Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Requestiig a few tips or solutions.


  • Please log in to reply
2 replies to this topic

#1 PJKJim

PJKJim

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 16 May 2011 - 07:56 PM

Recently I've been being attacked by viruses on simple sites such and megaupload or a wikia site when I feel like reading up on a certain subject. These viruses enter my system, through a missing dll plugin update. For instance these little pop ups look exactly like the pop ups you get when you need Active X for a certain program such as a game to run. The first time took me forever to cure and the second time was when I was surfing megaupload. Out of no where I get a missing plugin needed for this "whatever" and the virus does its job and is already on my computer. I didn't consent to anything it just does it.

I combated the problem by running rkill which I keep handy on me at ALL times. Found the program scanned it with Malware bytes, and Microsoft Security Essentials, and guess what? They don't find anything. Well I have common sense so I quickly got rid of the program.

Now my computer is all handy dandy, but I don't understand how these viruses can come from such a site such as megaupload which leads me to believe that there has to be some fault in my own computer whether it be my Java being outdated or Adobe.

I guess that was all a wall of text and my venting, but really what I'm asking for is how to prevent these "missing plugins, dll whatever" from occurring on a site I believe millions use.

Edited by hamluis, 17 May 2011 - 01:18 PM.
Moved from Vista to AV, Firewall, Privacy.


BC AdBot (Login to Remove)

 


#2 ~Kal~

~Kal~

  • Members
  • 699 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:UK
  • Local time:09:09 PM

Posted 17 May 2011 - 03:54 PM

I suppose the obvious things to do are to make sure you're running an up to date antivirus, with firewall protection - you don't mention what you're running? Then to make sure any vulnerabilities on your system aren't leaving handy holes for things to sneak through, make sure your windows is updated (turn auto updates on) and then make sure your java, adobe etc are also patched as these can also carry security holes.

Secunia have a handy online scanning facility that checks whether you're running any out of date software including windows updates not loaded - http://secunia.com/vulnerability_scanning/online

That might not help with missing plug ins if they really are the problem, but at least you're securing your system as best you can. There is a very good bleeping computer article here which is worth reading - it gives good advice about steps to take to reduce your chances of re-infection: http://www.bleepingcomputer.com/forums/topic2520.html
Kal
Please bear in mind I'm in the UK so our timezones may not always sync.
If I'm helping you and haven't replied within 24 hrs please send me a pm

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:09 PM

Posted 18 May 2011 - 08:28 AM

Please read How Malware Spreads - How did I get infected which explains the most common ways malware is contracted and spread.


Tips to protect yourself against malware and reduce the potential for re-infection:

Keep Windows and Internet Explorer current with all security updates from Microsoft which will patch many of the security holes through which attackers can gain access to your computer. When necessary, Microsoft releases security updates on the second Tuesday of each month and publishes Security update bulletins to announce and describe the update. If you're not sure how to install updates, please refer to Updating your computer. Microsoft also recommends Internet 6 and 7 users to upgrade their browsers due to security vulnerabilities which can be exploited by hackers.

Avoid gaming sites, porn sites, pirated software (warez), cracking tools, and keygens. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. In some instances an infection may cause so much damage to your system that recovery is not possible and the only option is to wipe your drive, reformat and reinstall the OS.

Avoid peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, Kontiki, BitTorrent, BitComet, uTorrent, BitLord, BearShare). They too are a security risk which can make your computer susceptible to malware infections. File sharing networks are thoroughly infected and infested with malware according to Senior Virus Analyst, Norman ASA. Malicious worms, backdoor Trojans IRCBots, and rootkits spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
Beware of Rogue Security software as they are one of the most common sources of malware infection. They infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware. For more specific information on how these types of rogue programs install themselves and spread infections, read How Malware Spreads - How did I get infected.

Keeping Autorun enabled on flash drives has become a significant security risk as they are one of the most common infection vectors for malware which can transfer the infection to your computer. One in every eight malware attacks occurs via a USB device. Many security experts recommend you disable Autorun as a method of prevention. Microsoft recommends doing the same.Note: If using Windows 7, be aware that in order to help prevent malware from spreading, the Windows 7 engineering team made important changes and improvements to AutoPlay so that it will no longer support the AutoRun functionality for non-optical removable media.

Always update vulnerable software like browsers, Adobe Reader and Java Runtime Environment (JRE) with the latest security patches. Older versions of these programs have vulnerabilities that malicious sites can use to exploit and infect your system.
Change all passwords: Anytime you encounter a malware infection on your computer, especially if that computer was used for online banking, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for banking, email, eBay, paypal and any online activities which require a username and password. You should consider them to be compromised and change passwords as a precaution in case an attacker was able to steal your information when the computer was infected. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.

• Finally, use common sense, safe computing and safe surfing habits provides the most complete protection.
Security Resources from Microsoft:Other Security Resources:Browser Security Resources:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users