Posted: 3/27/2011 11:34:06 AM EDT
|
On the advice of many here, I switched to MSE a few months ago and have never had any issues with it. However, today I got hit with the MS Removal Tool malware and MSE totally missed it. I started in Safe mode, ran a MSE scan, and it showed nothing wrong. I finally downloaded Malwarebytes and it cleaned it right up.
So, I'm done with MSE. What antivirus do y'all recommend? |
|
I must be doing it wrong. I use nothing but MSE on my Windows machines (two Windows 7 and two XP SP3), and I hadn't even heard of this "MS Removal Tool malware" until now.
OP, did you run one of those fake "online virus scanners?" Or did the "Removal Tool" just show up out of nowhere? From what I've read, it sounds like you can get it either through doing something dumb, or through not doing anything in particular. Supposedly some websites have ads that can infect your machine with this "Removal Tool" trojan, although I don't understand how that's possible. Malicious Flash maybe? I don't see 99% of advertising, through a combination of an ad-blocking HOSTS file, NoScript, Flash Click to Play, and PeerBlock Just curious how you got it. |
|
Quoted:
I must be doing it wrong. I use nothing but MSE on my Windows machines (two Windows 7 and two XP SP3), and I hadn't even heard of this "MS Removal Tool malware" until now. OP, did you run one of those fake "online virus scanners?" Or did the "Removal Tool" just show up out of nowhere? From what I've read, it sounds like you can get it either through doing something dumb, or through not doing anything in particular. Supposedly some websites have ads that can infect your machine with this "Removal Tool" trojan, although I don't understand how that's possible. Malicious Flash maybe? I don't see 99% of advertising, through a combination of an ad-blocking HOSTS file, NoScript, Flash Click to Play, and PeerBlock Just curious how you got it. I was on dropzone.com and the MS Removal Tool popped up. Looking down at the taskbar, the MSE icon was gone and instead there was a little padlock. My desktop background disappeared and my computer started acting up. Try as I might, I was unable to open MSE to see what was going on. I finally had to start in Safe mode inorder to get MSE to run. I did a complete scan and it said all was good. I downloaded and ran Malwarebytes, which found several problems. Once removed, all was good. |
|
Quoted: Supposedly some websites have ads that can infect your machine with this "Removal Tool" trojan, although I don't understand how that's possible. Malicious Flash maybe? I don't see 99% of advertising, through a combination of an ad-blocking HOSTS file, NoScript, Flash Click to Play, and PeerBlock Just curious how you got it. The only time my home comp has been hit with a virus (and a very nasty one at that) was an exploit through Adobe Reader I belive, and a very particular set of NForce drivers. Once the virus attached to my storage drivers I couldn't do jack shit to get rid of them. I was running Vista without UAC enabled, since then I've enabled on my reinstall as a cya... Virus writers keep finding nice little exploits to go after. |
|
Oops, yeah, turning off UAC can get ya.
Because of stuff like the security hole that bit you, I stopped using Adobe Reader in Windows altogether. Adobe Reader was a bloated, slow pig anyway. These days I use Sumatra PDF in Windows. I don't mind UAC in Windows 7 at all. In fact, I need to look into whether I can have it ask for my password, rather than just clicking "Allow" or "Yes." Entering my password is kind of a PITA, but I'm used to doing it for analogous operations (e.g. anything using sudo) in Linux. It forces me to think about what I'm doing, because it takes longer to type in a password than to mindlessly click. OP, what browser were you using? Wondering whether this MS Removal Tool is yet another Internet Exploder security hole. I visited Dropzone.com briefly (I know, either brave or crazy) and no shenanigans ensued. But I'm running Firefox 3.6.16, and like I said, I have all sorts of extensions running that will defeat 99% of bad stuff. |
|
Quoted: On the advice of many here, I switched to MSE a few months ago and have never had any issues with it. However, today I got hit with the MS Removal Tool malware and MSE totally missed it. I started in Safe mode, ran a MSE scan, and it showed nothing wrong. I finally downloaded Malwarebytes and it cleaned it right up. So, I'm done with MSE. What antivirus do y'all recommend? You mean you got infected? Or the thing popped up and showed you that fake scan BS to try to infect you. Just seeing one of these fake pop up windows is not an infection:  <–– POP UP AD NOT INFECTIONThe infection occurs if you are suckered into installing the "update". The "update" IS the infection. If you treat those just like any other pop up ads, you won't get infected. Get a pop up blocker if you are seeing those. Also, get an ad blocker, use a blocking HOSTS file, and stop using Internet Explorer. And, stop visiting the sites you were visiting. Microsoft Security Essentials is a great compliment to safe computing practices. And it's free. (Yes, you should have Malwarebytes too, but that is focused on some other stuff that MSE won't bother you about, like "ooo scary tracking cookies!"
