Trouble

[Roger Long]

My computer has been brought to its knees by a nasty virus so you probably won't hear much from me for a while. I'm getting this out through a work around and ignoring the pop-ups that make if virtually unusable.

Do some Google research on AV Security Essentials. It will probably get you at some point. It punches effortlessly through any security software and takes hours to eliminate. I just spent a whole day on it and it came right back. I got it from a link on a very respectable site, I saw the infected pdf window flash (pdf isn't used on this site) for a second. It's like getting AIDS from your wife, nothing is safe. Since I depend on the computer now for better weather, tide, and waterway information than I can get on the radio, I've got to stop looking any anything on the Internet, no Facebook, no CBS news, no blogs, nothing except the absolute essentials.

Working around the virus is too difficult and aggravating to let me keep posting so you probably won't here from me again until I get somewhere that I can have the computer worked on by someone who knows more about it than I do, and, I know a lot about these things. I spent a full day working on it and it came right back again.

I've left Saint Marys and am anchored off Cumberland Island. I'm going to be moving north a little faster than I planned, as fast as the weather permits, because of some family things that have come up.

 

[Joe A]

Can you use system restore?

Roger, I've been very successful using system restore to correct these symptoms on my kid's computer in the past. As I'm typing this I realize that you're probably not going to see it.

 

[sinnettc]

Re: Can you use system restore?

These things are to the point now where what you see is only the tip of the iceberg. We pretty much wipe anything that gets them now and do a rebuild because we can't be sure we'll get it all or that there's not a rootkit there.

 

[Dave602]

I agree with sinnettc. Our work computers get a reload. The rootkits out there now are almost impossible to get rid of and the average home user will never get it all. These programs morph and move themselves all over the hard drive. We have scanned systems with 5 different virus programs and still not gotten it. We have had two in the last week that were new and no protection or firewall stopped them.

 

[Kettlewell]

I wish he had told us which "very respectable site" he picked it up from. Would be nice to know.

 

[Dave602]

Our number one offender is facebook. Peoples accounts get hacked and post notices to click on and people just have to see the video or see the answer to a question about you and they get hosed. We've had to block it out of our system

 

[doehunter]

OOOOOKKKKKK????
This leaves me wondering if I have stuff and just don't know it.
I'm on a computer all day long at work. We just use AVG for this stuff.
Some of that time is spent at only "work safe" web sites.
My home computer I use AVG free.
I'm not really careful at all. I go anywhere I want. ( I don't use I.E. though. only Firefox)
I haven't had to deal with a virus in a few years now.
So could they be there, and hiding? AVG scans never show anything
Jim

 

[Kettlewell]

FYI: He is talking about a virus called AV Security Essentials, not the AVG software that some have to prevent this type of attack. Still wish he had said where he got it so we could avoid the place, if he knows. This is a description from one website:

What this infection does:

AV Security Essentials is a rogue anti-spyware program from Rogue.VirusDoctor family. This infection is promoted through web sites that show advertisements that pretend to be online anti-malware scanners. These scanners will then pretend to scan your computer, and when finished, will state that your computer is infected and that you need to download and install AV Security Essentials to protect yourself. The truth is that these online scanners are all fake and are only an advertisement. They have no way of knowing what is running on your computer.

Once AV Security Essentials is installed on your computer it will be configured to start automatically. It will also create numerous files that will be detected by the program as malware. Some of the files that are created are:

%UserProfile%\Recent\cb.drv
%UserProfile%\Recent\cid.exe
%UserProfile%\Recent\CLSV.drv
%UserProfile%\Recent\CLSV.sys
%UserProfile%\Recent\energy.tmp
%UserProfile%\Recent\exec.dll
%UserProfile%\Recent\exec.drv
%UserProfile%\Recent\exec.sys
%UserProfile%\Recent\fix.dll
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\PE.sys
%UserProfile%\Recent\SM.drv
%UserProfile%\Recent\tempdoc.tmp
When the program scans your computer it will detect the files it created and state that they are infections. It will then prompt you to remove the files, but will not allow you to do so until you first purchase the program. This is a scam as the files are all harmless and are created by the AV Security Essentials program in the first place. Therefore, please ignore any of the scan results this program displays.

 

[MrUnix]

The windoze plague is a never ending battle.. a self-destructing operating system full of holes and when it comes to viruses, it is a game of catch-up and always will be. I'm amazed people put up with it. There are alternatives



Cheers,
Brad

 

[Kettlewell]

Yep, I recently switched to Ubuntu (Linux) and am super happy with it. So far I find most of the programs far superior to the similar Windoze programs, and almost always they are totally free.

