# NSA Internet Surveillance Program ransomware virus help



## keakar (Jan 27, 2015)

,





> The *NSA Internet Surveillance Program virus will lock you out of your computer and applications*, so whenever you’ll try to log on into your Windows operating system or Safe Mode with Networking, it will display instead a lock screen asking you to pay a non-existing fine of *$300* in the form of a MoneyPak voucher. The malware’s authors prefer these payment services because transactions made through them cannot be reversed and are hard to trace.
> Furthermore, to make this alert seem more authentic, *this virus also has the ability to access your installed webcam*, so that the bogus NSA Internet Surveillance Program notification shows what is happening in the room.
> 
> details on how to try to get rid of it after being infected: http://malwaretips.com/blogs/nsa-internet-surveillance-program-virus/




plus this virus encrypts your windows files so even after you disable and remove it, windows security systems seams unrepairable and I find it takes less time to just reinstall windows since all the complicated directions to re-edit half your registry only to find missing or disabled .dll files still wont let some things work like windows security, task manager, system restore, and  functions that let you look into the registry and repair it.

this is old news to many of you im sure but my question is this, since our government has mandated the back door be left wide open so a truck can drive in and steal your computer, is there a way we can lock this door ourselves? it seams no spyware or anti-virus can detect or stop the NSA virus because it comes in as our government wanting access and is allowed. is there something that can be done to block this security loophole?

I use avast anti-virus and it stops more virus then anything else I ever used so I dont think its just a weak anti-virus thing but this one virus seams immune from detection or being blocked and it seams without fail at least once a year this damn thing finds its way back on my computer and it is frustrating to no end.

can anyone offer a way to block this thing?


----------



## xvi (Jan 27, 2015)

Off the shelf router/firewall and keep up to date on Windows Updates should do the trick for the most part. Also, be careful what you restore from a backup.


----------



## Maban (Jan 27, 2015)

The best way to block it is education. If you can learn to spot malware and take common sense steps to prevent it, then you have the best antivirus there is.


----------



## keakar (Jan 27, 2015)

Maban said:


> The best way to block it is education. If you can learn to spot malware and take common sense steps to prevent it, then you have the best antivirus there is.



the above advice is accurate and well founded for most things and amateurs should head this advice carefully but even this advice would not prevent this type of virus, it gets on your computer through the browser and you click on or open nothing to get it. its not about clicking on a box to open something you don't understand.

I got my last infection opening yahoo mail as an example, another time last year it was when I opened this website, its not like im clicking on a bunch of crap or opening porn or anything. this thing attacks you simply by being online hooked to the internet by a browser


----------



## bubbleawsome (Jan 27, 2015)

Also, to be fair, avast isn't the best. It leave many things undetected and hogs resources. Things like malwarebytes are much better.


----------



## Heaven7 (Jan 27, 2015)

Maban said:


> The best way to block it is education. If you can learn to spot malware and take common sense steps to prevent it, then you have the best antivirus there is.


+1, this malware has been around for so long, everyone should have heard of it by now. Those new "CryptoLocker" variants do a lot more damage though, even if you are educated enough not to pay the "fine"... Your only weapon is a reliable & complete system image, one that you thoroughly checked before making the backup. A windows reinstall should only be your absolute last resort, only recommended if you really don't have even one clean sys image ready. The repair link above says it all, it always works but it can't decrypt your files  I'm very interested in this malware, as it's so common now and I've tried deliberately to let this loose on several of my VMs, even my main OS for testing. It was only possible after I deactivated each and every security measure. keakar, if your Avast! let this through, it is not up to the task! There might also be other reasons, browser configuration or system security settings. A decent AV however should always detect this well-known malware.
As for blocking this thing - Malwarebytes and Spybot S&D both offer "Resident Protection" against malware (Spybot for free, Malwarebytes in their PRO-version), this might help but I haven't tried any of these yet. I do believe it could give you some extra layer of protection, though.


----------



## keakar (Jan 27, 2015)

xvi said:


> Off the shelf router/firewall and keep up to date on Windows Updates should do the trick for the most part. Also, be careful what you restore from a backup.


I have a double router and modem, all with firewalls (that's 3) plus windows firewall (4) and up to date good anti-virus and spyware tools.

I don't think you guys understand what this thing is, it comes in using a designed back door used by law enforcement/NSA to access your computer remotely. its built into windows on purpose and bypasses firewall protections. it was installed in older versions of windows by windows updates
 as mandated by the US government through the 9-11 act where they were granted unlimited access to all US computers and computer systems on demand.


----------



## rtwjunkie (Jan 27, 2015)

It's not his Avast! antivirus.  If it were not up to the task, then I would also have.  Avast! is a very good AV.  It may not be #1, but it's reliable and effective, and uses only a small amount of resources (it's alot less than older versions).  Personally I would say browsing habits will be the primary contributor to not getting this.  It's still pretty rare, because neither I nor anyone I know has gotten it.


----------



## Heaven7 (Jan 27, 2015)

keakar said:


> I don't think you guys understand what this thing is, it comes in using a designed back door used by law enforcement/NSA to access your computer remotely. its built into windows on purpose and bypasses firewall protections. it was installed in older versions of windows by windows updates
> as mandated by the US government through the 9-11 act where they were granted unlimited access to all US computers and computer systems on demand.


You do realize that this a very well-known scam, using anything from government agencies, the police, media copyright holders etc. to make it look legitimate? There are thousands of variants, each of them sharing the same goal: to get your money (or just wreak havoc on your PC). The example in the link you provided is just one of them. If the NSA really were to infiltrate your system, they wouldn't be so stupid as to ask for 300 bucks and prevent your PC from booting. They would do it without you ever knowing...  I for myself don't believe also that any updates will fix this malware (however even Microsoft Security Essentials managed to detect this for me), but I do not think there's any dark conspiracy going on - least I hope so 
@ rtwjunkie: I didn't mean to trash Avast! - Like you mentioned, it's probably lousy security settings in keakar's browser - please tell us more details, keakar, we might be able to help.


----------



## REAYTH (Jan 27, 2015)

Did you check your MBR for a root kit? A properly locked system this should be a non-issue.


----------



## rtwjunkie (Jan 27, 2015)

Heaven7 said:


> @ rtwjunkie: I didn't mean to trash Avast! - Like you mentioned, it's probably lousy security settings in keakar's browser - please tell us more details, keakar, we might be able to help.


 
Not a problem, I didn't take it badly!  I was just adding my viewpoint.  We all have our own based on our experiences or observances.  We have 3 different AV on 3 different computers in the house, so I'm not a complete brandboy!


----------



## Heaven7 (Jan 27, 2015)

REAYTH said:


> Did you check your MBR for a root kit? A properly locked system this should be a non-issue.


This malware doesn't need the MBR. It's just a few registry/autostart entries. Both MBAM and MBAR can easily remove this. Remember, rootkits above anything else, try to remain undetected.


----------



## REAYTH (Jan 27, 2015)

Heaven7 said:


> This malware doesn't need the MBR. It's just a few registry/autostart entries. Both MBAM and MBAR can easily remove this. Remember, rootkits above anything else, try to remain undetected.


He keeps getting re-infected. Something is letting it in OR his system doesn't have a proper AV.


----------



## rtwjunkie (Jan 27, 2015)

REAYTH said:


> He keeps getting re-infected. Something is letting it in OR his system doesn't have a proper AV.


 
If he has System Restore running whatever gets cleaned out is still in there and will reinfect the system.


----------



## Heaven7 (Jan 27, 2015)

rtwjunkie said:


> If he has System Restore running whatever gets cleaned out is still in there and will reinfect the system.


+1! The first thing you should disable! Convenient for small issues, but a lifesaver for malware!  Take the time to do a complete backup (again, check everything's clean), and you should be out of trouble.


----------



## REAYTH (Jan 27, 2015)

rtwjunkie said:


> If he has System Restore running whatever gets cleaned out is still in there and will reinfect the system.


Time for the Umpa Lumpas to do some Low level format dancing.


ALSO system restore points are never a year old. They get recycled.


----------



## keakar (Jan 27, 2015)

REAYTH said:


> He keeps getting re-infected. Something is letting it in OR his system doesn't have a proper AV.


its not as bad as it sounds but I have got it 3 times in the last 5 years and each time its a simple matter to remove it but the corrupted files left behind mean windows is permanently corrupted for "some" fuctions.
most often its task manager wont work or missing boot files but this time with this variant its system restore and security systems wont work



Heaven7 said:


> You do realize that this a very well-known scam, using anything from government agencies, the police, media copyright holders etc. to make it look legitimate? There are thousands of variants, each of them sharing the same goal: to get your money (or just wreak havoc on your PC). The example in the link you provided is just one of them. If the NSA really were to infiltrate your system, they wouldn't be so stupid as to ask for 300 bucks and prevent your PC from booting. They would do it without you ever knowing...  I for myself don't believe also that any updates will fix this malware (however even Microsoft Security Essentials managed to detect this for me), but I do not think there's any dark conspiracy going on - least I hope so
> @ rtwjunkie: I didn't mean to trash Avast! - Like you mentioned, it's probably lousy security settings in keakar's browser - please tell us more details, keakar, we might be able to help.


