Me 21 - Bugs...ZERO!!!

What a rush.

By on February 7, 2013 1:43:35 PM from WinCustomize Forums WinCustomize Forums

Uvah

Join Date 05/2006
+732

 So...here I are....having my first cup of coffee while waiting for my lappy to fire up. No problem.
Recently however I've noticed that the laptop is getting sluggish, very sluggish. More than was usual.
I opened Photoshop and got back into Breeze. I had just finished an update on it last night. So I have
the layer lit up, go to filter\Blur\Gaussian blur and ......BLAM!!....Photoshop freezes and a pop up
happens.It tells me Photoshop Online help cannot open because you are not connected to the net. Fine.
This is not the first time this has happened. I kill it with Task Manager and I thought, done! Nope...
Just the beginning.

     I was connected to the net, in fact I was in the forums waiting for a page to load. I restore FF
and refresh and....How'd that happen!...A new tab opened up. Huh...since when. So I close the tab and
refresh the page again. The same thing happens! A new tab. Uh oh....WTF! Time to see what's up.

     I shut down everything including the LAN. Isolated now from the net I break out my toolkit. First
I open up Advanced System Care. The first salvo. I hit full scan...1 hour and some odd minutes. Now, day
before yesterday I ran ASC and it picked up 37 pieces of malware from my system. I got rid of them real
quick and didn't pay attention where they came from.Today I did. ASC picked up 13 pieces of malware.
OK....its on now!

     I watched and took note. When the scan finished I broke out the big guy. MalwareBytes! I ran a deep
scan and it nailed 7 nasties, two which came from somewhere else. Five of these bugs, Pupagent I think,
came right out of Adobe Photoshop! On both my C drive and D drive where I have Illustrator CS 2 installed.
I deleted them and reboot. I ran ASC a second time and it came back clear. MalwareBytes said the same
thing. Then the quirkiness starts.

     I go into my D drive and start preparing backups. I'm moving my apps Folder to Muse, Drive G on my
external drive. During the move the time remaining, after calculating is finished, is 16 hours. Now...
what takes 16 hours to move. I sat there...should smile, shrug my shoulders or what. Meanwhile it takes
less than a minute to move 2.16 gigs. All the time saying 16 hours. Okay fine, I know my laptop had
slowed down. A reformat will cure that. I had been thinking about it anyway. It is fifteen months old.

     Now I'm in ASC's Uninstaller and I'm looking to bash heads. First up...Adobe. I took out the damn
reader.the PDF that never seems to work right. Next I decided to clean house. Incidently...those other
two bugs...they came from Youget downloader. Number two on my hit list. I ripped that sucker out by
its short hairs. Two down.

    I have/had programs installed that I don't use, Corel because if I pull down more than one guide it
crashes! No use to me. Next came Bryce 7.1. I have uninstalled Bryce before and never had a problem. The
other one I had in mind to get rid of was an old one apptly named Oldbar. It was fun but gawky.I find
Brycve, highlight it...I click on uninstall and BLAM again! Double WTF!!!

    Now I'm pissed!!! Threatfire pops up. "This program is trying to copy itself on multiple parts of
your computer". You're kidding right. I kill the process and ASC is taking a long time to do its job.
Too long so I cancel out. I go on about getting rid of some other programs I don't need and come back
to ASC. Re-open the uninstaller and sic it on Bryce again only this time kill and quarantine the
process. It worked as expected. Process killed, mandatory reboot. Then on to Oldbar.

    I'm on my friends laptop right now while mine sits across from me waiting to see what I'm going to
do. Its isolated from the net after a thorough cleaning out using CCleaner to sweep up the debris.
The system image completed successfully and now I'm going to shut it down. Done. Now to go to
power + Zero. Time to reformat. Be back in a little bit.

33 Replies
Search this post
Subscription Options


Reason for Karma (Optional)
Successfully updated karma reason!
February 7, 2013 1:49:55 PM from WinCustomize Forums WinCustomize Forums

Addendum:

    Power + Zero didn't work. I plugged in my rescue disk. Laptop will not boot into it. Did once before without any problem. Its working not that it isn't its just doing the reformat is proving to be a pain.