|
|
Quoted: In fact, I need to look into whether I can have it ask for my password, rather than just clicking "Allow" or "Yes." Entering my password is kind of a PITA, but I'm used to doing it for analogous operations (e.g. anything using sudo) in Linux. It forces me to think about what I'm doing, because it takes longer to type in a password than to mindlessly click. I have 2 users on my computer. I have a regular non administrator user and I enabled the administrator account. (Make sure you create a password if you do!) I use my general user account for 99% of everything I need to do, but if I need to "run as administrator" or if UAC runs, such as installing software that needs admin rights, I get prompted for the administrator password. You don't need an account with Admin privileges for most of the things users use, and, I believe this is what Microsoft was trying to get users to do. This can get annoying with all the JAVA updates, but it keeps the computer much more safe and secure then running as a user with admin privileges. The only thing I really need to use the Administrator account for is installing software as some software can run into problems if not installed using the administrator account, even if the account you are using has admin privileges. I hope this points you in general direction that you want to go. |
|
Quoted:
I run Microsoft Security Essentials, Malwarebytes, and Avast. I can go to the worst sites the net has to offer and I don't worry a bit. Running multiple antivirus programs at once will cause them to conflict with eachother, devour system resources, not make your system any more secure than just running one, and make you look like a retard. |
|
Quoted:
Quoted:
On the advice of many here, I switched to MSE a few months ago and have never had any issues with it. However, today I got hit with the MS Removal Tool malware and MSE totally missed it. I started in Safe mode, ran a MSE scan, and it showed nothing wrong. I finally downloaded Malwarebytes and it cleaned it right up. So, I'm done with MSE. What antivirus do y'all recommend? You mean you got infected? Or the thing popped up and showed you that fake scan BS to try to infect you. Just seeing one of these fake pop up windows is not an infection: http://www.disablemalware.com/wp-content/uploads/2011/03/MS_Removal_Tool-300x224.jpg <–– POP UP AD NOT INFECTION
The infection occurs if you are suckered into installing the "update". The "update" IS the infection. If you treat those just like any other pop up ads, you won't get infected. Get a pop up blocker if you are seeing those. Also, get an ad blocker, use a blocking HOSTS file, and stop using Internet Explorer. And, stop visiting the sites you were visiting. Microsoft Security Essentials is a great compliment to safe computing practices. And it's free. (Yes, you should have Malwarebytes too, but that is focused on some other stuff that MSE won't bother you about, like "ooo scary tracking cookies!" Yep, infected...without installing the "update". As soon as that window popped up, my desktop background was removed, my browser went nuts, the MSE icon disappeared from my taskbar, and I was unable to run MSE at all. |
|
Quoted:
Quoted:
I run Microsoft Security Essentials, Malwarebytes, and Avast. I can go to the worst sites the net has to offer and I don't worry a bit. Running multiple antivirus programs at once will cause them to conflict with eachother, devour system resources, not make your system any more secure than just running one, and make you look like a retard. Running Avast and MSE together does not conflict. And my computer doesn't know how to get bogged down. But thanks for the help. -retard 
|
|
Quoted:
Quoted:
In fact, I need to look into whether I can have it ask for my password, rather than just clicking "Allow" or "Yes." Entering my password is kind of a PITA, but I'm used to doing it for analogous operations (e.g. anything using sudo) in Linux. It forces me to think about what I'm doing, because it takes longer to type in a password than to mindlessly click. I have 2 users on my computer. I have a regular non administrator user and I enabled the administrator account. (Make sure you create a password if you do!) I use my general user account for 99% of everything I need to do, but if I need to "run as administrator" or if UAC runs, such as installing software that needs admin rights, I get prompted for the administrator password. You don't need an account with Admin privileges for most of the things users use, and, I believe this is what Microsoft was trying to get users to do. This can get annoying with all the JAVA updates, but it keeps the computer much more safe and secure then running as a user with admin privileges. The only thing I really need to use the Administrator account for is installing software as some software can run into problems if not installed using the administrator account, even if the account you are using has admin privileges. I hope this points you in general direction that you want to go. I do this as well. +1 |