I probably have the wrong impression what this thing is and how it works but internet posts make it sound unstoppable and there is nothing you can do once you get it.

I guess im just pms'ing over this because you would think even the most basic antivirus or spyware remover would have a way to block this stuff but mainly im mad because I was stupid and forgot to turn on my backup software so im screwed and cant do a backup restore.

as to my setup and situation, call my an novice (that knows better but didn't) I just used default installed settings for windows 7 as installed and the only thing I do is turn off the permission and notification box thing about making changes to the computer so maybe that's my whole problem.

I am mad at myself and feeling stupid because maybe turning that off or just not learning everything I need to do is my problem.

I used to know (mostly learned here at this website years ago) all the settings to go into xp and turn off access and things and such to make the computer secure but I have gotten lazy after win 7 and just used default settings.

ok so lets pick this up at the beginning of a new day then:

if you don't mind lets assume I am starting from scratch (since now I will be after format and reinstall) so please advise on step by step things and settings I need to change after installing *windows 7 home premium 64* *bit* for best security and safety as well as optimum performance.

also

can you advise the best antivirus that is not bloated with extras you don't need?

can you advise the best spyware remover that is not bloated with extras you don't need?

can you advise the best antispyware that is not bloated with extras you don't need?

can you give your opinion on Microsoft essentials, if they are any good or not worth using because other things are better?

basic stuff you would advise a novice what they need to best protect their computer.

please re-educate me on the best ways and things to use to protect my computer.

by the way I use "AOMEI Backupper" as my backup utility and find it very easy and simple to use without being confusing.


----------



## Heaven7 (Jan 27, 2015)

Whoa! This might take some time...  Don't worry, people around here gladly will help you out. Like rtwjunkie said, people will offer you their suggestions based on their experiences - so don't be afraid to get different answers to your questions  I'll try to restrain my brandboy self as best as I can...


----------



## keakar (Jan 27, 2015)

Heaven7 said:


> Whoa! This might take some time...  Don't worry, people around here gladly will help you out. Like rtwjunkie said, people will offer you their suggestions based on their experiences - so don't be afraid to get different answers to your questions  I'll try to restrain my brandboy self as best as I can...


I understand and throw it at me guys, I realize everyone has their favorites so I will take all the suggestions and decide from the most popular choices


----------



## rtwjunkie (Jan 27, 2015)

I'm getting ready to be away from TPU for most of evening, so I'll have to get on this tomorrow.  Hopefully by then you still need some suggestions!


----------



## Heaven7 (Jan 27, 2015)

Ok, so I'm first? Let's go, then.

First off, you should consider buying an SSD for installing your OS, this will make you happy every day. Install Windows 7, check automatic updates - after completion this is the first thing you'll want to do - update.
Next, disable the "remote registry service". Press the Windows key + R, type in "services.msc" and set this service to "disabled". Turning off the "Remote differential compression" under "Programs and Features" -> "Install/uninstall Windows Programs" will enhance speed (it did for me, at least).
Then, disable System Restore an ALL drives (go to the control panel to do so).
Basic installation awareness: Do not opt to participate in any "improvement programs" nor should you allow any automatic "error reporting". ALWAYS check every option you selected. If you are offered a "Custom Install", DO it.
Then you absolutely need to make your browsing more secure! I recommend Firefox, download it and get the following vital add-ons:
AdBlockPlus, Ghostery, HTTPS Everywhere and NoScript. Set it as your default browser and do not use Internet Explorer, if you can.
Get your AV! I personally recommend AVG, their free version is OK, however you really should invest the few extra bucks for the paid Internet Security version. Update it and allow "in the cloud" verification. Then perform a full scan, be careful to enable "scan for PUPs", "enable thorough scanning" and "enhanced set of PUPs" in the advanced options under "Scans".
Malwarebytes Anti-Malware is your friend out there. Install it and don't choose the free PRO-trial, unless you want that extra protection. I can't tell you if this will interfere with your AV, though - never tried it.
Spybot S&D is the second tool of my choice. Download version 1.6.2 (and this version only!), it can "immunize" your hosts-file, blocking the most atrocious & well-known badsites from being accessed. It also is a little more thorough than Malwarebytes, if it can't detect this and that. Set it to scan "all file sets". Forget Microsoft Security Essentials, bottom-of-the-line, IMO. 
Install Priform's "Ccleaner" to rid your system of junk, one of the most popular downloads out there  Check it out!
Set Windows Backup to automatically run (best on an external disk, if available) and let it "include a system image". If you have a blank DVD handy and you don't have an original Win7 disc, use the "Create a system repair disc" feature now. I personally use "DriveImage XML", a wonderful lightweight backup program, should you need an alternative.
After that, install all programs that you need (duh!), the FlashPlayer for your browser should ONLY be downloaded from www.adobe.com ! Don't klick on anything that says "Klick! "Klick me!" "Free offer! "Yu win 5 milion dolarsc!" Be rational and alert while on the internet. You know that, of course.
Run regular scans with your AV and the anti-malware programs, and if you're certain your system is clean, back it up now!
Those are my personal "brandboy" recommendations  I'm sure others may disagree, but you have the advantage of getting a variety of (hopefully) good alternatives. Hang in there, keakar!


----------



## FireFox (Jan 27, 2015)

keakar said:


> ,
> 
> it will display instead a lock screen asking you to pay a non-existing fine of *$300* in the form of a MoneyPak voucher.



It happened to my once, all what i did was Re-install windows.


----------



## Heaven7 (Jan 27, 2015)

Knoxx29 said:


> It happened to my once, all what i did was Re-install windows.


I guess that means you didn't have a reliable backup available, then?


----------



## FireFox (Jan 27, 2015)

Heaven7 said:


> I guess that means you didn't have a reliable backup available, then?


thats right.


----------



## Heaven7 (Jan 27, 2015)

Sorry to hear about it  Hopefully you didn't have to waste too much time getting your system back up again... I've done it many times in the past - nowadays I love a good backup


----------



## FireFox (Jan 27, 2015)

Heaven7 said:


> Sorry to hear about it  Hopefully you didn't have to waste too much time getting your system back up again... I've done it many times in the past - nowadays I love a good backup


nah it doesnt bother me at all a fresh install.
Btw all my datas are in my WHS and extra HDD, with that said if something happend i dont loos anything


----------



## keakar (Jan 27, 2015)

Heaven7 said:


> Ok, so I'm first? Let's go, then.
> 
> First off, you should consider buying an SSD for installing your OS, this will make you happy every day.



sorry about that, I haven't up[dated my system specs since 2009
they are now up to date and accurate


----------



## Heaven7 (Jan 27, 2015)

Knoxx29 said:


> nah it doesnt bother me at all a fresh install.
> Btw all my datas are in my WHS and extra HDD, with that said if something happend i dont loos anything


That would bother me indeed... although a fresh install is recommended once in a while, right? I'm just uncomfortable having 4 weeks of tweaking my systems & programs options on my hands for the sake of one damn piece of malware that got to me... Are those complete system images on your backup devices? Or only data files?
Looking at your avatar, I think you might offer keakar some other AV solution  Is ESET that good? I'm curious 



keakar said:


> ok, sorry about that, I haven't updated my specs since 2009
> they are updated now, hopefully what you said all still applies


Hmm? Can't see any difference... Advice(s) still apply  Man, you need to increase your RAM, if possible!


----------



## FireFox (Jan 27, 2015)

Heaven7 said:


> That would bother me indeed... although a fresh install is recommended once in a while, right? I'm just uncomfortable having 4 weeks of tweaking my systems & programs options on my hands for the sake of one damn piece of malware that got to me... Are those complete system images on your backup devices? Or only data files?
> Looking at your avatar, I think you might offer keakar some other AV solution  Is ESET that good? I'm curious


I do a fresh install every 1 year, I just need 1 hour to tweak my system as was before, are just Data files, I used ESET long time ago and all what I can say that is a very good antivirus, but i use Kaspersky since 2009.


----------



## Heaven7 (Jan 27, 2015)

Sorry, keakar I was a little bit harsh  OK, your RAM is totally OK, thanks for the update


----------



## keakar (Jan 27, 2015)

Heaven7 said:


> Sorry, keakar I was a little bit harsh  OK, your RAM is totally OK, thanks for the update



no its cool, I didn't find it harsh at all because your right, my old outdated and non-updated specs were very outdated for systems we build today. I updated them now to show what I have today


----------



## Heaven7 (Jan 27, 2015)

Blue-Knight said:


> [sarcasm]In NSA you can trust.[/sarcasm]


I'll try my best  Keep that backup handy too!


----------



## Heaven7 (Jan 27, 2015)

keakar said:


> no its cool, I didn't find it harsh at all because your right, my specs were very outdated for systems we build today


Thanks. Hope my advice (or any other) will help you out. Don't worry, you'll have your system running up in perfect condition in no time!  Take care, Heaven7.