Reason for Karma (Optional)
Successfully updated karma reason!
February 7, 2013 6:37:45 PM from WinCustomize Forums WinCustomize Forums

Bucket of water....

Step 1.  Boot laptop.

Step 2.  Place gently into bucket.

Step 3.  Buy new laptop.

Step 4.  Undertake NEVER to use/install ANY form of toolbar...downloader...or Bryce.

Step 5.  Expect to be resoundly humiliated by yrag if/when he sees this....

Reason for Karma (Optional)
Successfully updated karma reason!
February 7, 2013 7:23:18 PM from WinCustomize Forums WinCustomize Forums

How on earth does a person get malware or anything else on their system like that? 

Reason for Karma (Optional)
Successfully updated karma reason!
Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.
February 7, 2013 7:36:22 PM from WinCustomize Forums WinCustomize Forums

Quoting LightStar,
How on earth does a person get malware or anything else on their system like that?

In a word?

Toolbars and downloaders.

 

OK.... 3 words then ....

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 1:39:34 AM from WinCustomize Forums WinCustomize Forums

i cant believe you had so much malware.. im not even going to ASK what places you visit to pick up that shit..

you should be doing malware and advanced system care daily, not just when your pc feels slugish...

15 months is young for a pc, just over a year old.. should still be in beautiful condition....

im guessing you use antivirus.... or hope you do.

im sorry uvah but you need to get more smart when it comes to your pc and the internet.

Try to treat your pc like its the only one you will ever own. and it will thankyou in return by serving you

loyaly.

If this one truly is broken.. you still have the one me and andy gave you, right?

 

my advice would be (if you have an original copy of windows) f2 or f3 or whatever to get into boot registry and change it to boot

from disk, then put the disk in and restart and hope it works.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 5:01:00 AM from WinCustomize Forums WinCustomize Forums

My laptop is fine and so is the Acer. Whar I want to know os two things. One...when Malware bytes isolated the bugs it listed where they came from. How did they get into Photoshop. The downloader I can understand but not Adobe. I've used PS for years and never had this problem before and no...I don't have any toolbars installed. I learned that lesson a long time ago. Two: Why didn't my antivirus nail them before they got on my machine? I have ASC Pro and that should have stopped them dead, Threatfire too. And Kitty...you're right about running scans daily. I usually do it every other or third day. At any rate the non crisis is past. One thing I will do though is keep PS off the net. The first time I encountered that problem with the popup was with PS 7 only it didn't freeze up. The next time it happened was with CS 6 trial version beta. That I reported to Adobe. It happened again with the release of  CS 6 after the beta was finished. It froze that time too but never gave me problem afterwards. I think that somehow, and this is what leads me to believe this is that two of the bugs were called back doors and another two misleading, something got into Adobe's download manager which I got rid of. The youget downloader I tried after having problems with youtube which I no longer use for dl'ing. I use that to convert video's from one format to another. That works as advertised. One more thing. I've since installed the htpp to https app on my machine, before all this took place. Could that have anything to do with it?

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 5:14:37 AM from WinCustomize Forums WinCustomize Forums

you should also have a look at your version of Photoshop.

in that "CS2" thread you said you would be running the (ancient) version 7. i am not even sure this old version would work under Windows 7, and the icon in your taskbar says Photoshop CS6. hope you got whatever version you are running from a legitimate source.

 edit: just saw you got the trial version as well. ok, that's not the reason then.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 5:23:33 AM from WinCustomize Forums WinCustomize Forums

Quoting Uvah,
I've since installed the htpp to https app on my machine, before all this took place. Could that have anything to do with it?

 

if you are talking about HTTPS Everywhere, and you got it from the EFF website: https://www.eff.org/https-everywhere then no.

if it is "some app", that you got from a download portal, then yes.

always get your software from the original website. as soon as you use some third party sites, there is a good chance for goodies to be wrapped in the installer.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 6:51:09 AM from WinCustomize Forums WinCustomize Forums

Quoting Uvah,
I don't have any toolbars installed.

