Page 1 of 3 123 LastLast
Results 1 to 15 of 37
  1. #1
    New Lounger
    Join Date
    Mar 2012
    Location
    Wellington, New Zealand
    Posts
    13
    Thanks
    3
    Thanked 1 Time in 1 Post

    Virus attack experience: What more can we do?

    I am just recovering my main PC from an attack of the virus "Smart HDD". It rendered my computer 99 percent unusable displaying continual fatal error messages telling me that me C: drive has failed and deleting everything from the Windows desktop, taskbar and start menu. It also seriously affected Windows Explorer, it told me everything on every partition of my multiple hard disks system had been deleted.

    So where does this leave me? I tried to find out more about the Smart HDD virus. It appears to be a new one and I could find only a few references, one of which was offering a free executable named iExplorer that was supposed to help. I was not keen to try this out, as far as I was concerned this was an untrusted site and it could have been phase 2 of the same virus attack.

    I have a C: drive disk image backup a month old to resort to. Fortunately this worked and all I have to do now is spend a day or so checking and recovering odds and ends. All my data is backed up on separate media, so there's no actual loss of any of my own data.

    The source of the infection appears to have been a link on a web site that I have been unable to pinpoint exactly. My real concern is that I cannot be certain how I can prevent another attack. I have a fully up to date integrated Internet Security application installed . It has firewall, anti-virus, malware, browser and email protection built in yet failed in its purpose to protect me. And it's not as though I am using a free version of this application - I am fully paid up for the next 18 months and have been for the last 5 years too. After emailing a request for assistance to the company concerned they have so far failed to respond. Windows Defender is in the background somewhere too. But it rarely indicates anything untoward.

    What more can I do to protect myself from another attack? I am currently ensuring my Windows patches are fully up to date, also that my browser is fully updated. Maybe I should confine Internet access to a non Admin Windows user account. I currently browse in an Admin account.

    Does anyone have any good suggestions or experiences with this virus to share?

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,041
    Thanks
    96
    Thanked 194 Times in 169 Posts
    Welcome to the Lounge!

    Chrome and Mozilla-based browsers use Google's Safe Browsing feature which seems to be much better (or at least more frequently and thoroughly checked) than IE's SmartScreenFilter protection at giving an advanced warning of a known attack site (I'm not sure that Safari and others have an equivalent).

    Integrated 'full protection suites' are perhaps of lesser value than a well thought out and implemented layering protection, using the best available active and passive tools from multiple (even free) makers.

    Go on, tell us who 'protected' you

  4. #3
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    5,270
    Thanks
    123
    Thanked 454 Times in 418 Posts
    For future reference:

    Geeks To Go: Welcome to Geeks to Go's Virus, Spyware, Malware Removal forum
    Bleeping Computers: Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
    Security-Wire.com: How to Remove Smart HDD Fake Security Program

    There is no 100% effective way to avoid getting an infection. Maintaining both data and image based backups, as you have been doing,
    will be among your best defenses.

  5. The Following User Says Thank You to CLiNT For This Useful Post:

    catilley1092 (2012-04-15)

  6. #4
    New Lounger
    Join Date
    Mar 2012
    Location
    Wellington, New Zealand
    Posts
    13
    Thanks
    3
    Thanked 1 Time in 1 Post
    OK, if you insist. 8-) I guess the main culprit is my expensive, fully paid up copy of AVG Internet Security 2012. I was also using Mozilla Firefox 3 at the time, which they continue to apply security patches to. I use passive scanning tools, like Super Anti Spyware which I run periodically. I rely on Windows Defender to do active scans, but nothing else really. What active tools would you suggest? Will they guard against the Smart HDD virus is a key question too.

  7. #5
    5 Star Lounger Drew1903's Avatar
    Join Date
    Mar 2012
    Location
    Calgary
    Posts
    1,198
    Thanks
    0
    Thanked 92 Times in 71 Posts
    Sorry but, I don't know your name,

    Suggestions:
    1. Switch from AVG to MSE
    2. Install & keep updated SpywareBlaster
    3. Install Trend Micro's BrowserGuard.
    4. Be sure to keep Windows Updates up to date.
    5. Run Malwarebytes wkly.
    6. Set MSE & Defender to do Full Scans, Daily

    Cheers,
    Drew

  8. The Following User Says Thank You to Drew1903 For This Useful Post:

    WSLfan (2012-04-01)

  9. #6
    Gold Lounger Roderunner's Avatar
    Join Date
    Dec 2009
    Location
    Scotland.
    Posts
    3,426
    Thanks
    16
    Thanked 212 Times in 180 Posts
    Quote Originally Posted by Drew1903 View Post
    Sorry but, I don't know your name,

    Suggestions:
    1. Switch from AVG to MSE
    2. Install & keep updated SpywareBlaster
    3. Install Trend Micro's BrowserGuard.
    4. Be sure to keep Windows Updates up to date.
    5. Run Malwarebytes wkly.
    6. Set MSE & Defender to do Full Scans, Daily

    Cheers,
    Drew
    Hi Drew,
    SpywareBlaster is not recommended if running Win7. Sorry i can't be more informative as I can't find where I read about it.
    When MSE is installed, it disables Win Defender.
    George's PC Specs. / Laptop. Desktop.

