yorolpal
Max Output Level: 0 dBFS
- Total Posts : 13829
- Joined: 2003/11/20 11:50:37
- Status: offline
Need a bit of help
I was on a guitar tab site earlier today when the dreaded threat detected dialog popped up from security essentials. It said it was removing the threat but needed to restart...which it then did. Now after booting up the box runs for about three minutes...then tells me a threat has been detected and removed and then does the restart thing again. I can't run a scan because the box keeps rebooting itself. Any suggestions will be greatly appreciated.
|
jamesg1213
Max Output Level: 0 dBFS
- Total Posts : 21760
- Joined: 2006/04/18 14:42:48
- Location: SW Scotland
- Status: offline
Re:Need a bit of help
2012/08/04 17:06:29
(permalink)
Can you start in safe mode and run the scan?
Jyemz Thrombold's Patented Brisk Weather Pantaloonettes with Inclementometer
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
Re:Need a bit of help
2012/08/04 17:14:03
(permalink)
What James said. Usually the key to hit while booting up is F5 (you should get something that tells you what to hit). Then select Safe Mode and run the scan there.
Time for all of you to head over to Beyond My DAW!
|
bapu
Max Output Level: 0 dBFS
- Total Posts : 86000
- Joined: 2006/11/25 21:23:28
- Location: Thousand Oaks, CA
- Status: offline
Re:Need a bit of help
2012/08/04 18:00:14
(permalink)
And/or try to restore to an earlier point after safe boot?
|
yorolpal
Max Output Level: 0 dBFS
- Total Posts : 13829
- Joined: 2003/11/20 11:50:37
- Status: offline
Re:Need a bit of help
2012/08/04 18:27:26
(permalink)
Turns out these two are doozies...Sirefef.Y and Sirefef.B
Bad mamma jammas. I've tried several web solutions to no avail. Dang!
|
space_cowboy
Max Output Level: 0 dBFS
- Total Posts : 9813
- Joined: 2007/07/20 14:49:31
- Location: Front and center behind these monitors
- Status: offline
Re:Need a bit of help
2012/08/04 20:26:28
(permalink)
try major geeks or hijack this. they have cures fer what ails you my ol pal.
Some people call me Maurice SPLAT Pro lifetime, ADK 6 core 3.6Ghz with 32 GB RAM, SSD 1TB system drive, 3 3TB regular drives for samples, recordings and misc. Behringer X Touch, UAD Apollo Quad. 2 UAD2 Quads PCI (i think - inside the box whatever that is), Console 1. More guitars (40??) and synths (hard and soft) than talent. Zendrum!!!
|
slartabartfast
Max Output Level: -22.5 dBFS
- Total Posts : 5289
- Joined: 2005/10/30 01:38:34
- Status: offline
Re:Need a bit of help
2012/08/04 22:39:41
(permalink)
|
Beagle
Max Output Level: 0 dBFS
- Total Posts : 50621
- Joined: 2006/03/29 11:03:12
- Location: Fort Worth, TX
- Status: offline
Re:Need a bit of help
2012/08/05 07:29:27
(permalink)
which guitar tab site were you on? guitar tab porn? 
|
spacey
Max Output Level: 0 dBFS
- Total Posts : 8769
- Joined: 2004/05/03 18:53:44
- Status: offline
Re:Need a bit of help
2012/08/05 08:58:58
(permalink)
LOL Beagle! I know your company security is as mine...I got blocked
from a legit site called "Sexy Guitars".
|
yorolpal
Max Output Level: 0 dBFS
- Total Posts : 13829
- Joined: 2003/11/20 11:50:37
- Status: offline
Re:Need a bit of help
2012/08/05 17:52:06
(permalink)
Would that it were so but no...it was a guitar tab site of all things. And it will definitely be a trip to the computer guys tomorrow. I tried most every solution proffered on the world wid yawn. But this thing's tenacious.
