Survey? Is this official? - Page 2

CRussel · 02-17-2014, 06:06 PM

What you fail to understand, and that several of us are suggesting, is that even though you think you've cleaned up your computer, the odds are very good that it is still infected. And that the only reliable way to clean it is to wipe it if MalwareBytes reports it can't remove something. Seriously, even though you aren't aware of what is happening, all of the information you type, including all of your passwords, your bank account information, whatever, is likely being captured and transmitted to those with ill intent.

cromag · 02-17-2014, 08:12 PM

Ditto. Malware pushers don't make this kind of effort without expecting a payoff. And they usually try for a few payoffs, which is why you saw a survey. There is almost ceertainly still something there. (I went through an impressive virus attack 7 years ago -- it's not fun, but living with it will almost certainly be worse.)

BookCat · 02-18-2014, 07:09 AM

I've done a major update of my browser, which seems to have dealt with all the problems. I did say that I don't do internet banking and I'm NOT going to wipe my pc. Thanks for the advice, but I think it's a bit alarmist under the circumstances. The only time I've wiped a pc has been when the hard-drive completely failed. I also had to buy a new laptop. I don't connect to the internet on the old pc anymore, just use it for designing posters (it has a better screen ratio) and playing games.

BTW the only warnings I'm getting from the trial of Malwarebytes that they've blocked malware is when I connect to MR.

poohbear_nc · 02-18-2014, 09:19 AM

Running full system scans using SAS and Malwarebytes can probably eliminate around 90% of malware. The problem is there are literally millions of spammers out there writing code and modifying their code to elude recognition. SAS and Malwarebytes need daily updates of their files to improve their recognition of infected files or malware. The paid versions also offer active blocking - they stop infections rather than remove the files once your PC has been attacked.

The point is - any protective program has to recognize the infection before it can remove it - and the removal may not be complete - spammers are extremely smart and can leave inactive 'sleeper programs' or files that do not trigger any alerts now - but that will allow the spammer to reconnect at a future date - especially if they can modify resident Windows program files - that's why the other posters have advised you to perform a complete wipe. While you were filling out the survey, your PC was communicating with the spam website - even though you didn't submit the form - you still had established a connection between your PC and the spam IP - and you had no control over what was being sent and installed on your PC.

Bottom line - it's a matter of comfort level vs. security. Your PC was obviously infected. You've run the best programs you can find. Your PC may or may not be cleared of all infected files - unfortunately there's no sure way to tell unless you wrote the spam program and know what it was programmed to do.

If you are reluctant to do the complete wipe yourself, take it to a reputable shop and get it done. From your descriptions of the aftermath from this fake survey, I agree with the others -- it just isn't worth taking the risk of inadvertently sharing any of your personal information.

DoctorOhh · 02-19-2014, 01:49 AM

Quote:

Originally Posted by BookCat

I've done a major update of my browser, which seems to have dealt with all the problems. I did say that I don't do internet banking and I'm NOT going to wipe my pc.

If you don't do online banking or online purchases or do your taxes online etc... then don't continue at your own risk.

Quote:

Originally Posted by BookCat

Thanks for the advice, but I think it's a bit alarmist under the circumstances.

Not alarmist at all if you do any of the things we mentioned. Even if you don't do the things mentioned it is possible your computer is now part of a botnet.

Quote:

Originally Posted by BookCat

BTW the only warnings I'm getting from the trial of Malwarebytes that they've blocked malware is when I connect to MR.

If Malwarebytes is alarming when you connect to MR then you still have problems with a virus or malware on your computer. Malwarebytes never triggers any alarms when I go to MR so it is safe to say it isn't MR that has the problem.

As long as you are comfortable with the risks mentioned ...

BookCat · 02-19-2014, 04:01 AM

Last night I spoke to a techie friend about this, he's going to come over to take a look at my computer and the results of scans. He's also advised me to research the two programs suggested as they may be giving false positives.
While he understands the cautious advice to wipe the computer, he felt it was unnecessary without closer inspection from someone more technically minded than me.

I'll take his advice. I didn't really understand how to use one of the programs, which just gave me a list of things with check boxes beside them which I could tick if I felt they were a threat (I'm sure some were cookies) and then choose from about a dozen options of what to do with them. I was baffled, so just ticked everything which didn't have microsoft or windows or anything important in the name. The entire name of the 'problem' wasn't given, just the beginning then ellipses. So it's entirely possible that I ticked some things which weren't supposed to be removed.

Anyway, thanks for the help, I'm sure my computer-literate friend will sort this out for me.

