Question/Help to the Tech Savvy
Submitted by Brutus56 on Sat, 12/17/2011 - 19:45I would greatly appreciate help for those who can offer it. My computer has been attacked twice within a week by a rouge virus. I have Windows 7 and the bugger that pops up is called Windows 7 2012 anti-spyware (unregistered version) The trojan name is trojan-bnk.win32.keylogger.gen. Last week I called Dell and McAfee and they got rid of it; I also installed Malwarebytes which helped. But now it's back. Question: why does this thing keep attacking my computer? What advice would you offer to prevent this? And, what is this thing anyways?
This is my second computer (laptop), my other one was damaged with a similar virus. It's very aggravating. Any help I would greatly appreciate. Thanks
Btw, I'm on another computer. That's why I'm able to post this.
Run Linux
Run Linux or another Unix-based operating system such as FreeBSD or OpenBSD. They are free, open source, and a lot more secure than Windows. If you play PC games then this may not be for you, but otherwise what are you waiting for?
https://www.fedoraproject.org/
http://www.ubuntu.com/
http://www.freebsd.org/
http://www.openbsd.org/
For starting out, I would recommend Fedora Live. It is literally an image you download and burn onto a CD-ROM. Then you boot off the CD and you can test it out without even needing to install it!
I've had success eliminating similar adware/spyware
Install anti-adware software like Malwarebytes and update.
Restart your system in "Safe Mode" by tapping your F8 key while it is going through what is called POST. That's the weird text that flashes up on your screen when you first turn on your system before any "MS/Windows logos pop up.
You will be given a number of start up options which you scroll through using your cursor arrows. Highlight "Safe mode with networking" and press enter. You may have to press return again to enter into Safe mode., I think your system will want your confirmation to enter Safe Mode and it explains what Safe Mode is.
Once you're in, run the Anti-adware program and let it do its thing. In case you need to update it, you can since you entered "Safe mode with networking". Since Safe mode doesn't start up a number of drivers, I liken it to hunting in the forest, but now the trees are bare. The stuff you're after doesn't hide so well from the program. If you want to run a virus scan with your anti-virus program, you might as well do that, too.
One of my sons had this on his laptop
Took me about a day to get rid of it.
see this:
http://www.bleepingcomputer.com/virus-removal/remove-win-7-a...
Used Malwarebytes like you did - also MSE (Microsoft Security Essentials) which I used to run a full disk scan, which is why it took so long. You need to leave MSE active to intercept any future infections, unless you have another AV program installed for that purpose.
That's a nasty bug, it infected several files, but once I had it cleaned with the full disk scan it hasn't come back.
I can offer a couple tips.
I can offer a couple tips. Firstly, I don't want to assume anything, so do you have a firewall installed? Secondly, I'd recommend downloading Spybot Search and Destroy. Install this program on the infected computer, download any updates, and run the scan. Also, run this program in the background on all of your computers because it runs a program called TeaTimer, which is a great layer of active protection. Additionally, it gives you the option of Immunizing your browsers and Hosts file with passive protection (The Hosts file is basically just a file on your computer that can block any IP addresses on the list).