|
Jonbouy
Max Output Level: 0 dBFS
- Total Posts : 22562
- Joined: 2008/04/14 13:47:39
- Location: England's Sunshine South Coast
- Status: offline
Re:Need a bit of help
2012/08/05 20:07:39
(permalink)
But this thing's tenacious. They tend to be. Let the computer guys pull their hair out over it, life's too short. Then get yourself some imaging software and back your OS drive up once a week so you can get back up and running clean inside 10 minutes in future. A case of the cure being more effective than the prevention. For some reason many of these free midi, tabs and lyric sites are notorious. I had to clean an infection of my brothers work computer once and it took me two straight days clearing it out and by the time I'd done that it had invited all it's mates to come and join in the party and whilst I'd managed to get it clean it was pretty messed up as a result and after he got his important data off it still meant a hard format and a clean OS install at the end of it.
post edited by Jonbouy - 2012/08/05 20:31:12
"We can't do anything to change the world until capitalism crumbles. In the meantime we should all go shopping to console ourselves" - Banksy
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
Re:Need a bit of help
2012/08/05 22:53:27
(permalink)
Jonbouy
But this thing's tenacious.
Then get yourself some imaging software and back your OS drive up once a week so you can get back up and running clean inside 10 minutes in future.
Yeah, what he said. I changed my anti-virus to Eset and I've had no problems since.
Time for all of you to head over to Beyond My DAW!
|
Old55
Max Output Level: 0 dBFS
- Total Posts : 19791
- Joined: 2008/09/19 20:10:05
- Location: Californiashire
- Status: offline
Re:Need a bit of help
2012/08/05 23:00:34
(permalink)
FYI--Fry's has a sale on Eset right now.
Should auld acquaintance be forgot--hey, who the hell are you guys? X2(X3 pending hardware upgrade), Emulator X2, E-mu 1212M, Virtual String Machine
|
Guitarhacker
Max Output Level: 0 dBFS
- Total Posts : 24398
- Joined: 2007/12/07 12:51:18
- Location: NC
- Status: offline
Re:Need a bit of help
2012/08/06 08:38:33
(permalink)
Have you run Malware Bytes on it yet?
My wife got one of those bothersome things a while back.... They are very easy to pick up. Most of the original screens that pop up scare people into clicking it because it looks legit. It took me quite a while working with her machine to get it out.... but MalwareBytes was the essential tool.
I ran MWB on my lappy recently because for some reason my security software would not start and run properly. It found 10 bad problems and fixed them.
I was listening to the Kim Komando show for a few minutes last Sunday morning...... she was talking about malware. Her comment was what I have heard others say who are in the computer geek end of the business. in most cases, people who get these things have clicked, either intentionally or accidentally on the link that allowed the DL to occur.
Just yesterday..... I got an email which appeared to be from my bank (BOA) stating that my online banking had been frozen for "safety precautions" since someone attempted to log in to the account incorrectly and used up the number of log in attempts. I had just had some issues getting my bill pay screen to display properly but I did not bungle the log in. ( I cleared the browser cashe and it displayed properly)
I opted to attempt to log in to my on line banking account from my browser and was able to get in.... the email was a phishing attempt....which I suspected from the start. It had 2 files attached (red flags go up) and I suspect one or both had some sort of malware to capture passwords and log in info.
I reported it and forwarded it to the bank's internet fraud dept to let them track it down and deal with it.
But try the Malware Bytes... it's got a free version that I have on my machines and I run it from time to time just for grins...... it worked for me.
My website & music: www.herbhartley.com MC4/5/6/X1e.c, on a Custom DAW Focusrite Firewire Saffire Interface BMI/NSAI "Just as the blade chooses the warrior, so too, the song chooses the writer "
|
jamesg1213
Max Output Level: 0 dBFS
- Total Posts : 21760
- Joined: 2006/04/18 14:42:48
- Location: SW Scotland
- Status: offline
Re:Need a bit of help
2012/08/06 08:51:10
(permalink)
+1 for Malware Bytes, I use it alongside AVG 2012.