DoctorOhh · 02-19-2014, 05:15 AM

Quote:

Originally Posted by BookCat

Anyway, thanks for the help, I'm sure my computer-literate friend will sort this out for me.

I wish your friend better luck than I had last year. Back then our home computer had a malware issue. I cleaned everything off that showed itself. Locally things seemed fine, I could find no traces of any malicious programs left and our computer functioned as it always had. All programs reported back zero existing problems.

But our local internet service provider (ISP) reported to us that our machine was acting as part of a botnet and if we didn't fix it we would be cutoff. Even with that knowledge and many more tools I could find no hint of any wrong doing. After the second warning from the ISP I wiped our machine and started fresh. No more warnings came from our ISP.

I have been working in the Information Technology field for 30 years and the root source of the problem eluded me. I really should take a coworker's advice and give my wife a separate login to our computer without administrator privileges. But truthfully I can just as easily click the wrong item too. Now when I build my machine I create an image so I don't have to build the machine from scratch the next time.

CRussel · 02-19-2014, 01:58 PM

Like you, DoctorOhh, I've been in this business for a long time. I've written 30+ books on operating systems, from DOS to OS2 to UNIX to Windows. And while I've been personally lucky about getting infested, I've had to work on machines that did get infested. Some appeared clean, some didn't. But I would never trust one again after it had an infection.

Pretending that all is well, or even that your "techie" friend can solve it is just being an ostrich. And the costs can be serious for you. And your friends/family.

I'll make a suggestion for your future endeavors -- when you wipe your PC, rebuild it with a second partition or full second HDD. Put all your data (My Documents, Pictures, Music, etc.) on that second HDD or partition. (I like to assign the D: drive to it, and label it "Data".) Change the settings for your user account to store documents, pictures, music and video on that second drive. And change your account logon to a standard user account. If you really need admin priviliges, use a second logon for when you need to be an administrator.

If you want a referral for cloud storage that integrates directly with Windows, use this link to OneDrive (formerly SkyDrive) that will give you 5.5GB of free storage to put documents, etc. on. I've switched to using it for a lot of things and am quite pleased with it.

theducks · 02-19-2014, 11:27 PM

botnet means an compromised computer becomes a zombie roBOT waiting to rise and perform tasks designated by the creator as a part of a NETwork of these zombies.
The computer may wait until there is no user activity, at which time the BOT wakes up and starts doing its task (which may include phone home to get said task and report data collected from a prior task.

Not all Malware manifests itself with crappy performance. The well written stuff is near undetectable.

DoctorOhh · 02-20-2014, 12:21 AM

Quote:

Originally Posted by CRussel

Pretending that all is well, or even that your "techie" friend can solve it is just being an ostrich. And the costs can be serious for you. And your friends/family.

Too true.

Quote:

Originally Posted by CRussel

And change your account logon to a standard user account. If you really need admin priviliges, use a second logon for when you need to be an administrator.

Good idea.

Quote:

Originally Posted by CRussel

If you want a referral for cloud storage that integrates directly with Windows, use this link to OneDrive (formerly SkyDrive) that will give you 5.5GB of free storage to put documents, etc. on.

Since I've been using OneDrive since it was called Live Mesh I have the 25 gigs originally allotted as a Live Mesh user.

CRussel · 02-20-2014, 09:04 AM

I never used LiveMesh, but think that SkyDrive/OneDrive is a good solution. And I have an extra 200GB that came with my Surface 2. Not that I'll likely use anywhere near that much cloud storage.

WT Sharpe · 02-20-2014, 10:18 AM

I use Carbonite for the bulk of my online storage, but I do keep some frequently accessed files in OneDrive (formerly SkyDrive until the name infringement lawsuit) as well as a few in iCloud. Carbonite has been a lifesaver. When my last PC went belly-up, transferring the saved files to the new PC was a breeze. Another plus is the ability to access the files via my iPad. Not so big a plus now that I'm retired and have constant access now to my PC, but it sure came in handy when I was at work and needed a file from my home PC.

CRussel · 02-20-2014, 01:34 PM

Ah, well, I have a Windows Storage Server Essentials box here, doing all my client backup. And I have remote access through Remote Web Workplace on my SBS, or access to the OneDrive files remotely from both my iPhone and my Kindle FireHD. I'm now mirroring my Calibre up to my OneDrive, for example. (Oh, and I just got an offer for 20 GB of free space on OneDrive if anyone needs it. PM me with an email addy.)

When I think of what it used to take to get this level of access in the old days...