----------



## keakar (Jan 27, 2015)

Heaven7 said:


> Ok, so I'm first? Let's go, then.
> 
> First off, you should consider buying an SSD for installing your OS, this will make you happy every day. Install Windows 7, check automatic updates - after completion this is the first thing you'll want to do - update.
> Next, disable the "remote registry service". Press the Windows key + R, type in "services.msc" and set this service to "disabled". Turning off the "Remote differential compression" under "Programs and Features" -> "Install/uninstall Windows Programs" will enhance speed (it did for me, at least).
> ...



from this list of suggestions i can say I already use ccleaner (great stuff).

let me add what I use right now in case anyone sees something they wish to comment on, every day I run these as a regular practice:

superantispyware
registry clean expert (also used to remove all BHO and delete all startup entries except antivirus)
internet options (all options checked for deletion) - windows
disk cleanup - windows
ccleaner

and I got lazy and never run avast unless I think I need to, its pretty darn good at stopping everything and so I rely on its real time monitoring to catch everything before it gets on my computer. once every couple of months I might run a boot scan with it but it has never found anything on my computer that got passed it.

to my knowledge the ONLY thing that ever got past it is this stupid NSA thing and about once every 6 ,months I delete and reinstall it just in case something got to it to change it like some virus will do to hack the antivirus program first



Heaven7 said:


> Thanks. Hope my advice (or any other) will help you out. Don't worry, you'll have your system running up in perfect condition in no time!  Take care, Heaven7.



yep, it just takes time to reload everything.

by the way does anyone know a link to someplace I can get a legitimate windows 7 home premium install disk download that has sp1 built in? I tried creating my own disk one time but got lost trying to follow the directions and all that so the disks I made would never work or even boot. im pretty sure it was this site where some guys made their own versions without the added bloatware and included all the updates to make installs go faster.

I have my own COD and key but I have a first edition windows 7 (pre sp1) so I need like 350 windows updates after installing this thing, im wondering if its worth it to just buy a new version with sp2 built into it if they have one. if not is there any suggestions how to reduce the number of all the updates I need?


----------



## Heaven7 (Jan 27, 2015)

keakar said:


> from this list of suggestions i can say I already use ccleaner (great stuff).
> let me add what I use right now in case anyone sees something they wish to comment on, every day I run these as a regular practice:
> superantispyware
> registry clean expert (also used to remove all BHO and delete all startup entries except antivirus)
> ...


keakar, please tell us what kind of browser you are using! Registry Clean Expert is a great program, I use it too, as an enhancement to Ccleaner. SuperAntispyware is also a good program, so knowing that you use all of these convinces me all the more that the problems you are facing are related to your browser and its settings! Those settings are the most likely to get you into trouble while surfing (and getting "automated" installations of malware). BHO removal is good practice, as is checking autostart entries. However, I use these practices too, and cannot easily get this malware to install itself. Please fill us in on the details


----------



## FireFox (Jan 27, 2015)

keakar said:


> so I need like 350 windows updates after installing this thing,


Well when I do a fresh install i have to install over 250 updates, Windows 7 Professional (Key better not to tell)


----------



## keakar (Jan 27, 2015)

Heaven7 said:


> keakar, please tell us what kind of browser you are using! Registry Clean Expert is a great program, I use it too, as an enhancement to Ccleaner. SuperAntispyware is also a good program, so knowing that you use all of these convinces me all the more that the problems you are facing are related to your browser and its settings! Those settings are the most likely to get you into trouble while surfing (and getting "automated" installations of malware). BHO removal is good practice, as is checking autostart entries. However, I use these practices too, and cannot easily get this malware to install itself. Please fill us in on the details



I am using explorer 11 I think but it is the explorer Microsoft installs automatically

yes I agree with you, whatever it is I am doing wrong, its something to do with "automated" installations of malware when websites open but its not just dubious websites since yahoo mail and techpowerup were places where I opened and got the NSA crap stuff but the other times I could say it may have been related to untrusted websites



> Please fill us in on the details



I don't know what you are asking for or what im not telling you so please ask if you are thinking of something.

I avoided going to firefox because it has issues with stuff a lot of times so I didn't want to switch to something that has issues all the time. I don't know anything about browsers but if getting rid of explorer helps how can I do this? its built into windows and windows installs all the latest versions of it automatically

I use adobe reader and flash players directly downloaded only from adobe itself and I use java 64 bit downloaded straight from sun, windows is set to download and install updates automatically, I have Microsoft office 2003 xp version, and I have 7zip and Paint.net and google earth installed (all direct brand source downloads) and that's about it. I have a few games but have no game stuff like punkbuster or gamespy and I only play in single player modes and never click to allow then access past the firewall.


----------



## FireFox (Jan 27, 2015)

keakar said:


> I am using explorer 11


I hope you are joking, i don't even remember when was the last time I used Explorer, why don't you use a better browser.


----------



## Heaven7 (Jan 27, 2015)

keakar said:


> yep, it just takes time to reload everything.
> by the way does anyone know a link to someplace I can get a legitimate windows 7 home premium boot disk download that has sp1 built in? I tried creating my own disk one time but got lost trying to follow the directions and all that so the disks I made would never work or even boot.
> I have my own COD and key but I have a first edition windows 7 (pre sp1) so I need like 350 windows updates after installing this thing, im wondering if its worth it to just buy a new version with sp2 built into it if they have one. if not is there any suggestions how to reduce the number of all the updates I need?


Windows 7 was released in 2009. Any installation disk you have (from Home Premium to Ultimate) will be a copy of that disc. You may download your version of Windows from Microsoft's website for FREE and then let the update function install SP2 and everything else. There is no need to purchase any "updated" version (I don't think they are legit, for that matter, aside from OEM discs  Yes, it's been a long time since Win7 got released, and that means there's a LOT of updates! Well, there may be updated images floating around the internet, but I'd go the secure way, as described above. Download your version from here: https://answers.microsoft.com/en-us...download/709dcc12-d120-435d-91cd-52e1dd0f4c24
Then enter your key / activate when online and install all the updates. It's the only way to go. You want to try for some shady pre-built SP2-images? Be my guest, but don't complain afterwards  If I can help you in any way, please let me know. In the meantime - good luck.



keakar said:


> I avoided going to firefox because it has issues with stuff a lot of times so I didn't want to switch to something that has issues all the time. I don't know anything about browsers but if getting rid of explorer helps how can I do this? its built into windows and windows installs all the latest versions of it automatically


Like I said, install your alternative browser, make it your DEFAULT browser and give it a try. What issues exactly did you experience with firefox? These may have been related to malware already having infected your system! There are also portable browsers available, that do not need installation. Easy to try as an alternative. Internet Explorer can be removed completely from Win7, although many programs such as Skype (and even gadgets) rely on its functions. My suggestion is to just leave it installed - no problem, but to make Firefox/Chrome/Opera your DEFAULT browser. You can check this if you go to "Control Panel" -> "Default Programs" -> select "Custom" and deny Internet Explorer its rights by removing the checkmark next to "allow access to this program". Done!  Any updates will affect the IE, but will not change your configuration. Give it a try.


----------



## keakar (Jan 27, 2015)

Heaven7 said:


> Windows 7 was released in 2009. Any installation disk you have (from Home Premium to Ultimate) will be a copy of that disc. You may download your version of Windows from Microsoft's website for FREE and then let the update function install SP2 and everything else. There is no need to purchase any "updated" version (I don't think they are legit, for that matter, aside from OEM discs  Yes, it's been a long time since Win7 got released, and that means there's a LOT of updates! Well, there may be updated images floating around the internet, but I'd go the secure way, as described above. Download your version from here: https://answers.microsoft.com/en-us...download/709dcc12-d120-435d-91cd-52e1dd0f4c24
> Then enter your key / activate when online and install all the updates. It's the only way to go. You want to try for some shady pre-built SP2-images? Be my guest, but don't complain afterwards  If I can help you in any way, please let me know. In the meantime - good luck.


no I only want something trusted and legit, a loooong time ago I remember people assembling xp install disks that had sp1, 2 and 3 built in to save time and thought it might be the same for win 7.

just to be clear, are you saying Microsoft has fully updated downloads you can use or it the same as the holodisk I have now? because I have the original and was just hoping to find a shortcut version that already contained sp1 and the updates?

ok, I cant remember what it was but my dad was trying firefox for a while and he kept having issues finding some programs didnt want to work and I guess maybe it was just a learning curve thing or it wasn't set up right. I know some software doesn't want to work on firefox and some acts that way with chrome so my niece has both on her laptop because some of her school software programs just wont on chrome and some just wont run if she doesn't switch to firefox.

so that brings up the question, in order of best choices, what are the recommended browsers for simple basic easy to use secure browsers.

@Knoxx29
no im not kidding, I have been using explorer way back since win xp days and while it wasn't something I loved I never felt the need to search for an alternative.

im like, if its not broke leave it alone kinda guy so out of laziness I just went along with whatever windows gave me. until now

as you guys educate me, I can see there is a lot I need to do better


----------



## Heaven7 (Jan 27, 2015)

keakar said:


> no I only want something trusted and legit, a loooong time ago I remember people assembling xp install disks that had sp1, 2 and 3 built in to save time and thought it might be the same for win 7.
> 
> just to be clear, are you saying Microsoft has fully updated downloads you can use or it the same as the holodisk I have now? because I have the original and was just hoping to find a shortcut version that already contained sp1 and the updates?