 

[JoeWhite]

My solution to virus was to keep a back-up copy of the hard disk. You can copy bit-by-bit all the data that is on your current hard disk. It is called a mirror image. I use Ghost Disk copy. I will be happy to mail you a copy of it. The program is on a Floppy disk - so you have to have a floppy disk drive and IDE0 and IDE1 port. Email me if you would like more info. It is free.

 

[Roger Long]

Still wish he had said where he got it so we could avoid the place, if he knows.

I'm back in a limited way.

I didn't identify the site because I'm not sure it was the site itself. I clicked a Facebook link. Looking back at it, the Icon for the site I click through to often looks slightly different, like it was from a screen shot grab. It's very easy in Facebook for someone to make a post that looks like it comes from someone else, complete with their icon, and put a virus in it. Facebook is too busy figuring out ways to bypass your privacy settings (or get you to) and pump your information to marketers to worry much about security.

The basic rule I have learned is to NEVER click any link in Facebook that takes you outside their system. Clicking your friend's pictures to enlarge them and clicking to their page is OK, maybe. Just don't ever click any apps or links to articles on other sites. If you really want to see something they are bringing to your attention, Google it and go to the site directly so you are not going through a Facebook link that could be spoofed.

The AV scareware is far from harmless. It will pop up every time you try to run any program. After I removed it, a day long process, my computer would only start in Safe Mode. My Anti Virus software was so damaged that I had to uninstall it. You don't lose any data but the computer becomes pretty much unusable.

I've removed a lot of viruses for myself and friends but I couldn't recover from this one. I had to have my computer guy send remote control software and he did it from Maine. I watched and the process was way, way, beyond what I've ever had to do, both in tools and technique.

I'll try to get back to talking about cruising when my fingers recover from all the computer work. Most of a day in St. Mary's driving the keyboard and then I anchored after lunch today and have been at it non-stop for about six hours. I think everything is back to normal.

 

[kloudie1]

Glad ya got it cleaned up, Roger.. I would miss your postings !!

 

[sinnettc]

Even though your guy worked it over I wouldn't do any online banking or credit card purchases with it, Roger. And when you get home wipe it and start clean.

 

[Jimm]

Good news Roger - glad you're back on line! My computer crashed a few weeks ago and spent a similar day with my IT guy running me remotely -- not a fun time :-(

 

[sea_casper]

Local computer geeks (small business computer support & radio call-in show) recommend Microsoft Security Essentials, it's free. I changed from AVG Free, and have no complaints.
It has warned as I clicked on a site that it is a no-no.

 

[Roger Long]

recommend Microsoft Security Essentials

That's what I was using on the advice of my guy. AV Security Essentials punched right through it.

I've now signed up for his remotely managed maintenance and anti-virus. He'll push updates for all software on my computer to me as well as virus definitions for a very sophisticated anti-virus program that he can run from Portland. It's $120 a year but any virus clean up is free, sort of like insurance. Well worth it after what I went through.

The only downside is that the computer not takes about 10 minutes to start and be fully functional instead of 1-2. I guess that's just the price of security.

Since I've gotten addicted to doppler radar and the much more detailed weather and tide reports available on the Internet, I really don't want to be without the computer.

Later update: The slow starting was just because of all the deep scanning going on initially. Computer starts a bit more slowly now but not enough to be any aggravation.

 

[Jimm]

Gaming challege?

It occurs to me that there’s an opportunity here for a good on-line adventure game – “What will Roger do?’
As I watch your progress using the Spot track and Kettlewell’s Chartbook, check the local weather forecasts and those a couple days ahead of you and factor in your 'event' reports...., it’s fun to guess where you will choose to anchor, and rationalize those guesses – then see how close that comes to your choices. It just needs a mechanism for your followers to keep scored and compete for prizes!

 

[LuzSD]

It occurs to me that there’s an opportunity here for a good on-line adventure game – “What will Roger do?’
As I watch your progress using the Spot track and Kettlewell’s Chartbook, check the local weather forecasts and those a couple days ahead of you and factor in your 'event' reports...., it’s fun to guess where you will choose to anchor, and rationalize those guesses – then see how close that comes to your choices. It just needs a mechanism for your followers to keep scored and compete for prizes!

What a great idea !!!! I am actually working on a business plan of a similar idea using the old model of the 6th grade project that so many do........ I think it's called 'The Oregon Trail" or something close. Teams are chosen and parts are give and wagons are assigned. Each family has x amount of dollars and they stock their wagons and begin the trek across the US. My model will have to do with travel and elderly, but this idea of following Roger as you describe is brilliant. Yacht clubs could get involved and make bets on a large board... the possibilities are endless!

 

[Jimm]

Glad you like the idea!
There are any number of cruisers on the water with Spot trackers - all of which could provide 'game choices' if they chose to particpate. My Spot is on anytime the boat leaves the slip....