Jyemz Thrombold's Patented Brisk Weather Pantaloonettes with Inclementometer
|
Guitarhacker
Max Output Level: 0 dBFS
- Total Posts : 24398
- Joined: 2007/12/07 12:51:18
- Location: NC
- Status: offline
Re:Need a bit of help
2012/08/06 09:11:13
(permalink)
I have Microsoft Security Essentials and Malware Bytes on my computers...all of them.
With the exception of the issue with my lappy the other day...quickly resolved by Malware Bytes.....I have not had any malware get in that created problems. Even on my daughter's machines. And they are all over Facebook and other sites.
My website & music: www.herbhartley.com MC4/5/6/X1e.c, on a Custom DAW Focusrite Firewire Saffire Interface BMI/NSAI "Just as the blade chooses the warrior, so too, the song chooses the writer "
|
Moshkiae
Max Output Level: -14 dBFS
- Total Posts : 6111
- Joined: 2009/04/27 10:26:25
- Status: offline
Re:Need a bit of help
2012/08/06 09:51:21
(permalink)
jamesg1213
+1 for Malware Bytes, I use it alongside AVG 2012.
I have used the F-Secure Suite for 5 years, and the one time that things got interesting, I can tell you that the folks over there got the ability to log in, and fixed it, and the next update of the software, there was a rootkit update ... and I have not had any issues since. The trick on these, however, is making sure that you install Windows, and then the suite, and then the updates/etc.etc ... and I'm not sure that most people know that procedure is critical, so the Firewall has a clean version of the information on the registry. Any time a website tries to enter the registry, it warns me, and I shut down the browser ... if it can not access the registry, it (usually) does not track its information and leaves the computer quickly ... as it knows it can not move forward. Things hiding in your hard drive, used to be an issue 10 years ago, but are not an issue today ... most firewalls can nail those quickly. It's when they get into the registry that you got a problem ... and once it does ... too late! I never had the quality of support and care with the suite as I have had with F-Secure ... but it has to be a clean install right after you install Windows ... in most cases, even here with the requests, it is clear that the majority of the time the procedure is already busted and fixing those is heck ... you pretty much have to reinstall windows ... and I would strat by formatting the hard drive from the Bios ... and start all over ... 3 to 4 hours wasted, but you won't regret the result!
As a wise Guy once stated from his holy chapala ... none of the hits, none of the time ... prevents you from becoming just another turkey in the middle of all the other turkeys!
|
bapu
Max Output Level: 0 dBFS
- Total Posts : 86000
- Joined: 2006/11/25 21:23:28
- Location: Thousand Oaks, CA
- Status: offline
Re:Need a bit of help
2012/08/06 11:15:00
(permalink)
"Then get yourself some imaging software and back your OS drive up once a week so you can get back up and running clean inside 10 minutes in future." ~The Bouy
|
Moshkiae
Max Output Level: -14 dBFS
- Total Posts : 6111
- Joined: 2009/04/27 10:26:25
- Status: offline
Re:Need a bit of help
2012/08/06 11:36:11
(permalink)
bapu
"Then get yourself some imaging software and back your OS drive up once a week so you can get back up and running clean inside 10 minutes in future." ~The Bouy
That is a wonderful suggestion, however, it is not always the best solution as it does not necessarily deal with the real issue, if the malware has already made itself into the registry, which the imaging, or the use of the previous save spot, both of which are not a guarantee that this will not happen again. Once again, if the malware is already in the registry, it won't matter if any of these steps get done, as it will come back again when you enlist a procedure, with the browser, or any other procedure that will trigger the event again, which can be an email as well. Unffortunately, nothing replaces the proper procedure, and Bapu will always be the first one to tell you that no one can teach you an Am like he does ... so thinking that a malware is going to behave, is not likely until Bapu says so!
As a wise Guy once stated from his holy chapala ... none of the hits, none of the time ... prevents you from becoming just another turkey in the middle of all the other turkeys!
|
Guitarhacker
Max Output Level: 0 dBFS
- Total Posts : 24398
- Joined: 2007/12/07 12:51:18
- Location: NC
- Status: offline
Re:Need a bit of help
2012/08/06 12:19:23
(permalink)
The issue I referenced above.... 10 issues...were all registry entries. Malware bytes found them and made the repairs.