No, keakar I recommend you just pop that disc you have into your PC now, install it, activate it using your legit key and then update using the windows function to do so. I also recall those XP days , but I wouldn't take any risks nowadays. Hey, maybe the NSA has an easy Win7 SP4 disc ready for download???  Just kidding  Please give it a try - it will take some time, but at least you'll be safe. "If it's not broke - leave it", well... if it wasn't, you wouldn't be asking for help here, would you?


----------



## keakar (Jan 27, 2015)

Heaven7 said:


> No, keakar I recommend you just pop that disc you have into your PC now, install it, activate it using your legit key and then update using the windows function to do so. I also recall those XP days , but I wouldn't take any risks nowadays. Hey, maybe the NSA has an easy Win7 SP4 disc ready for download???  Just kidding  Please give it a try - it will take some time, but at least you'll be safe. "If it's not broke - leave it", well... if it wasn't, you wouldn't be asking for help here, would you?


yep, I was just hoping there was a shorter way, my internet isn't slow but I recall its like 3 hours of updates after windows is installed. cant imagine if I had a slower non SSD drive trying to do it

since im not going to be using explorer anymore don't I need to turn that off early so im not getting all the explorer update crap? that might save a lot of update time.


----------



## Heaven7 (Jan 28, 2015)

keakar said:


> yep I was just hoping there was a shorter way, my internet isn't slow but I recall its like 3 hours of updates after windows is installed.
> since im not going to be using explorer anymore don't I need to turn that off early so im not getting all the explorer update crap? that might save a lot of update time.


Well... 3 hours of updates are not so bad, no? I recall those old days having a very SLOW connection... 10 hours sound OK?  - I wish I could shorten that period with a SP2 image, perhaps somebody else around here has some suggestions. Beware of shady "ready to go" images though 
Like I mentioned you can uninstall IE completely in Win7 (unlike Vista), however I suggest you leave it enabled in the "background", like the way I described earlier. Windows will happily keep it up-to-date and it will not interfere with your alternative browser. I don't think IE updates are all that common, you shouldn't worry about them. You'll forget it's even there. I'm sure you'll get accustomed to Firefox in no time , any questions will be gladly answered! 

Must have been blind, just spotted the SSD in your specs...  Way to go! Strike suggestion #1 from my advice...


----------



## xvi (Jan 28, 2015)

keakar said:


> but its not just dubious websites since yahoo mail and techpowerup were places where I opened and got the NSA crap stuff (but the other times I could say it may have been related to untrusted websites)


The scam viruses like that remain hidden until they can encrypt all your data and only show their metaphorical cards when they have everything locked down.

Things like this typically get in by either disguising itself as a trojan horse (common of malicious websites or piracy/file-sharing), or by browser exploit from visiting a malicious page. I, personally, highly doubt anyone/anything is using any built-in backdoor wizardry to bypass all your routers and software firewall. This is someone who managed to just barely hobble together a program and figured out some way to trick you into downloading it. If you put a fresh Windows 7 trial machine with all the recent Windows updates installed, turn off the software firewall and did nothing except let it sit idle on a public IP out in the open, I bet the machine wouldn't have a single issue at the end of the 30 day trial. Take that same machine, put it behind a thousand hardware firewalls, and visit ONE malicious website with Internet Explorer, you'll be infected. Why? You went out and requested that content, so the firewall allowed it.

If it's a huge concern and an option, I suggest Linux. Security through obscurity. It's not virus/hack-proof like the typical Linux hype would suggest, but Windows and Mac are usually attacked due to their popularity. If you're spending time to make something to infiltrate the masses, you'll want to go with the largest market share to get the most out of it.
For many, running Windows is non-negotiable. In this case, you just have to throw caution to the wind. Many browsers these days watch for malicious websites and will warn you when it comes across a known one, but the one I think does the best job at it is Google's Chrome. (Well, all of Google's products, actually.)



keakar said:


> can you advise the best antivirus that is not bloated with extras you don't need?


I prefer Malwarebytes Anti-Malware (MBAM). I don't like realtime scanners and only use something like MBAM to scan individual files that I'm suspicious of (or a full scan if I suspect something might have snuck past me). MBAM's pro version unlocks realtime scanning if that's something you'd prefer. For a free scanner that does realtime too, I'm not too sure. AVG Free used to be a good one. Probably isn't a bad option still.


> can you advise the best spyware remover that is not bloated with extras you don't need?


Malwarebytes does both antivirus and antispyware.


> can you advise the best antispyware that is not bloated with extras you don't need?


Same as above.


> can you give your opinion on Microsoft essentials, if they are any good or not worth using because other things are better?


Decently light on resources, catches a good number of malware. Good for a free option, but a common target for viruses to try to disable. Unfortunately, it's so popular, it gets attacked often.


> basic stuff you would advise a novice what they need to best protect their computer.


Always get software from the source, not a third party since they may add malicious things to the installer. Always check reviews. Watch for third-party programs trying to sneak their way in through other installers.


> please re-educate me on the best ways and things to use to protect my computer.


When in doubt, Google it. There's a very good chance someone else has had the exact same issue or question you have.



Blue-Knight said:


> [sarcasm]In NSA you can trust.[/sarcasm]


..and if you lose any of your files, just call them and ask for a copy of the backup.


----------



## Heaven7 (Jan 28, 2015)

All I can do is totally agree! Thanks for the advice, xvi - I always prefer to keep my backups on a reliable, secure NSA server!


----------



## keakar (Jan 28, 2015)

xvi said:


> The scam viruses like that remain hidden until they can encrypt all your data and only show their metaphorical cards when they have everything locked down..



well that does make sense, I hadn't thought about it being a sleeper virus.



Heaven7 said:


> Well... 3 hours of updates are not so bad, no? I recall those old days having a very SLOW connection... 10 hours sound OK?  - I wish I could shorten that period with a SP2 image, perhaps somebody else around here has some suggestions. Beware of shady "ready to go" images though



please don't remind me of those 16 hour reformat and reinstall marathons lol 

and yes im very leary of where I get a service pack or updates download so that's why I wasn't websurfing for them and rather ask here where I expect more trusted advice

ok well I haven't done anything with it yet but maybe tonight or tomorrow, windows is borked up but works, some things take forever or lock up and don't run but I can still get online and websurf. I just figure I would get everything I need to know first because I don't want to install or download things just to have to uninstall and cleanup after removing it because I don't need or want it.

so that's what im doing trying to get pointers on correcting my bad computer setup and protection habits



Heaven7 said:


> My suggestion is to just leave it installed - no problem, but to make Firefox/Chrome/Opera your DEFAULT browser. You can check this if you go to "Control Panel" -> "Default Programs" -> select "Custom" and deny Internet Explorer its rights by removing the checkmark next to "allow access to this program". Done!  Any updates will affect the IE, but will not change your configuration. Give it a try.



but if explorer isn't secure then doesnt just still having it on there leave a window for someone to gain access they cant get through chrome or firefox?



Knoxx29 said:


> Well when I do a fresh install i have to install over 250 updates, Windows 7 Professional (Key better not to tell)


you must have the version that already includes sp1 then, after I get all the updates and then it adds sp1 update, then it tells me it has like 228 more updates after rebooting, then its just like a dozen or so more one or two at a time after that.


----------



## FireFox (Jan 28, 2015)

keakar said:


> you must have the version that already includes sp1 then, after I get all the updates and then it adds sp1 update, then it tells me it has like 228 more updates after rebooting, then its just like a dozen or so more one or two at a time after that.


Been honest i dont even know which version I have, I Downloaded it from Internet, btw it doesn't bother me to install the updates because my Internet is fast enough


----------



## Heaven7 (Jan 28, 2015)

keakar said:


> but if explorer isn't secure then doesnt just still having it on there leave a window for someone to gain access they cant get through chrome or firefox?


Like I said, you can completely remove it, if you like to. In fact, you should do so, as you could always reinstall it through the "Add/Remove Windows Programs" feature, should some application really need it to function. I don't really think IE is a security risk, if you do not use it and it just sleeps within your system, however. It does so on mine, as it cannot be uninstalled in Vista (built into the OS)  However, I don't feel at risk just because it is there.  If you really want to be safe, you could deny IE everything by blocking any internet access for it in your firewall, while using a secure browser with the proper settings enabled.


----------



## keakar (Jan 28, 2015)

ok earlier you said to turn off system restore. why? im not having any opinion on this but just want to know why this is something we should do?

it saves me sometimes when I screw something up, I didn't think it was a security issue is it? or is it an uneccessary resource hog or something?

this is the first time I ever heard anyone say not to allow system restore to work


----------



## Heaven7 (Jan 28, 2015)

keakar said:


> you must have the version that already includes sp1 then, after I get all the updates and then it adds sp1 update, then it tells me it has like 228 more updates after rebooting, then its just like a dozen or so more one or two at a time after that.