  10. #7
    Gold Lounger Roderunner's Avatar
    Join Date
    Dec 2009
    Location
    Scotland.
    Posts
    3,426
    Thanks
    16
    Thanked 212 Times in 180 Posts
    Quote Originally Posted by WSLfan View Post
    I was also using Mozilla Firefox 3 at the time, which they continue to apply security patches to. I use passive scanning tools, like Super Anti Spyware which I run periodically. I rely on Windows Defender to do active scans, but nothing else really. What active tools would you suggest? Will they guard against the Smart HDD virus is a key question too.
    Hi WSLfan
    First, I suggest updating Firefox, and install Web of Trust (Wot). As to other security, I recommend using OpenDNS. You could also use http://winhelp2002.mvps.org/hosts.htm BUT I suggest using it only if you do not use Network Sharing.
    George's PC Specs. / Laptop. Desktop.

  11. #8
    5 Star Lounger Drew1903's Avatar
    Join Date
    Mar 2012
    Location
    Calgary
    Posts
    1,198
    Thanks
    0
    Thanked 92 Times in 71 Posts
    Hi,

    I, certainly, know MSE Disables Defender but, whichever, are used, they both should be set to Full & Daily. MSE doesn`t need Defender... what Defender does is incorporated into MSE.

    I have used SpyBlaster for years and in Windows7... no issues what so ever; nor have I ever heard anything about what you have mentioned, before. Still use SpywareBlaster with Windows8; again, no problems. Have given it to all my clients; again, no problems.

    But, no worries, can be used or not, no biggie, really.

    Drew

  12. #9
    5 Star Lounger Drew1903's Avatar
    Join Date
    Mar 2012
    Location
    Calgary
    Posts
    1,198
    Thanks
    0
    Thanked 92 Times in 71 Posts
    If, you are going to use FF, it should be on version 11.0 not, 3.0. Please, update.

    IE should be version 9.

    It is important that everything be kept up to date; not doing so undermines internet & computer security

    Drew
    Last edited by Drew1903; 2012-04-01 at 05:06.

  13. #10
    mart44
    Guest
    Always browse sandboxed because you never know if an innocent looking link will lead to the problem you have experienced. True that some AV programs and scanners might be better at preventing infections than others but I'd say not to be too hard on AVG because none will get everything all of the time.

    http://www.sandboxie.com/

    How Sandboxie works

  14. #11
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,581
    Thanks
    76
    Thanked 318 Times in 289 Posts
    Quote Originally Posted by satrow View Post
    Chrome and Mozilla-based browsers use Google's Safe Browsing feature which seems to be much better (or at least more frequently and thoroughly checked) than IE's SmartScreenFilter protection at giving an advanced warning of a known attack site (I'm not sure that Safari and others have an equivalent).
    Any evidence for that assertion?

    Google's URL blacklist as poor as Microsoft's

    IE 9 anti-malware kingpin in browser face off

    Bruce

  15. #12
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,041
    Thanks
    96
    Thanked 194 Times in 169 Posts
    Only my own testing and experience, as recently as yesterday here: http://raptorpolitics.org.uk/ <-- it might be clean now, they've been working on it.

    On the above site, a Mozilla-based v.11 browser with Java disabled was safe; IE 9 with Java disabled, Smartscreen enabled triggered 2 Java-related processes.

  16. #13
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,581
    Thanks
    76
    Thanked 318 Times in 289 Posts
    Quote Originally Posted by satrow View Post
    Only my own testing and experience, as recently as yesterday here: http://raptorpolitics.org.uk/ <-- it might be clean now, they've been working on it.

    On the above site, a Mozilla-based v.11 browser with Java disabled was safe; IE 9 with Java disabled, Smartscreen enabled triggered 2 Java-related processes.
    A single site doesn't seem like much justification for "much better protection". Shouldn't Google's Safe Browsing have prevented you completely from visiting the site?

    Bruce

  17. #14
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,041
    Thanks
    96
    Thanked 194 Times in 169 Posts
    Shouldn't IE9/Windows 7 have prevented IE triggering Java when it was disabled in the browser?

  18. #15
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,581
    Thanks
    76
    Thanked 318 Times in 289 Posts
    Quote Originally Posted by satrow View Post
    Shouldn't IE9/Windows 7 have prevented IE triggering Java when it was disabled in the browser?
    That depends on several settings, but did Google's Safe Browsing protect you on this occasion (by preventing you from visiting the site with Firefox)?

    Bruce
    Last edited by BruceR; 2012-04-01 at 12:17.

Page 1 of 3 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •