Malware got you down?

Malware + Virus problems? Try System Restore for Mal/VB-AGH

Submitted by manilatop10 on February 17th, 2013 – Flag this news as inappropriate
Category: Tech

30 minutes was all that I let a guest use a computer that I have and a simple download for games using a few sites, that they did, including All Games Home .com www.allgameshome.com/ proved to be a problem since when logging in today, Google Chrome was directing to their so called ‘search’ page. I tried to uninstall via managing search engines but to no avail since the ‘x’ to delete was not available. I placed a question on Yahoo Answers where two people said to try using Malwarebytes to restore this Google Redirect Virus and also at the product forums for Google Chrome to see if this was already answered. In addition, there are quite a few well written sites with ‘free’ download tools yet some of the best advice ends up referring to anti-virus software that is for purchase. Could it be they are connected to the whole operation or is the site from Alexandria, Va. a completely separate entity?

What eventually worked was to reboot in Safe Mode and instead of editing registry files, since I’m not a technical wizard, i chose a suitable Restore Point prior to the download from that site. One can scan what other updates will be affected prior to choosing this option. In my case, it was only going to be a JAVA update and some other security updates, which can be re-updated now. Interestingly, one final step, I HOPE, was still needed and that was to eliminate the redirected search engine, that was now available to delete. and it had the more normal ?q=%s looking html link to do that with. I hope this continues to work, since I do not want to pay for any additional firewall or antivirus and Malware protection of removal tools and simply uninstalling programs did not work. Making backups and using +System-Restore is a decent option to check when an unwanted change is made to your computer.

Hope this is helpful + someone can learn from my experience today, Eric.

Image courtesy of Google & techtips4you.com

+Reboot
+SafeMode
+Safe-Mode
+MalwareBytes
+AllGamesHome
+GoogleRedirectVirus
+Google-Redirect-Virus
+Virus-Removal
+VirusRemoval
+MalwareRemoval
+Malware-Removal
+ProductForums
+Product-Forums
+ControlPanel
+Control-Panel
+SystemSecurity
+System-Security
+DeviceManager
+Device-Manager
+HiddenDevices
+Hidden-Devices
+SecurityUpdate
+Security-Update
+WindowsFeatures
+Windows-Features
+DefaultPrograms
+Default-Programs
+DesktopGadgets
+MobileGadgets
+Desktop-Gadgets
+Mobile-Gadgets
+ApplicationManager
+Application-Manager
+NotifcationSettings
+UserAccountControl
+NetworkAccessProtection
+Firewalls
+OmniBox
+SystemRestore
+System-Restore
+RestorePoint
+Restore-Point
+Malware
+Google
+Safe-browsing
+Google-Chrome
+Internet-safety
+Computer-management
+Diagnostics
+Manilatop10
+Yahoo-answers
+YahooAnswers
+GoogleChrome
+Firewalls
+WindowsFirewalls
+Windows-Firewalls
+NetworkAccessProtection
+NotifcationSettings
+UserAccountControl
+Application-Manager
+ApplicationManager
+FakeSearchEngines
+Fake-Search-Engines

via bubblews.com

System Restore might be a good option.

Filed under: computer management, computer security, google chrome, internet search, malware

3rd Party installations …

Google Chrome is detecting Malware from Topic Torch via netseer … Why?

Submitted by manilatop10 on February 04th, 2013 – Flag this news as inappropriate
Category: Tech

I sometimes use other browsers but prefer Google Chrome. In the last hour, when visiting three sites, I received the following message:

“Content from topictorch.netseer.com, a known malware distributor, has been inserted into this web page,” and it went on to state that “Visiting this page now is very likely to infect your computer with malware.” The warning also describes Malware as “malicious software that causes things like identity theft, financial loss, and permanent file deletion.”

Now then, from my writings on Knoji, I know that Google has a +Safe-browsing-diagnostic site and here is the link for that to checking on Tumblr which was one of the sites that is still alerting me: www.google.com/safebrowsing/diagnostic?site=www.tumblr.com and it shows 26 “scripting exploits.” yet 4 other sites show no malicious activity but still carry the warning. Have my Malware detection settings changed or has Google’s?

Here is the Google forum for this topic where we can learn what is the developments for productforums.google.com/forum/#!search/$20topictorch.netseer.com
the flagging of topictorch. I just wanted to get this out for now and I see no warning at the diagnostic for bubblews.

Here is a question from a Level 1 with a reply from a Level 11 from the forum:

“Feb 4 (8 hours ago)

agatha sibaLevel 1 is it safe to disable the protection?

Feb 4 (8 hours ago)

Redleg x3Level 11 Absolutely not! You don’t want to end up with a hacked computer. Just wait until things get cleaned up and the warnings removed.”

www.google.com/safebrowsing/diagnostic?site=netseer.com shows the following which is all quoted/copied from the returned check:

“What happened when Google visited this site?
Of the 16 pages we tested on the site over the past 90 days, 5 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-02-04, and the last time suspicious content was found on this site was on 2013-02-04.
This site was hosted on 6 network(s) including AS14618 (AMAZON), AS31988 (ARISTEIA), AS16509 (AMAZON).”

Google tips and information on Malware can be read here: www.google.com/goodtoknow/online-safety/malware/?hl=en-US

additional links I cannot safely reach; will have to read more now, Eric news.slashdot.org/story/10/09/03/1617248/new-malware-imitates-browser-warning-pages

UPDATE: From Chris, au.answers.yahoo.com/activity?show=OzBFFTYjaa meaning I may have been subject to an installation on my pc, so sorry for the alarm/alert if this is the case, Eric.
“If using chrome, go to the top right and click settings, then extensions, then uninstall yontoo (i had no idea what it was or how it got there) and everything works fine!”

Yes, sorry for the alert.

” Yontoo 1.0.3 Add Yontoo to your web experience. Allow in incognito Allow access to file URLs Enabled Installed by a third party.”
It is going into the Rubbish bin now…

Moral of this story perhaps, if someone installs a program on a PC, best to keep tabs. Will delete fully via the Control Panel. End of story. preview.tinyurl.com/b9fjk5s

+Malware +Google +Safe-browsing +Google-Chrome +Internet-safety +Computer-management +Tech

via bubblews.com

When we spread Malware, not good!

Filed under: bubblews, computer security, forums, google chrome, malware, safe browsing, website warnings