Here's some help - since you have internet access at this point, why not try WSUS update? Go to http://download.wsusoffline.net/ and download the "most recent version". Extract the zip-archive, go to folder and start the "update generator". Check your Windows version & the stuff you'd like to be updated. It will download all updates and save them. You could do this now - before you reinstall. Then, after the fresh install, just open the WSUS folder (save it to some other disk / removable media first, duh!), open the "client" folder, run the "UpdateInstaller"and it will update your fresh system to the point it was before! All without having to connect to the internet and suffering from slow speeds  Therefore there's no need for any SP2 discs, even if you should have to reinstall anytime in the future.


----------



## xvi (Jan 28, 2015)

keakar said:


> but if explorer isn't secure then doesnt just still having it on there leave a window for someone to gain access they cant get through chrome or firefox?


Websites that exploit security issues in Internet Explorer can not initiate any transaction. IE isn't listening for anything. It's not even running. It's only when you visit a malicious website that the websites can run exploits.

If, for example, you typo a popular website, let's say instead of cnn.com, you go to cmm.com, if someone has that domain registered, you're telling IE to request the content for that website. IE then does just about anything the source code tells it to do. If whoever programmed that website knows a way to trick IE in to downloading and running something it shouldn't, then that's your problem right there.

If it's a common problem, might as well just throw IE in Red Alert mode and call it a day.


----------



## Heaven7 (Jan 28, 2015)

keakar said:


> ok earlier you said to turn off system restore. why? im not having any opinion on this but just want to know why this is something we should do?
> it saves me sometimes when I screw something up, I didn't think it was a security issue is it? or is it an uneccessary resource hog or something?
> this is the first time I ever heard anyone say not to allow system restore to work


Well, of course it's a great tool to have, should some minor problem arise. However, as mentioned earlier it is far from perfect. You never know if the problem you've encountered is really solved, or just sleeeping...  Forget SysRestore to remove malware, that's why I turned this off a VERY long time ago and rely on backups. Be safe or be SysRestored! 



xvi said:


> If it's a common problem, might as well just throw IE in Red Alert mode and call it a day.


Thanks xvi, I didn't think of that - good practice, but wouldn't this act on a global scale and affect keakar's new alternative browser too?


----------



## xvi (Jan 28, 2015)

Heaven7 said:


> Thanks xvi, I didn't think of that - good practice, but wouldn't this act on a global scale and affect keakar's new alternative browser too?


Basically IE only. I've seen Chrome and Firefox read things like proxy settings off of Internet Options, but it should be independant otherwise.


----------



## Arjai (Jan 28, 2015)

https://www.mywot.com/

https://www.eff.org/privacybadgerhttps://www.eff.org/privacybadger

https://getadblock.com/

For Chrome: https://chrome.google.com/webstore/detail/better-faster-private-bro/ejddjiiombhjiejeclpkoebbepphohen?utm_source=chrome-app-launcher-info-dialog

My 2 cents.


----------



## keakar (Jan 28, 2015)

Heaven7 said:


> Here's some help - since you have internet access at this point, why not try WSUS update? Go to http://download.wsusoffline.net/ and download the "most recent version". Extract the zip-archive, go to folder and start the "update generator". Check your Windows version & the stuff you'd like to be updated. It will download all updates and save them. You could do this now - before you reinstall. Then, after the fresh install, just open the WSUS folder (save it to some other disk / removable media first, duh!), open the "client" folder, run the "UpdateInstaller"and it will update your fresh system to the point it was before! All without having to connect to the internet and suffering from slow speeds  Therefore there's no need for any SP2 discs, even if you should have to reinstall anytime in the future.




yes !!!! that's just what I was looking for, a way to get these updates on disk to speed things along when reinstalling

thank you



xvi said:


> If it's a common problem, might as well just throw IE in Red Alert mode and call it a day.



are you saying it doesn't matter what browser im using if I open the wrong website, even without clicking on anything?



Heaven7 said:


> Thanks xvi, I didn't think of that - good practice, but wouldn't this act on a global scale and affect keakar's new alternative browser too?





xvi said:


> Basically IE only. I've seen Chrome and Firefox read things like proxy settings off of Internet Options, but it should be independant otherwise.



so if im not using IE then the things they do to get in and bork things up don't work on chrome or firefox because its different software?

or does the browser not really matter if I go to the wrong website? im having a heard time following this


----------



## xvi (Jan 28, 2015)

keakar said:


> so if im not using IE then the things they do to get in and bork things up don't work on chrome or firefox because its different software?
> 
> or does the browser not really matter if I go to the wrong website?


Chrome and Firefox are being targeted more these days due to their increasing popularity, but they're generally more secure than IE.


----------



## keakar (Jan 28, 2015)

another question for you guys

no favorite here but,

when i occasionally do side by side testing for things like spybot and superantispyware (I haven't done this in about 2 years) I found it was common for spybot to miss a few things that were flagged by superantispyware but if I ran superantispyware first there was never anything found by spybot so I chose to use that one since I "assumed" it found more so it was beter.

so the question is how many of you do side by side reverse order testing to decide which tools are best and what if anything have you found doing this?



xvi said:


> Chrome and Firefox are being targeted more these days due to their increasing popularity, but they're generally more secure than IE.


please be patient with me here but im not fully understanding if this answered the question.

I assume you are saying that yes chrome or firefox will be able to stop a lot of these nasties if I accidentally go to the wrong website as long as I don't click on anything?


----------



## Arjai (Jan 28, 2015)

https://www.mywot.com/

Web of Trust safeguards you on any of those Browsers. It uses user's input about sites people all over the world have had issues with. It blocks them from downloading and gives you a pop up with the option to disregard, if you trust the site. Once, in a great while, someone will put a bad review on a decent site. You can override it by rating sites, yourself.

I have used it for years. Virus free for all of them! Of course the other programs on my other post help with that, greatly.


----------



## keakar (Jan 28, 2015)

Arjai said:


> https://www.mywot.com/
> 
> Web of Trust safeguards you on any of those Browsers. It uses user's input about sites people all over the world have had issues with. It blocks them from downloading and gives you a pop up with the option to disregard, if you trust the site. Once, in a great while, someone will put a bad review on a decent site. You can override it by rating sites, yourself.
> 
> I have used it for years. Virus free for all of them! Of course the other programs on my other post help with that, greatly.



hmmm, I like the idea but I don't like having to log into it for it to work and it says you have to register to it to get it and use it.

it sounds like its a little more involved then just having something you install that runs on your computer to keep you safe.

I couldnt tell from the website but is there a version of it that doesnt require membership and logging on to it to use it?



xvi said:


> Chrome and Firefox are being targeted more these days due to their increasing popularity, but they're generally more secure than IE.


which of these is easier to use and which is more like IE where I wouldn't have trouble recognizing where things are?


----------



## xvi (Jan 29, 2015)

keakar said:


> which of these is easier to use and which is more like IE where I wouldn't have trouble recognizing where things are?


Probably neither. Between the two, I'd recommend Chrome.


----------



## keakar (Jan 29, 2015)

ok there are always going to be differing opinions on this and that accessary software tools so I have to do some homework on all that but lets concentrate on the OS itself for now.

after installing *windows 7 home premium 64 bit* and fully updating it, what do I do to streamline it to get the least bloated fastest performance from it?

so far if I understand correctly I should:

Disable the "remote registry service". Press the Windows key + R, type in "services.msc" and set this service to "disabled".

Turn off the "Remote differential compression" under "Programs and Features" -> "Install/uninstall Windows Programs"

Then, disable System Restore on ALL drives (go to the control panel to do so).

Do not opt to participate in any "improvement programs" nor should you allow any automatic "error reporting".

*so what else should I do other then this? 

are there any usable ram access edits or anything I should do like xp used to need?*


----------



## erocker (Jan 29, 2015)

Every time there is a double-post, and internet cat dies. 

Please don't double post. Think of the kittens.

It would be much appreciated.

Thank you.


----------



## keakar (Jan 29, 2015)

erocker said:


> Every time there is a double-post, and internet cat dies.
> 
> Please don't double post. Think of the kittens.
> 
> ...


thanks, its hard to catch up sometimes as posts come in while im replying to others


----------



## Schmuckley (Jan 29, 2015)

hey..What sites do you got to other than this one? i wanna get this thing 

Seriously..I tried to find it..

I did an install and made sure IE had ActiveX and everything..never found the "ransomware"
The worst I got was "PC optimizer PRO" or something
It wasn't as easy to get rid of as I thought it would be..
I dled the fake flash and all that..It was pretty interesting.
the fake flash will pop up no matter what site you go to 

Avast is pretty good.
I recommend AVG Free, though.It's the best.
Make sure you get the totally free and only install the antivirus part, though.
Watch out for the shareware.

Get your OS where you want it and back it up

As far as backing up..I do know the best way but you need a bootable USB stick and an older Hiren's boot cd.

or a totally blank hdd and Acronis WD edition.If you have a WD drive, you can get it free here: http://support.wdc.com/product/downloaddetail.asp?swid=119&type=download&lang=en Get OS where you want it and make an image.