You referred to 'Oldbar'.

Windows doesn't actually NEED an 'Advanced System Care' or any other panic-ware.  It runs just fine on its own.

If you need to run a scan with your AV it is God's way of telling you you are too late.

You need something a little more pre-emptive....something that separates the 'idiot' from the 'user'...so you don't always have an Eye Dee Ten Tee crisis.

Anything....that's ANYTHING [for the deaf] that calls itself a 'downloader' is bad....except at least it is honest.  While you download your porn you also get a quaint backdoor inserted where the sun doesn't shine.

Of course, the ONLY reason I say keep away from Bryce is the reality that about one or three people  ONTHEPLANET actually know how to use it.

Properly.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 8:10:27 AM from WinCustomize Forums WinCustomize Forums

Can I make a suggestion for web browsing Ross?  First, use Firefox, and second you should install an addon called Web of Trust. From then on if you access a site and get a warning from Web of Trust, leave immediately! These would be sites marked by other users as not trustable for one reason or another.  Although there had been mistakes made, (users submitting false reports), those seem to have been cleared up now and the addon works very well.

As far as malware and stuff, I never use any of those malware programs. All I use is Microsoft Security Essentials (MSE) and an older program called HiJackThis, which tells you what is running on your PC in the background and allows you to control (mark as OK or remove it). I also have a secure hardware, and run the standard Windows firewall also. I clean my registry daily, check my background programs daily, and make sure MSE is updated at least daily. I always keep current on Windows and all other product updates also.

Of course, this all depends on what type of software you install (source of) and what web sites you visit too. You have to be extremely careful in that regard.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 8:13:10 AM from WinCustomize Forums WinCustomize Forums

Uvah did you run the scan in safe mode as Admin ?
Download Malwarebytes then update it- disconnect your laptop from the net and restart the system, boot into safemode.
I had an equal problem with a friends PC he had the modified ( updated ) GEMA trojan on his PC and 2 other infections.
We ended up cleaning the problem but it only worked in safemode with Malwarebytes.
So here is what i did..
(What you could try is disabling all emulation software that emulates CD-DVD roms if you have any) since these are highly likely to expand the time of the scan for rootkits and others. there was a small tool that did exactly that dont rememeber the name atm.
After that the full MB scan as Admin.


Another thing many dont know 
If you try and make a backup of your disk that is infected... never NEVER! go and copy things that have .exe .msi .pif .bat .com these can be directly executed by the system.

AND then there is the indirect executeables most will just copy over like .html .htm
 .js .msc .doc* .doc .ins too many to name but you get the idea you can google for a list of indirect executables.
AND NO do not just save possibly infected shit.. you will have to scan each and every .doc or file that is an indirect exe first and not only via Antivirus/malware scanner from a clean rig it is recommended to make a online scan like virustotal and check each file for its own.
Sounds like a lot of work and it IS but better be safe than sorry...



Quoting LightStar,


As far as malware and stuff, I never use any of those malware programs. All I use is Microsoft Security Essentials (MSE) and an older program called HiJackThis, which tells you what is running on your PC in the background and allows you to control (mark as OK or remove it). I also have a secure hardware, and run the standard Windows firewall also. I clean my registry daily, check my background programs daily, and make sure MSE is updated at least daily. I always keep current on Windows and all other product updates also.

Of course, this all depends on what type of software you install (source of) and what web sites you visit too. You have to be extremely careful in that regard.
Quoting LightStar,
Can I make a suggestion for web browsing Ross?  First, use Firefox, and second you should install an addon called Web of Trust. From then on if you access a site and get a warning from Web of Trust, leave immediately! These would be sites marked by other users as not trustable for one reason or another.  Although there had been mistakes made, (users submitting false reports), those seem to have been cleared up now and the addon works very well.