02-18-2014, 07:09 AM	#18
BookCat C L J Posts: 2,912 Karma: 21115458 Join Date: Dec 2008 Location: Birmingham UK Device: Sony e-reader 505, Kindle PW2, Kindle PW3, Kobo Libra2	I've done a major update of my browser, which seems to have dealt with all the problems. I did say that I don't do internet banking and I'm NOT going to wipe my pc. Thanks for the advice, but I think it's a bit alarmist under the circumstances. The only time I've wiped a pc has been when the hard-drive completely failed. I also had to buy a new laptop. I don't connect to the internet on the old pc anymore, just use it for designing posters (it has a better screen ratio) and playing games. BTW the only warnings I'm getting from the trial of Malwarebytes that they've blocked malware is when I connect to MR. Last edited by BookCat; 02-18-2014 at 07:11 AM.

02-19-2014, 01:58 PM	#23
CRussel (he/him/his) Posts: 12,159 Karma: 79742714 Join Date: Jul 2010 Location: Sunshine Coast, BC Device: Oasis (Gen3),Paperwhite (Gen10), Voyage, Paperwhite(orig), Fire HD 8	Like you, DoctorOhh, I've been in this business for a long time. I've written 30+ books on operating systems, from DOS to OS2 to UNIX to Windows. And while I've been personally lucky about getting infested, I've had to work on machines that did get infested. Some appeared clean, some didn't. But I would never trust one again after it had an infection. Pretending that all is well, or even that your "techie" friend can solve it is just being an ostrich. And the costs can be serious for you. And your friends/family. I'll make a suggestion for your future endeavors -- when you wipe your PC, rebuild it with a second partition or full second HDD. Put all your data (My Documents, Pictures, Music, etc.) on that second HDD or partition. (I like to assign the D: drive to it, and label it "Data".) Change the settings for your user account to store documents, pictures, music and video on that second drive. And change your account logon to a standard user account. If you really need admin priviliges, use a second logon for when you need to be an administrator. If you want a referral for cloud storage that integrates directly with Windows, use this link to OneDrive (formerly SkyDrive) that will give you 5.5GB of free storage to put documents, etc. on. I've switched to using it for a lot of things and am quite pleased with it. Last edited by CRussel; 02-19-2014 at 02:05 PM.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
eReading Survey	SenoraPrufrock	General Discussions	32	08-29-2012 01:16 AM
Reader survey	kcmay	General Discussions	12	01-29-2011 02:10 PM
Phone survey?	janiebegood	Lounge	29	03-25-2008 01:33 AM

02-17-2014, 06:06 PM	#16
CRussel (he/him/his) Posts: 12,159 Karma: 79742714 Join Date: Jul 2010 Location: Sunshine Coast, BC Device: Oasis (Gen3),Paperwhite (Gen10), Voyage, Paperwhite(orig), Fire HD 8	What you fail to understand, and that several of us are suggesting, is that even though you think you've cleaned up your computer, the odds are very good that it is still infected. And that the only reliable way to clean it is to wipe it if MalwareBytes reports it can't remove something. Seriously, even though you aren't aware of what is happening, all of the information you type, including all of your passwords, your bank account information, whatever, is likely being captured and transmitted to those with ill intent.

02-17-2014, 08:12 PM	#17
cromag Surfin the alpha waves ~~ Posts: 24,293 Karma: 459220161 Join Date: Dec 2010 Location: New Jersey Device: Jetbook Lite & Mini, Nook STR, Kobo, Hanvon N516, Kindle 2, Androids	Ditto. Malware pushers don't make this kind of effort without expecting a payoff. And they usually try for a few payoffs, which is why you saw a survey. There is almost ceertainly still something there. (I went through an impressive virus attack 7 years ago -- it's not fun, but living with it will almost certainly be worse.)