I want this thing ..


----------



## R-T-B (Jan 29, 2015)

Schmuckley said:


> hey..What sites do you got to other than this one? i wanna get this thing
> 
> Seriously..I tried to find it..
> 
> ...



Asking any younger person where he goes on the internet is a dangerous business.

I'm not certain he's young granted, just sayin'


----------



## keakar (Jan 29, 2015)

Schmuckley said:


> hey..What sites do you got to other than this one? i wanna get this thing
> 
> Seriously..I tried to find it..
> 
> I want this thing ..



just surf a few porn sites or those game hack sites and im sure you will get in in short order, in my younger days those were good for a nasty virus at least once a month.

ever since i quit going to those places i got lax in my security measures and here i am.

i think averaging one virus every 2-3 years isnt that bad actually since i do look at porn from time to time as everyone does unless they want to lie about it.



R-T-B said:


> Asking any younger person where he goes on the internet is a dangerous business.
> 
> I'm not certain he's young granted, just sayin'



not young at all but not dead yet either lol, im 57.


----------



## R-T-B (Jan 29, 2015)

Heh, fair enough Lol.


----------



## keakar (Jan 29, 2015)

Heaven7 said:


> Here's some help - since you have internet access at this point, why not try WSUS update?



i have a question about this thing, since a lot of windows updates dont show up until after other updates are already installed and a reboot, i will assume this will get me to the sp1 state of updates and then at that time i will have to run it again to find the post sp1 updates that come after it correct?

im just thinking in terms of how windows updates finds things or is that not the way this thing works?

i just finished a windows reinstall with drivers at this minute and about to install my computer utilities but i havent updated anything just yet so im trying to do this thing right. i installed firefox to try it out and that permanently crashed windows and it went belly up on me so i had no choice lol.


----------



## R-T-B (Jan 29, 2015)

Wow, firefox permanently crashed a fresh install?

Sounds like you got more going on than just malware if that is the case.


----------



## keakar (Jan 29, 2015)

R-T-B said:


> Wow, firefox permanently crashed a fresh install?
> 
> Sounds like you got more going on than just malware if that is the case.


no, i was still on the corrupted windows i had before.

i still had use of most things except windows security and repair related tools so i was just delaying the reinstall until i had time to do it this weekend but since it crashed i had to do it now.

as of today im on a fresh new install and since my motherboard cd had chrome on it i just installed that on here. i still havent gotten used to everything.

what is strange is i miss the way you can add the menu, favorites, command bar, and status bar to the web page box info so i created a folder to put my favorites in so i can at least find and use the quick links to all my places i have shortcuts to.


----------



## Heaven7 (Jan 29, 2015)

Arjai said:


> https://www.mywot.com/
> 
> Web of Trust safeguards you on any of those Browsers. It uses user's input about sites people all over the world have had issues with. It blocks them from downloading and gives you a pop up with the option to disregard, if you trust the site. Once, in a great while, someone will put a bad review on a decent site. You can override it by rating sites, yourself.
> I have used it for years. Virus free for all of them! Of course the other programs on my other post help with that, greatly.


Thanks! Overlooked the most important one...  This will help most of all to prevent clicks to badsites!  EDIT: keakar, you don't have to register to use it. Just close that window & you're done.


----------



## xfia (Jan 29, 2015)

if you use firefox gotta get that add block plus  and you can disable it on tpu since its not flooded with annoying stuff


----------



## Heaven7 (Jan 29, 2015)

Schmuckley said:


> hey..What sites do you got to other than this one? i wanna get this thing
> Seriously..I tried to find it..
> I did an install and made sure IE had ActiveX and everything..never found the "ransomware"
> The worst I got was "PC optimizer PRO" or something


You should be glad! Looks like your security settings are OK. Hope you know what you are doing...  I sure won't give out any links to that stuff, there are sites that provide links to known scam sites as a database, but - you'll be on your own there! Be careful. The "optimizer" is rather nasty itself though


----------



## Heaven7 (Jan 29, 2015)

xfia said:


> if you use firefox gotta get that add block plus  and you can disable it on tpu since its not flooded with annoying stuff


This was mentioned earlier. +1, always disabled on TPU...


----------



## Arjai (Jan 29, 2015)

keakar said:


> hmmm, I like the idea but I don't like having to log into it for it to work and it says you have to register to it to get it and use it.
> 
> it sounds like its a little more involved than just having something you install that runs on your computer to keep you safe.
> 
> I couldn't tell from the website but is there a version of it that doesn't require membership and logging on to it to use it?


https://www.mywot.com/en/press/highlights

It is completely safe! It only opens with your browser, quickly and unobtrusively.
I don't understand how an e-mail address and password is too involved? 

Look at the press releases, it is safe and safer for you!! It actually shows a rating on google,Bing, yahoo, etc search results, too. So you know BEFORE you click a link, whether it is a good site, or not!!

I cannot believe you wouldn't want it! Especially if you are surfing pron sites! You brag about "only one virus per 2-3 years."

How about zero viruses since 1991! That's my record, with four different computers and OS's? 98, XP, 7, 8, 8.1, Ubuntu and Mint. 

Went from AVG to Avast to Essentials to Glary and Malwarebytes and CCleaner and now, AdBlock. Just recently downloaded the other two scanners, Ad-Aware and adwcleaner. Turns out they found a couple adwares the others missed.

BTW, having used a number of ad blocker's...AdBlock, link above, is the easiest to set up and the best blocker I have used! 

https://en.wikipedia.org/wiki/AdBlock


----------



## Heaven7 (Jan 29, 2015)

Arjai said:


> How about zero viruses since 1991! That's my record, with four different computers and OS's? 98, XP, 7, 8, 8.1, Ubuntu and Mint.


What can I say about this...   Congratulations! Perhaps because you skipped Vista?


----------



## Arjai (Jan 29, 2015)

Heaven7 said:


> What can I say about this...   Congratulations! Perhaps because you skipped Vista?


After seeing Vista once, at my sister's, for about 20 minutes...I skipped it. In Fact, I held on to 98 until it was no longer capable of opening certain websites. Did the same thing with XP, probably one of the best OS's from Window's! Then 7, another good one!

I bought this Ultrabook, with 8 on it. Hated it for a long while, until 8.1 dropped and I can now boot to desktop! I still think Metro is a joke but, they even improved IT! It is now usable, especially the search computer function! Anyways, Ubuntu and Mint are also fun, although those two computer's are currently in storage.

Despite the Hater's, 8 is really a nice OS. Small footprint and faster than anything before it. I have a year, or so, before I have to make a decision about 10...Haven't really spent any time researching it.

Anyways, WOT is the shizzle. I like to find free movie downloads. Mucho bad sites and WOT steered me clear of ALL of THEM!!

The linkfest on Facebook can be perilous, also. Not with WOT watching my back!! Undoubtedly, the best add on to a browser since bread has been sliced! 

Another site I love, www.lastpass.com


----------



## Heaven7 (Jan 29, 2015)

Arjai said:


> After seeing Vista once, at my sister's, for about 20 minutes...I skipped it. In Fact, I held on to 98 until it was no longer capable of opening certain websites. Did the same thing with XP, probably one of the best OS's from Window's! Then 7, another good one!


Well, I never dreamed I would wind up with Vista as my main OS... Let's just say it's my "man in the middle" for now - for some reasons. I'm running mainly older programs on customized hardware, consumer graphics card combined with ECC-RAM, old DVB-C TV-card and so on. +1 on Win98 and XP - them good ol' days  I use 7 as an alternative OS, and it really is a good one! Consider me one of those Win8 haters, but you're right - nowadays it is looking a lot more promising and usable. Win10? Let's see if they finally get it right this time 
Total agreement here with WOT, nobody should be without it! Could it possibly be already integrated in Win10s new browser??? 
I'm not on facebook and love the "FacebookBlocker"-addon - removes all those pesky, ubiquitous social media buttons flooding websites nowadays.
That must be my slice of bread .


----------



## Arjai (Jan 29, 2015)

Trend Micro, Personal protector, blocks the Twitter and Facebook from loading the crap in the background, and the buttons!  Check it out in extensions on Google Chrome.


----------



## Heaven7 (Jan 29, 2015)

Not using Chrome... does it work with FF as well? As a sidenote: "Personal Protector" (not by TrendMicro) is malware, as correctly identified by WOT


----------



## brandonwh64 (Jan 29, 2015)

we had one of our machine in our control center get this nasty thing by "Looking at football scores" LOL. I got into safe mode before the thing loaded and took it of MSCONFIG list then ran malware bytes and kaspersky corp edition. Got rid of it then did a registry cleaner to get the rest. It was a pain though cause you had to catch the machine before it loaded the program or it would be locked to the point were a hard boot was the only way to get another chance.


