Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware Blues and other Annoyances


  • Please log in to reply
2 replies to this topic

#1 Cernunnos

Cernunnos

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 03 December 2013 - 11:25 AM

Hello Bleeping Computer!

 

I have been visiting this site for a few years on and off, and your pretty much my go to source on learnng how to computer.

 

I'm pretty much the resident tech of my household, as for some reason everybody is under the impression I know how to computer. As such, if they have an issue, its me they call on, which I don't mind too much becasue I have a masochistic sence of fun.

 

So I have this roomate who, for some reason, seems to be unable to keep his system clean. Every few months somthing will happen, I'll get called to work on it, and have to spend the next day or so cleaning, securing and doing general maintence. Again. I get a sick sence of pleasure from it, but it still needs to be adressed.

 

I have NO idea what he is doing that keeps getting him infected. We use generally the same software set up, and I have most of the programs automated... but somehow he still keeps comng to me, eyes alit in bluescreens...

 

What we run is (in order); Windows 7 Ultimate, Avira, Malwarebytes, AdwCleaner. And AdBlockPlus in Firefox

 

On my system I don't have AdwCleaner yet, none the less, mine is as clean as... well. Its really damn clean.

 

Most recently he was suffering bluescreens when the DCOM and Virtual Shadow Copy services were performing some kind of illegal operations (not exactly sure what they were yet). There were about seven proccess running that look suspicios, though the Event log wasn't reporting anything I didn't expect.

 

I ask him general questions, start poking around, find out he downloaded some torrent client called BitMaster or some crap like that. Long story short (too late), BitMaster was riddled with adware  his system finally reached critical mass.

 

Strange thing is, niether Avira or Malwarebyte picked up the seven or eight instances that where on there. (Avira was finding one bit of adware, which is what lead me to BitMaster in the firstplace).

 

Trying to determine where this other crap came from, I looked through his browser history to see if he has been visiting any porn sites or somthing with crap on them... a huge breech of privacy, but I needed to know what keeps causeing his system to freak. Didn't see any suspicios sites in his seven month long browser history (the last time I cleaned his system). He could just be running in privacy mode... but I don't know if there is anyway to determine where he has been picking malware up if he is...

 

I just don't know what to do. I tried showing him, several times, things to keep you safe online, how to use these programs, what to do and what not to do (in my limited scope of knowledge). I would say its just me giving him bad advice, but my system virtually never needs to be cleaned. But every few months... Short of having him verify every site he visits, every program he downloads every action he takes on his system, I only see the cycle repeating...

 

Is there somthing I'm not teaching him that I need to? Someway to make sure this doesn't happen again? Some way to hammer into his skull the reudiments of system security and its importance?

 

TL;DR? How does one teach another to computer?

 

 



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:00 PM

Posted 03 December 2013 - 02:46 PM

It is not you or your teaching ability.

"You can put a person in a classroom but you can't make them learn...you can lead someone to knowledge, but you cant make them think."
"There is no 'patch' for stupidity"...some folks just have to learn the hard way.

Tell them this:

Using any torrent, peer-to-peer (P2P) file sharing program (i.e. Limewire, eMule, Kontiki, BitTorrent, BitComet, uTorrent, BitLord, BearShare, Azureus/Vuze, Skype, etc) or visiting such sites is a security risk which can make your system susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. In some cases the computer could be turned into a virus honeypot or zombie. File sharing networks are thoroughly infected and infested with malware according to Senior Virus Analyst, Norman ASA. As such, it is not uncommon for some anti-virus/anti-malware disinfection tools to detect torrent related files and programs as a threat and attempt to remove them.

The reason for this is that file sharing relies on its members giving and gaining unfettered access to computers across the P2P network. This practice can make you vulnerable to data and identity theft, system infection and remote access exploit by attackers who can take control of your computer without your knowledge. Even if you change the risky default settings to a safer configuration, downloading files from an anonymous source increases your exposure to infection because the files you are downloading may actually contain a disguised threat. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. Many malicious worms and Trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities. In some instances the infection may cause so much damage to your system that recovery is not possible and a Repair Install will NOT help!. In those cases, the only option is to wipe your drive, reformat and reinstall the OS.

Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The best way to eliminate these risks is to avoid using P2P applications and torrent web sites.

File sharing programs are often bundled with other software (sometimes without the knowledge or consent of the user) and can be the source of various issues and problems to include Adware, and browser hijackers as well as malware.

And have them read the following:

About those Toolbars and Add-ons which change your browser settings - Removal Tips
How Malware Spreads - How did I get infected
Best Practices for Safe Computing - Prevention of Malware Infection

From what you describe, the first link explains what he is most likely doing...downloading free stuff which is bundled with other junkware and crapware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:00 AM

Posted 04 December 2013 - 12:57 AM

What we run is (in order); Windows 7 Ultimate, Avira, Malwarebytes, AdwCleaner.

Please note that several programs (like AdwCleaner) should be opened and then you hit the Uninstall button.

Uninstalling also removes any infections saved in its quarantine chest. 

This program also has no Update facility, and is a Use and Remove tool, so you just remove it when finished.

 

Avira has an Updater and you should always Update Malwarebytes prior to any scan. Be sure that Windows Updates are set for Auto Install, or you must check them every week -

 

Thank You -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users