All good but i dont trust MSE... since we tested it. Updated i could extract and launch an infected file that was clearly a Virus without any warning what so ever it just didnt wanted to report it, on the other PC it did strangely( equal PC hardware same OS same drivers same everything ) since that day i can only laugh about it.
But anyway... You run what you like right
Hijack this is pretty old and was replaces by OTL - OTLlogfile by Oldtimer it does the same but has more options.
I like the rest with the trust thingy you mentioned i have that included in my AV and i run chrome.


 

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 9:35:43 AM from WinCustomize Forums WinCustomize Forums

Quoting Jafo,
that about one or three people ONTHEPLANET actually know how to use it. Properly.

Okay.......I played with it little bit but haven't in quite some time so it went.

Quoting LightStar,
use Firefox

I have from day one. I had Chrome and Lunascape and had used both during that time. They're gone too. FF version is 18.02

Quoting LightStar,
All I use is Microsoft Security Essentials

again...from day one.

Quoting moshi,
got it from the EFF website

Yup

And I know which sites to stay away from. I once used Bing to search for Photoshop tuts. ASC puts a blue checkmark next to safe sites and no checkmark next to others that are questionable. I hovered over one without the checkmark and ASC said don't go there, it can put malware on your system. I didn't go there. I'm usually very careful about where I go which is why I installed HTPPS everywhere. But its clean now and running nicely.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 9:38:40 AM from WinCustomize Forums WinCustomize Forums

Oh and one more thing. On any of my machines you will never see porn in any way shape or form! Just for the record.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 10:20:26 AM from WinCustomize Forums WinCustomize Forums

Quoting Vampothika,
you should be doing malware and advanced system care daily, not just when your pc feels slugish...

Overkill. Once a month will suffice.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 10:23:26 AM from WinCustomize Forums WinCustomize Forums

Quoting Uvah,
Oh and one more thing. On any of my machines you will never see porn in any way shape or form! Just for the record.

I heard tell there was actually someone who claimed that.....

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 10:27:49 AM from WinCustomize Forums WinCustomize Forums

Quoting Uvah,
Oh and one more thing. On any of my machines you will never see porn in any way shape or form! Just for the record.

You just watch it on the net, not ON your PC...lol...just kidding Uvah.  

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 10:33:33 AM from WinCustomize Forums WinCustomize Forums

Quoting Uvah,
I once used Bing to search for Photoshop tuts. ASC puts a blue checkmark next to safe sites and no checkmark next to others that are questionable. I hovered over one without the checkmark and ASC said don't go there, it can put malware on your system. I didn't go there. I'm usually very careful about where I go which is why I installed HTPPS everywhere. But its clean now and running nicely.

 

Bing finds malware sites when you are looking for Photoshop tutorials? wow, hard to believe Bing is that bad. use Google then.

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 10:36:16 AM from WinCustomize Forums WinCustomize Forums

Just FYI, I never run a scan unless my machine "tells" me it needs one by acting wonky.

I use IE9, ZERO addons. ZERO Toolbars.

I have an A/V installed, it does it's job pretty well.

 

My personal opinion is that your downloading and installing habits is what needs to be watched.

 

I don't want any third party software "restricting" where I go and what I do. I rely on my own experience to govern that. Serves me pretty well.

I don't want any "blockers" blocking me from doing what I want to do. Some apps block things that are ok. I hate those. I trust me.

 

Just my 2 cents.

 

Reason for Karma (Optional)
Successfully updated karma reason!
February 8, 2013 11:42:36 AM from WinCustomize Forums WinCustomize Forums

Quoting kona0197,

Quoting Vampothika, reply 5you should be doing malware and advanced system care daily, not just when your pc feels slugish...

Overkill. Once a month will suffice.

No you should do it everyday if not activate a background scan that will be enabled when the system becomes idle unless you still work with a dial up modem and go into the www once a month isnt enough

Reason for Karma (Optional)
Successfully updated karma reason!
February 9, 2013 1:13:50 AM from WinCustomize Forums WinCustomize Forums

Whatever. Scanning everyday is overkill. Seriously. I only scan once a month with Malwarebytes and I come up clean. Why would I need to do it everyday? Waste of time and resources. I watch were I go on the net and what I download. So I don't really worry about malware.