02-18-2014, 09:19 AM	#19
poohbear_nc Now what? Posts: 58,843 Karma: 135181808 Join Date: Feb 2009 Location: Durham, NC Device: Every Kindle Ever Made & To Be Made!	Running full system scans using SAS and Malwarebytes can probably eliminate around 90% of malware. The problem is there are literally millions of spammers out there writing code and modifying their code to elude recognition. SAS and Malwarebytes need daily updates of their files to improve their recognition of infected files or malware. The paid versions also offer active blocking - they stop infections rather than remove the files once your PC has been attacked. The point is - any protective program has to recognize the infection before it can remove it - and the removal may not be complete - spammers are extremely smart and can leave inactive 'sleeper programs' or files that do not trigger any alerts now - but that will allow the spammer to reconnect at a future date - especially if they can modify resident Windows program files - that's why the other posters have advised you to perform a complete wipe. While you were filling out the survey, your PC was communicating with the spam website - even though you didn't submit the form - you still had established a connection between your PC and the spam IP - and you had no control over what was being sent and installed on your PC. Bottom line - it's a matter of comfort level vs. security. Your PC was obviously infected. You've run the best programs you can find. Your PC may or may not be cleared of all infected files - unfortunately there's no sure way to tell unless you wrote the spam program and know what it was programmed to do. If you are reluctant to do the complete wipe yourself, take it to a reputable shop and get it done. From your descriptions of the aftermath from this fake survey, I agree with the others -- it just isn't worth taking the risk of inadvertently sharing any of your personal information.

02-19-2014, 04:01 AM	#21
BookCat C L J Posts: 2,912 Karma: 21115458 Join Date: Dec 2008 Location: Birmingham UK Device: Sony e-reader 505, Kindle PW2, Kindle PW3, Kobo Libra2	Last night I spoke to a techie friend about this, he's going to come over to take a look at my computer and the results of scans. He's also advised me to research the two programs suggested as they may be giving false positives. While he understands the cautious advice to wipe the computer, he felt it was unnecessary without closer inspection from someone more technically minded than me. I'll take his advice. I didn't really understand how to use one of the programs, which just gave me a list of things with check boxes beside them which I could tick if I felt they were a threat (I'm sure some were cookies) and then choose from about a dozen options of what to do with them. I was baffled, so just ticked everything which didn't have microsoft or windows or anything important in the name. The entire name of the 'problem' wasn't given, just the beginning then ellipses. So it's entirely possible that I ticked some things which weren't supposed to be removed. Anyway, thanks for the help, I'm sure my computer-literate friend will sort this out for me.

02-19-2014, 11:27 PM	#24
theducks Well trained by Cats Posts: 29,799 Karma: 54830978 Join Date: Aug 2009 Location: The Central Coast of California Device: Kobo Libra2,Kobo Aura2v1, K4NT(Fixed: New Bat.), Galaxy Tab A	botnet means an compromised computer becomes a zombie roBOT waiting to rise and perform tasks designated by the creator as a part of a NETwork of these zombies. The computer may wait until there is no user activity, at which time the BOT wakes up and starts doing its task (which may include phone home to get said task and report data collected from a prior task. Not all Malware manifests itself with crappy performance. The well written stuff is near undetectable.

02-20-2014, 09:04 AM	#26
CRussel (he/him/his) Posts: 12,159 Karma: 79742714 Join Date: Jul 2010 Location: Sunshine Coast, BC Device: Oasis (Gen3),Paperwhite (Gen10), Voyage, Paperwhite(orig), Fire HD 8	I never used LiveMesh, but think that SkyDrive/OneDrive is a good solution. And I have an extra 200GB that came with my Surface 2. Not that I'll likely use anywhere near that much cloud storage.

02-20-2014, 10:18 AM	#27
WT Sharpe Bah, humbug! Posts: 39,073 Karma: 157049943 Join Date: Jun 2009 Location: Chesapeake, VA, USA Device: Kindle Oasis, iPad Pro, & a Samsung Galaxy S9.	I use Carbonite for the bulk of my online storage, but I do keep some frequently accessed files in OneDrive (formerly SkyDrive until the name infringement lawsuit) as well as a few in iCloud. Carbonite has been a lifesaver. When my last PC went belly-up, transferring the saved files to the new PC was a breeze. Another plus is the ability to access the files via my iPad. Not so big a plus now that I'm retired and have constant access now to my PC, but it sure came in handy when I was at work and needed a file from my home PC.

02-20-2014, 01:34 PM	#28
CRussel (he/him/his) Posts: 12,159 Karma: 79742714 Join Date: Jul 2010 Location: Sunshine Coast, BC Device: Oasis (Gen3),Paperwhite (Gen10), Voyage, Paperwhite(orig), Fire HD 8	Ah, well, I have a Windows Storage Server Essentials box here, doing all my client backup. And I have remote access through Remote Web Workplace on my SBS, or access to the OneDrive files remotely from both my iPhone and my Kindle FireHD. I'm now mirroring my Calibre up to my OneDrive, for example. (Oh, and I just got an offer for 20 GB of free space on OneDrive if anyone needs it. PM me with an email addy.) When I think of what it used to take to get this level of access in the old days...

Advert

Advert