

#7 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:06:31 PM

Posted 30 December 2009 - 11:07 PM

Not to belabor the point of a good tip, but the terminology seems redundant and questionable? 'Hide Hidden Files'?!?!? If the files are already hidden as the term suggests, what is the point of hiding them again? Or does the effect of 're-hiding' the hidden files cancel the effect and toggle them unhidden? For such a valuable 'security' act that seems a rather odd term, and suspect of desired results.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#8 keyboardNinja

keyboardNinja

    Bleepin' Ninja

  • Topic Starter

  • Members
  • 4,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh interwebz
  • Local time:07:31 PM

Posted 30 December 2009 - 11:29 PM

Well, the point is to make the important system files hidden (whether they are hidden already or not) to prevent tampering with them. Even if you unhide them, there are still some files that can only be seen when booted off a rescue disk or something (Windows just won't let you see them, but third-party software will).

But yeah, if you look in your Folder Options, it will give you the options to hide or show "hidden files" and the other things he mentioned. As long as everything is set to hidden, everything should be fine.

I've always had them set to hidden, so I'm perfectly clear on this matter. Sorry if there was confusion. I know it sounds redundant, but that's okay. :thumbsup:
PICNIC - Problem In Chair, Not In Computer

Posted Image Posted Image

20 Things I Learned About Browsers and the Web

#9 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 31 December 2009 - 10:28 AM

Not to belabor the point of a good tip, but the terminology seems redundant and questionable? 'Hide Hidden Files'?!?!? If the files are already hidden as the term suggests, what is the point of hiding them again? Or does the effect of 're-hiding' the hidden files cancel the effect and toggle them unhidden? For such a valuable 'security' act that seems a rather odd term, and suspect of desired results.


The Hiding Hidden Files tip is if for some reason the user has hidden files un-hidden. For instance, when I wanted to use a program on my firefox folder (the sqlite thing), I had to un-hide hidden files to see the Application Data folder. So if a user has set hidden files to be un-hidden, they should hide them back unless they know exactly what they are doing.

#10 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:06:31 PM

Posted 31 December 2009 - 08:25 PM

Thanks for clearing that up. So it's re-hiding hidden files that have been set as unhidden. Now I understand.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#11 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:31 PM

Posted 31 December 2009 - 09:20 PM

Even files that are hidden can be affected by malware. I never have, and never will, have any of my files set to be hidden. I want to see them and be familiar with them. I just like being able to see what is on my system, as well as being able to see the date they were created and modified. Just one of the reasons I like seeing them is if I have no knowledge of them and do not see them, I cannot see if they have been changed.

#12 Capn Easy

Capn Easy

  • Members
  • 597 posts
  • OFFLINE
  •  
  • Location:New Jersey
  • Local time:09:31 PM

Posted 31 December 2009 - 10:09 PM

Hmmm ... I wasn't at all confused by the need to "hide" hidden files.

Now if you'll excuse me, I have to click on "Start" because I'm done using my computer. :thumbsup:

The only other thing I'd add, having been the victim of a virus attack about a year ago, is to use a firewall that protects from incoming and outgoing threats. Also, I use and update a Hosts file.

And in addition to using NoScript with Firefox, I also use the Cookie Whitelist addon.

And yet I still panic when something unexpected happens! :flowers:

Edited by hamluis, 11 September 2010 - 12:36 PM.
Eliminateed blank lines ~ Hamluis.


#13 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 01 January 2010 - 09:15 AM

Even files that are hidden can be affected by malware. I never have, and never will, have any of my files set to be hidden. I want to see them and be familiar with them. I just like being able to see what is on my system, as well as being able to see the date they were created and modified. Just one of the reasons I like seeing them is if I have no knowledge of them and do not see them, I cannot see if they have been changed.


Its not to protect from malware. Its to protect the user from accidentally deleting something important because they do not know what it is that they're deleting.

#14 hamluis

hamluis

    Moderator


  • Moderator
  • 55,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:31 PM

Posted 11 September 2010 - 12:33 PM

LOL...actually, it's the SYSTEM files which are hidden, none other.

If I wanted to advise others regarding such...I would refer to them as...system files, not "hidden" files.

FWIW: I don't agree with the philosophy of "hiding' such or not making file extensions visible. You can't tell the players without a scorecard, as they say in baseball...and I find it near impossible to have any idea of what a file is without the file extension. The Microsoft philosophy that users are too stupid to identify system files from others...is not something I share.

Louis

#15 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:31 PM

Posted 11 September 2010 - 03:42 PM

I would also recommend keeping file extensions visible even for known file types, as it can help you spot a fake "jpeg" thats actually a .exe and such.

I agree with you hamluis, Idon't think users are STUPID but I just think that a lot of inexperienced users of computer could quite easily delete an important system file by accident. And also, if you have a child using your computer, and he gets delete happy, he wont be able to delete critical files if they are hidden.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users