Reason for Karma (Optional)
Successfully updated karma reason!
February 9, 2013 5:10:02 AM from WinCustomize Forums WinCustomize Forums

Here's one....yesterday I visited only two sited, here and yahoo. In yahoo mail I delete everything in my spam folder automatically, the inbox I look over the list and if there's any I don't know or am not interested in they get deleted. Then I delete them a second time from trash. Yet I ran ASC and it picked up 6 more pieces of malware. Two sites only! I'm 99.9 % sure none came from WC. So now yahoo is suspect. Last night around 11 I logged off of WC. At 4:30 am I logged back in.  I'm not going anywhere else...yet. Process of elimination. This popped up while I was typing. Waiting for Photobucket to load. In the meantime I'm running another scan with ASC and already it picked up five more. Bear in mind I haven't gone anywhere yet. Trying to get to photobucket but the connection keeps resetting. Talk about frustration! I took a screenshot of the popup from Threatfire. This is bullshit! Three times after signing in to photobucket the connection reset and now won't load the page. Bet the same thing happens here when I submit my reply.

Reason for Karma (Optional)
Successfully updated karma reason!
February 9, 2013 5:44:16 AM from WinCustomize Forums WinCustomize Forums

you are aware that you should format this computer including the mbr before you ever access the internet again? probably better if you format every computer you own.

Reason for Karma (Optional)
Successfully updated karma reason!
February 9, 2013 5:46:11 AM from WinCustomize Forums WinCustomize Forums

it's not Yahoo, there's likely something running on your system that keeps dowloading all that malware.

Reason for Karma (Optional)
Successfully updated karma reason!
February 9, 2013 6:50:54 AM from WinCustomize Forums WinCustomize Forums

Quoting Uvah,
Here's one....yesterday I visited only two sited, here and yahoo. In yahoo mail I delete everything in my spam folder automatically, the inbox I look over the list and if there's any I don't know or am not interested in they get deleted. Then I delete them a second time from trash. Yet I ran ASC and it picked up 6 more pieces of malware. Two sites only! I'm 99.9 % sure none came from WC. So now yahoo is suspect. Last night around 11 I logged off of WC. At 4:30 am I logged back in. I'm not going anywhere else...yet. Process of elimination. This popped up while I was typing. Waiting for Photobucket to load. In the meantime I'm running another scan with ASC and already it picked up five more. Bear in mind I haven't gone anywhere yet. Trying to get to photobucket but the connection keeps resetting. Talk about frustration! I took a screenshot of the popup from Threatfire. This is bullshit! Three times after signing in to photobucket the connection reset and now won't load the page. Bet the same thing happens here when I submit my reply.

You are already infected...and ASC isn't good enough for you/it.

You could try an online scanner...they tend to help because they are 'outside' of your OS...

Or you can reformat, as moshi suggests...

 

Reason for Karma (Optional)
Successfully updated karma reason!
February 9, 2013 7:33:58 AM from WinCustomize Forums WinCustomize Forums

Quoting kona0197,
Whatever. Scanning everyday is overkill. Seriously. I only scan once a month with Malwarebytes and I come up clean. Why would I need to do it everyday? Waste of time and resources. I watch were I go on the net and what I download. So I don't really worry about malware.

Sounds like you have no email...that you check each day to me. The potential risk from mail alone is so high that i cant trust in a monthly scan of MB but the risk for me is to high to have my data possibly infected by any kind of malware since i send my data to my workplace from this pc. 
Even though im carefull aswell i tend up having risky cookies each day... while their risk is potentialy low but you get the picture i wonder how many of those float around your disk if you only make a MB scan once a month. Note this is no offense about your behaviour on your pc its just a thought you might see into.

The www can be compared to a onenightstand you better use protection each and every time. Doesnt matter what you browse or where or what site even here you could get infected.


 

Reason for Karma (Optional)
Successfully updated karma reason!
Stardock Forums v1.0.0.0    #108433  walnut3   Server Load Time: 00:00:00.0000703   Page Render Time:

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
WinCustomize © 2014 Stardock Corporation. All Rights Reserved.