Everything went to working properly after that.
My website & music: www.herbhartley.com MC4/5/6/X1e.c, on a Custom DAW Focusrite Firewire Saffire Interface BMI/NSAI "Just as the blade chooses the warrior, so too, the song chooses the writer "
|
space_cowboy
Max Output Level: 0 dBFS
- Total Posts : 9813
- Joined: 2007/07/20 14:49:31
- Location: Front and center behind these monitors
- Status: offline
Re:Need a bit of help
2012/08/06 12:32:26
(permalink)
There have also been cases where tiny wee people get inside of your computer and create random havoc. They are well known alcoholics and become mischievous when drunk
Some people call me Maurice SPLAT Pro lifetime, ADK 6 core 3.6Ghz with 32 GB RAM, SSD 1TB system drive, 3 3TB regular drives for samples, recordings and misc. Behringer X Touch, UAD Apollo Quad. 2 UAD2 Quads PCI (i think - inside the box whatever that is), Console 1. More guitars (40??) and synths (hard and soft) than talent. Zendrum!!!
|
yorolpal
Max Output Level: 0 dBFS
- Total Posts : 13829
- Joined: 2003/11/20 11:50:37
- Status: offline
Re:Need a bit of help
2012/08/06 14:17:46
(permalink)
Yup... I ran Malware Bytes and it found the trojans and the rootkits but when I clicked on remove the box just rebooted itself and started the process all over again. I took it to "Marvin and Jay" (my longtime techs) just a while ago and they are sure they can get me back to square one (I'm also getting a new TerraByte drive to back up to as well). One thing Jay said that I've never even thought of was to always untick (or tick as the case may be) the box in your Adobe reader that says allow third party programs to run inside Adobe. That's one of the biggest culprits they see letting nasty bits getting in your innards. Among many other things. I guess I should count myself lucky...this is only the second major virus problem I've had since the late 80s when we started using these dern computer thingys.
|
Starise
Max Output Level: -0.3 dBFS
- Total Posts : 7563
- Joined: 2007/04/07 17:23:02
- Status: offline
Re:Need a bit of help
2012/08/06 14:25:07
(permalink)
Glad you are gettin it all sorted there youroldpal. Happened to me a few times as well. I think Adobe is evil.
Intel 5820K O.C. 4.4ghz, ASRock Extreme 4 LGA 2011-v3, 16 gig DDR4, , 3 x Samsung SATA III 500gb SSD, 2X 1 Samsung 1tb 7200rpm outboard, Win 10 64bit, Laptop HP Omen i7 16gb 2/sdd with Focusrite interface. CbB, Studio One 4 Pro, Mixcraft 8, Ableton Live 10 www.soundcloud.com/starise Twitter @Rodein
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
Re:Need a bit of help
2012/08/06 15:37:14
(permalink)
yorolpal
One thing Jay said that I've never even thought of was to always untick (or tick as the case may be) the box in your Adobe reader that says allow third party programs to run inside Adobe.
I just went through all of the settings in Adobe Reader and couldn't find this... Do you know what subsection of preferences it's under?
Time for all of you to head over to Beyond My DAW!
|
yorolpal
Max Output Level: 0 dBFS
- Total Posts : 13829
- Joined: 2003/11/20 11:50:37
- Status: offline
Re:Need a bit of help
2012/08/06 15:45:41
(permalink)
Nope...but I'll be glad to ask Jay.
|
Crg
Max Output Level: 0 dBFS
- Total Posts : 7719
- Joined: 2007/11/15 07:59:17
- Status: offline
Re:Need a bit of help
2012/08/06 20:09:59
(permalink)
There have been a lot of false Adobe updates coming our way. That is undoubtably how the trojan got in. I always wait at least two weeks before letting an adobe update in. The free Adobe program is the culprits avenue of attack, as well as flash player since it's so widely used. It's a jungle out there.
|