While we're not security professionals like Borepatch, I like to think we run a pretty good place here at Castle Graybeard. We keep up with the Windoze updates, along with the updates to pretty much everything. Since we've been working with computers since about 1978, we have been around the block a few times, and watch what we do. We have and run anti-virus and anti-spyware tools. Nevertheless, the scumbags have struck and we're tied up in removing a malware infection from Mrs. Graybeard's computer.
Ever heard of the "Security Tool" malware? It hijacks your system and attempts to get you to go to some site and pay them money to give you your computer back. I assume it steals credit cards, and so on. Really nasty hijack. Apparently spoofs the Windows desktop and intercepts everything you do to it. So far it's scumbags one and good guys nothing.
I've been saying for years that if I were on the jury, malware writers would get the death penalty. No problems with that decision whatsoever.
Back to our usual gloom and doom later.
As I spent the majority of the day cleaning(extra fun with lots of drywall work going on in the back room to update things), that was great.
ReplyDeleteWe got something like that on one of our computers. We resorted to wiping the main disk and reloading the factory defaults - which made recovery fun since it meant downloading at least three years worth of updates.
ReplyDeleteWe assumed it stole passwords and changed them all. We keep pretty close watch on the few cards we have, and so far no trouble. Hope it works the same for you.
I've cleaned the "Security Tool" type stuff a couple of times lately. I use Malwarebytes Antimalware (MBAm) to clean (boot Windoze in safe mode, install and run MBAm, reboot normally, run again) and then run a boot-time scan with Avast antivirus. After that using Spybot Search & Destroy resident protection (Tea Timer) and Avast antivirus has kept us clean ever since. Generally I use a clean computer to download MBAm to a USB stick and install on the infected computer in safe mode. Has worked for me so far, but the hacker-slime is constantly trying to find new ways to avoid anti-malware stuff.
ReplyDeleteGood Luck!!