----------



## Heaven7 (Jan 29, 2015)

brandonwh64 said:


> we had one of our machine in our control center get this nasty thing by "Looking at football scores" LOL. I got into safe mode before the thing loaded and took it of MSCONFIG list then ran malware bytes and kaspersky corp edition. Got rid of it then did a registry cleaner to get the rest. It was a pain though cause you had to catch the machine before it loaded the program or it would be locked to the point were a hard boot was the only way to get another chance.


Nasty stuff indeed... there is NO way to remove this completely without using safe mode or a boot disc. Some people recommend you log on to another account at startup and go from there, but I don't think this will help at all to remove this stuff completely...
So it's not only porn sites now, but football scores as well???


----------



## revin (Jan 30, 2015)

brandonwh64 said:


> . I got into safe mode before the thing loaded and took it of MSCONFIG list then ran malware bytes and kaspersky corp edition. Got rid of it then did a registry cleaner to get the rest. It was a pain though cause you had to catch the machine before it loaded the program or it would be locked to the point were a hard boot was the only way to get another chance.


 
I actually had this a couple day's ago !! 
Yep Safe Mode, then shut down, cancled when a "waiting for program to close" is actually what was my savior.
You must know ahead of time what processes are usally running !!!!!!!
Went thru Task Mnager looking for odd processess seen a couple, of which 1 was "dll.host" Nope that not supposed to be there.
Anyway took about 4 hours to get it out !
And yes it did come from an Adult site, one that I have used for many years, so never know 

Between Comodo, S&D, MB got it out.Mostly Comodo, then did a Restore, used Spybot and M/Bytes but then Got rid of IE 11 !

Useing IE 10, no issues, so something in IE 11, and it had "Allow Updates" in the About tab, so nope ...............
Using a modded version based on Win 7 Pro, with SP1, and no other updates for few years, first time this slipped thru this set !
I refuse to use IE 11 anymore  
BTW one culprut was a .zog file ????????????!!!!!!!!!!!!!


----------



## Heaven7 (Jan 30, 2015)

revin said:


> I refuse to use IE 11 anymore
> BTW one culprut was a .zog file ????????????!!!!!!!!!!!!!


Never heard of a .zog file...  There must have been some file association to it to let you "install" it...  You perhaps have the "Hide known file extensions" function enabled, right? This is a very welcome gateway for all malware, e.g. "Your paypal order confirmation.pdf.*(zog*)". The .zog-extension will be hidden in this scenario and will readily install this cr@p, should you decide to open it  Also, most of this specific malware is easily recognizable as it commonly uses the Windows Media Player icon, only with different colors. I won't tell you the name of some of those files (18+) , but you get my drift. Like I mentioned way earlier, I'm very interested in this stuff and how it infects user's systems. Also, like I mentioned way earlier - proper security settings and educated browsing habits / safe browsers will make it harder (while certainly not impossible) for that malware to infect your system. EDIT: sorry, of course I meant the extension to be something like "Free mp3 download.zog.*exe* !


----------



## keakar (Jan 30, 2015)

Heaven7 said:


> Thanks! Overlooked the most important one...  This will help most of all to prevent clicks to badsites!  EDIT: keakar, you don't have to register to use it. Just close that window & you're done.


ok thats good to know, it was full of crap you had to register or buy so i was like huh, no thanks this is too invasive.

i will give it more thought



Heaven7 said:


> Never heard of a .zog file...  There must have been some file association to it to let you "install" it...  You perhaps have the "Hide known file extensions" function enabled, right? This is a very welcome gateway for all malware, e.g. "Your paypal order confirmation.pdf.*(zog*)". The .zog-extension will be hidden in this scenario and will readily install this cr@p, should you decide to open it  Also, most of this specific malware is easily recognizable as it commonly uses the Windows Media Player icon, only with different colors. I won't tell you the name of some of those files (18+) , but you get my drift. Like I mentioned way earlier, I'm very interested in this stuff and how it infects user's systems. Also, like I mentioned way earlier - proper security settings and educated browsing habits / safe browsers will make it harder (while certainly not impossible) for that malware to infect your system.



i get a zog popup from avast once in a while at porn sites but it has never got past avast and avast quickly blocks that site completely for me without having to do anything.

i did actually get the zog once last year but it was through a third party site trying to get a download for adobe, at the time they had website issues and their downloads were not working. after i sorted it all out and got genuine adobe downloads i saved them on disk to avoid future issues. its old versions but i tell them to update right off so its all good


----------



## revin (Jan 30, 2015)

brandonwh64 said:


> you had to catch the machine before it loaded the program


 
Bingo, that's the hard part......



Heaven7 said:


> There must have been some file association to it to let you "install" it...  You perhaps have the "Hide known file extensions" function enabled, right? This is a very welcome gateway for all malware,


 Thank you this is Very informative !!!!
I think Google Toolbar has a hole in it also, something was in there also 


 The issue with my occorance was for some reason, it got thru............for what ever reason. 
And your correct, using another Log in wont work, ........unless it has Admin privilages

How would "Windows "Explorer" "Hide known file extensions" function enabled ?  from just the desktop "explorer" process running?

I found the .zog from the dll.host process thru Task Mgr, then used Comodo task search, and it was in an AMD folder first, then in my PS2 folder and it was a bitch to keep up with it to delete it.
 Comodo task search 

There was a couple more things, but first I had Comodo stop all traffic. then started looking at what/where files were trying to call out, so long story short after many times killing process's.
Knowing what is/should be running in task process is what saved my ass, then it was just sluthing to get it stopped.

I will say this, it was the hardest one yet since I started on the www in 1990!
So many may wish to "blame" me for using adult sites ect, thing is I know the risk 
I've gone back to the same site, and nada, so it's hard to say just how it got in TBH 

But using Revo Uninstaller, S&D, M/Byts, and Comodo has worked really well for many years.


----------



## keakar (Jan 30, 2015)

ok guys i have an issues here i need a little help confirming

most of you use and recommend malwarebytes and so i installed it, im not saying its not good but when i run superantispyware after it the super finds all sorts of things left behind by MB.

look at this example today from yesterdays activity

i ran MB first then i ran super and this was found:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/30/2015 at 09:19 AM

Application Version : 6.0.1170
Database Version : 11732

Scan type       : Complete Scan
Total Scan Time : 00:03:13

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 484
Memory threats detected   : 0
Registry items scanned    : 61730
Registry threats detected : 0
File items scanned        : 18351
File threats detected     : 21

Adware.Tracking Cookie
    .interclick.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .interclick.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .interclick.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tribalfusion.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .interclick.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .amazon-adsystem.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .amazon-adsystem.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\KARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

============
End of Log
============


so my question is, can any of you try super and confirm my findings and report back?

maybe MB is better at stopping malware but it seams super is better at removing spyware

for now im just going to keep and run both but seeing the results today, this is the reason i stopped using MB in favor of super years ago, it seamed super did a much better job and made having MB seam useless


----------



## Heaven7 (Jan 30, 2015)

revin said:


> How would "Windows "Explorer" "Hide known file extensions" function enabled ?  from just the desktop "explorer" process running?


It's enabled by default. Big security oversight, IMO. Disabled by unchecking "Hide extensions...." in the "View" tab in Folder Options.


----------



## xvi (Jan 30, 2015)

SuperAntiSpyware is just finding tracking cookies. They're used by the advertising groups to try to figure out which websites you visit. It generally only works for affiliates of that site. Something like the AdBlock extension might help with those. I wouldn't call them harmful and they certainly won't affect the performance of your computer. Most people don't like them because they don't want anyone making money off their browsing habits.

No one anti-malware solution is going to catch everything either.


----------



## Heaven7 (Jan 30, 2015)

keakar said:


> ok guys i have an issues here i need a little help confirming
> most of you use and recommend malwarebytes and so i installed it, im not saying its not good but when i run superantispyware after it the super finds all sorts of things left behind by MB.


xvi beat me to it...  +1, those (rather harmless) cookies are easily removed with Ccleaner, for example. Not MBAM's job to delete cookies, it's searching for malware. And SAS may also miss this & that, it's like xvi said.


----------



## keakar (Jan 30, 2015)

ok, got it. that takes care of the spyware/malware question


as far as windows and making repairs:
if you guys are saying this nasty little nsa/cia/fbi worm gets in and corrupts the registry entries then assuming it has got in and done its thing already so after getting rid of it windows is borked

shouldn't I just make a backup copy of windows registry and attempt a copy and replace all files to fix windows to try and fix it before going all out with a full backup restore of windows or even a reinstall? and where would I find the registry files? I don't see a registry folder in windows


----------



## Heaven7 (Jan 31, 2015)

keakar said:


> ok, got it. that takes care of the spyware/malware question
> as far as windows and making repairs:
> if you guys are saying this nasty little nsa/cia/fbi worm gets in and corrupts the registry entries then assuming it has got in and done its thing already so after getting rid of it windows is borked
> shouldn't I just make a backup copy of windows registry and attempt a copy and replace all files to fix windows to try and fix it before going all out with a full backup restore of windows or even a reinstall? and where would I find the registry files? I don't see a registry folder in windows


This would be the same as relying on System Restore... it will be a half-baked solution. I relied on registry backups in the past, but guess what - didn't work out too well when I really needed them  I'll say it again, a good & clean backup will be far more practical and thorough, a complete reinstall should only be your absolute last resort (if you failed to backup correctly, that is)  Don't let your guard down just to save some time.


----------



## revin (Feb 4, 2015)

Well CRAP, after day's of trying everything, I LOST !
Had to do Format fresh install !!!

1 BIG issue was I caught where it was using differant IP than my modem/router

There ws this "userbenchmark" .dat keep showing up, the it went to trash bin, on he othe drives too.
So did the Shift Delete, but still ha the issue of the IP. Not cool so can'd it !


----------



## keakar (Feb 4, 2015)

revin said:


> Well CRAP, after day's of trying everything, I LOST !
> Had to do Format fresh install !!!
> 
> 1 BIG issue was I caught where it was using differant IP than my modem/router
> ...



revin, sorry to hear that but I kinda was expecting you would end up there.

what I found is if you start up in safe mode you can remove the files from this thing and your computer will still work right for most things but I wouldn't trust it just because it looks like its working ok, you might think you saved it but you will start to notice things in windows not working correctly or not working at all as I think you just found out too.

this thing changes, disables, and deletes registry stuff before you even know its there so you don't know for sure what this thing has done or the changes it already made to your computer by the time you even get to the ransomewhere screen so you should assume as soon as this thing takes over that a reformat and reinstall is going to be needed and the only solution to keep your data safe. the cleanup to get rid of it, in my opinion, is just to get the computer functioning long enough to get in and save your files and back up any data you need.

this is why the guys are rightly giving me grief for not having a backup program ready to restore windows, this is the only option thart saves you from needing a reinstall because it puts "everything" back the way it should be. windows restore cant or wont do this and it is often disabled by this thing anyways.

I really see no way it would be wise to use a computer after its infected by something like this, but to each his own.

try this program for backing up your computer, I find its a good one and one of the easiest to use and best free backup utilities out there.

http://www.backup-utility.com/download.html


----------



## Solaris17 (Feb 4, 2015)

Goddamnit I wish I had seen this earlier. I have removed this stuff alot at work! Im sorry you had to format. That is bad news. in the future. I have made a batch file (yes batch I was feeling academic) that we actually use to "get systems ready" if you will for more targeted repairs. Its not a  fix all but it touches ALOT of things and for the most part pulls a machine out of the grave if you will. Its still on crutches but it most cases it makes it easier to fix. Understand I do not EXPRESS ANY warranty or support. but I do try my best to help people. If anyone is interested here you go. I did spend alot of time on this and while I cant stop everyone id appreciate a credit if you manage to use it elsewhere and modify it out of respect.


----------



## Heaven7 (Feb 4, 2015)

keakar said:


> this thing changes, disables, and deletes registry stuff before you even know its there so you don't know for sure what this thing has done or the changes it already made to your computer by the time you even get to the ransomewhere screen so you should assume as soon as this thing takes over that a reformat and reinstall is going to be needed and the only solution to keep your data safe. the cleanup to get rid of it, in my opinion, is just to get the computer functioning long enough to get in and save your files and back up any data you need.


I agree, just because it seems to be gone it sure doesn't mean this thing is dead. I myself wouldn't touch or save anything after being infected with this however, unless there's no other option. Thanks for the link, keakar - this backup utility looks very promising. I'll have to check it out. Thanks!


Solaris17 said:


> Goddamnit I wish I had seen this earlier. I have removed this stuff alot at work! Im sorry you had to format. That is bad news. in the future. I have made a batch file (yes batch I was feeling academic) that we actually use to "get systems ready" if you will for more targeted repairs. Its not a  fix all but it touches ALOT of things and for the most part pulls a machine out of the grave if you will. Its still on crutches but it most cases it makes it easier to fix. Understand I do not EXPRESS ANY warranty or support. but I do try my best to help people. If anyone is interested here you go. I did spend alot of time on this and while I cant stop everyone id appreciate a credit if you manage to use it elsewhere and modify it out of respect.


It looks very interesting... sure took a lot of time. I'll give ATLAS a try on an infected system & will tell you how it worked for me. 
EDIT: Did that, cannot be run in Safe Mode - so, in a real emergency it sadly is useless.


----------



## keakar (Feb 4, 2015)

Heaven7 said:


> I agree, just because it seems to be gone it sure doesn't mean this thing is dead. I myself wouldn't touch or save anything after being infected with this however, unless there's no other option. Thanks for the link, keakar - this backup utility looks very promising. I'll have to check it out. Thanks!



by "save your stuff" I meant just your basic documents only like word and excel files, maybe pictures and maybe your desktop shortcuts and your favorites links but that's it,  I would never save anything software related


----------



## Heaven7 (Feb 4, 2015)

Yep, I knew you wouldn't. You know your way around this whole problem now, that's for sure  Hope your system will be safe from harm now...  Glad to hear about it  !


----------



## keakar (Feb 4, 2015)

Heaven7 said:


> Yep, I knew you wouldn't. You know your way around this whole problem now, that's for sure  Hope your system will be safe from harm now...  Glad to hear about it  !


I just got very lazy, that's all. as you can see, I had the backup utility, I just didn't use it, and so I paid the price for it.

its been so long since I had virus and I selected a handful of porn sites I feel "safer" at then most (if there is such a thing) so other then pesky spyware I had no threats to deal with in years.

it just pisses me off to no end that this virus is so well know yet the basic protection tools cant stop it if you open a website where its lurking at.

its like a websites own version of spyware that even if they get rid of it can still show up anywhere at anytime and I would think in todays world old threats like this wouldn't be able to get passed even the most mundain spyware blockers.

that's the part that chaps my ass the most is it should have been relegated to no longer having a chance to even get on your computer by todays most basic protection software


----------



## Heaven7 (Feb 5, 2015)

keakar said:


> I just got very lazy, that's all. as you can see, I had the backup utility, I just didn't use it, and so I paid the price for it.
> its been so long since I had virus and I selected a handful of porn sites I feel "safer" at then most (if there is such a thing) so other then pesky spyware I had no threats to deal with in years.
> it just pisses me off to no end that this virus is so well know yet the basic protection tools cant stop it if you open a website where its lurking at.


Basic protection (i.e. on a newly bought computer) is no match for this kind of malware. You'll have to rely on specialized tools and proper settings to cope with these threats. You'll never be one step ahead, though... I know how you might have felt like you were safe for a while, but it's right then you're the most vulnerable. If any good came of it, you've learned your lesson and know a lot better how to deal with stuff like this now. I'm very glad the folks participating in this thread were able to help you understand this problem better. I'm certain you will be a lot better protected (while definitely not safe - nobody is) out there  Surf safe, keakar - and all the best.


----------



## xvi (Feb 5, 2015)

Some malware can only be solved with Spok







Edit: ..or N.O.P.E.


----------



## keakar (Feb 5, 2015)

yep, life sucks, we just have to be ready for it

otherwise we have to call on spok lol


----------



## Heaven7 (Feb 5, 2015)

xvi said:


> Some malware can only be solved with Spok


There it is! The perfect solution!!! You should have told us earlier, xvi...   I want it NOW! 
EDIT: If this STILL won't work, there's always N.O.P.E. to solve your problems  I feel completely safe now - thanks!


----------



## revin (Feb 5, 2015)

Solaris17 said:


> Goddamnit I wish I had seen this earlier. I have removed this stuff alot at work! Im sorry you had to format. That is bad news. in the future. I have made a batch file (yes batch I was feeling academic) that we actually use to "get systems ready" if you will for more targeted repairs. Its not a  fix all but it touches ALOT of things and for the most part pulls a machine out of the grave if you will. Its still on crutches but it most cases it makes it easier to fix. Understand I do not EXPRESS ANY warranty or support. but I do try my best to help people. If anyone is interested here you go. I did spend alot of time on this and while I cant stop everyone id appreciate a credit if you manage to use it elsewhere and modify it out of respect.


 
Sad thing is I have this on a drive or cd somewhere 

Didn't you make this quite some time ago ?????



keakar said:


> revin, sorry to hear that but I kinda was expecting you would end up there.


 
Well it was a 2 fold problem, I had d/l'd a F@H progran to track my gpu, and it was  reputable site  but turns out it was shit, so as soon s unistall 1, another would install,
over and over 1 ontop of the next. couldn't keep up with them.

I'm really piss'd that nothing caught any of this shit happening !!!!! 

At anyrate I just moved my good stuff to another drive and started over, beside's it'd been a few years


----------



## keakar (Feb 6, 2015)

revin said:


> Sad thing is I have this on a drive or cd somewhere
> 
> Didn't you make this quite some time ago ?????
> 
> ...



yep, I feel that way too, its good to start over fresh every few years and when I used to download stuff often I would make a point to start over fresh every year because you just never know for sure if there are remnants of misc crap left behind you don't know about


----------



## revin (Feb 6, 2015)

Revo Uninstaller is an absolute must, and  DiskTrix UltimateDefrag for a {spinnig} HDD
Revo has worked so well, that there is almost never any odd registery entries left over.


----------

