Go Back   AnandTech Forums > Software > Software for Windows

Forums
· Hardware and Technology
· CPUs and Overclocking
· Motherboards
· Video Cards and Graphics
· Memory and Storage
· Power Supplies
· Cases & Cooling
· SFF, Notebooks, Pre-Built/Barebones PCs
· Networking
· Peripherals
· General Hardware
· Highly Technical
· Computer Help
· Home Theater PCs
· Consumer Electronics
· Digital and Video Cameras
· Mobile Devices & Gadgets
· Audio/Video & Home Theater
· Software
· Software for Windows
· All Things Apple
· *nix Software
· Operating Systems
· Programming
· PC Gaming
· Console Gaming
· Distributed Computing
· Security
· Social
· Off Topic
· Politics and News
· Discussion Club
· Love and Relationships
· The Garage
· Health and Fitness
· Merchandise and Shopping
· For Sale/Trade
· Hot Deals with Free Stuff/Contests
· Black Friday 2014
· Forum Issues
· Technical Forum Issues
· Personal Forum Issues
· Suggestion Box
· Moderator Resources
· Moderator Discussions
   

Reply
 
Thread Tools
Old 04-16-2013, 05:58 PM   #1
Doppel
Lifer
 
Doppel's Avatar
 
Join Date: Feb 2011
Posts: 13,313
Default OMG somebody installed malware on my PC. www.dnsbasic.com

One of the people in my household in their infinite wisdom obviously sport-Fed the next button on some pop-up they saw somewhere and infected the living @*#( out of this computer (Win 7). Everything appears removed now with exception to in Internet Explorer whenever I search, it now searches directly to www.dnsbasic.com search engine.

I've had a go with malwarebytes, I've removed all search engines from IE except for google, disabled and/or uninstalled all add-ons. I've uninstalled the God-forbidden dnsbasics piece of crap from programs but still somewhere it is kicking around on the PC.

Any ideas? This seems a very new piece of crap software and so all the posts on google are just 3-4 days old, and not many of them.

I was able to remove this for Chrome and it's back to normal.

Hmm, seems malwarebytes is old now and not getting updates. I remember lavasoft's product, so I was just about to install it but it looks like it wants to install a bunch of crap also, so going to give microsoft's product a go.

EDIT: Fixed it, in case anybody else comes upon this (some on the net still have this issue). I removed all searches except for only google search but it still went to dnsbasics.com. I thought maybe it had bastardized the google search and was hiding, which it turns out it was. I installed bing search and it went fine. I could then remove google (ie insists on having at least one search engine as default) and then reinstalled the google search from the IE website thingy under add-ons and now google is fine.

Last edited by Doppel; 04-16-2013 at 06:31 PM.
Doppel is offline   Reply With Quote
Old 04-16-2013, 06:29 PM   #2
berryracer
Golden Member
 
berryracer's Avatar
 
Join Date: Oct 2006
Location: Dubai
Posts: 1,915
Default

What antivirus did you have one when it was installed just out of curiosity?
__________________
Alienware 18 | i7 4810MQ @ 4 GHz | Dual Radeon R9 M290X Crossfire | 32 GB Kingston HyperX 1866 MHz RAM
Samsung 850 PRO 256GB SSD + Samsung 840 EVO 1TB SSD + Samsung 840 EVO mSATA 1TB SSD | Windows 7 Professional
berryracer is offline   Reply With Quote
Old 04-16-2013, 06:38 PM   #3
Doppel
Lifer
 
Doppel's Avatar
 
Join Date: Feb 2011
Posts: 13,313
Default

Quote:
Originally Posted by berryracer View Post
What antivirus did you have one when it was installed just out of curiosity?
Apparently I did in fact have microsoft security essentials running, but it let this in. Perhaps it didn't qualify as a "virus" necessarily. Just a "helpful marketing tool!" like most malware. Until I started uninstalling stuff I was getting pop ups for surveys and stuff. I can't believe in 2013 we still put up with this.
Doppel is offline   Reply With Quote
Old 04-16-2013, 07:09 PM   #4
postmortemIA
Diamond Member
 
postmortemIA's Avatar
 
Join Date: Jul 2006
Location: Midwest USA
Posts: 6,511
Default

Quote:
Originally Posted by Doppel View Post
Apparently I did in fact have microsoft security essentials running, but it let this in. Perhaps it didn't qualify as a "virus" necessarily. Just a "helpful marketing tool!" like most malware. Until I started uninstalling stuff I was getting pop ups for surveys and stuff. I can't believe in 2013 we still put up with this.
I can't believe in 2013 you let somebody run your own PC as an admin.
__________________
D1. Win7 x64 i7-3770 on Z77, HD7850, 2707WFP, 840, X-Fi D2. Win7 x64 E8400 on P35
L1. OSX 10.9 rMBP 13 L2. Vista x86 E1505
M. Galaxy S4

postmortemIA is online now   Reply With Quote
Old 04-16-2013, 07:12 PM   #5
Doppel
Lifer
 
Doppel's Avatar
 
Join Date: Feb 2011
Posts: 13,313
Default

Quote:
Originally Posted by postmortemIA View Post
I can't believe in 2013 you let somebody run your own PC as an admin.
It's worth it. This happens about every 3-4 years and is not worth the hassle of managing accounts for the rest of the time.

I may revisit this, though

Last edited by Doppel; 04-16-2013 at 07:18 PM.
Doppel is offline   Reply With Quote
Old 04-16-2013, 07:15 PM   #6
berryracer
Golden Member
 
berryracer's Avatar
 
Join Date: Oct 2006
Location: Dubai
Posts: 1,915
Thumbs down

Quote:
Originally Posted by Doppel View Post
It's worth it. This happens about every 3-4 years and is not worth the hassle of managing accounts for the rest of the time.
I have said it many times but noone believes, MSE is one of the worst antivirus programs out there! Yes it is light on resources but it sucks big time in protection!

I have had 2 viruses crawl twice on to my system even though I am a safe user. Furthermore, it sucks in deleting any threats

AV-TEST - The Independent IT-Security Institute: Jul/Aug 2012




I don't know how many people believe in this POS Antivirus, just because they *think* they had no problems with it that makes it good? LOL To everyone running MSE I advice you to run a scan with another AV god knows how many viruses you might be having and not even knowing it



http://www.av-test.org/en/tests/home...7/sepoct-2012/

Outstanding result for Bitdefender.
Trend Micro continues to make good progress.
Microsoft disappoints by failing certification.
berryracer is offline   Reply With Quote
Old 04-16-2013, 07:21 PM   #7
Doppel
Lifer
 
Doppel's Avatar
 
Join Date: Feb 2011
Posts: 13,313
Default

Quote:
Originally Posted by berryracer View Post
I have said it many times but noone believes, MSE is one of the worst antivirus programs out there! Yes it is light on resources but it sucks big time in protection!

I have had 2 viruses crawl twice on to my system even though I am a safe user. Furthermore, it sucks in deleting any threats

AV-TEST - The Independent IT-Security Institute: Jul/Aug 2012




I don't know how many people believe in this POS Antivirus, just because they *think* they had no problems with it that makes it good? LOL To everyone running MSE I advice you to run a scan with another AV god knows how many viruses you might be having and not even knowing it



http://www.av-test.org/en/tests/home...7/sepoct-2012/

Outstanding result for Bitdefender.
Trend Micro continues to make good progress.
Microsoft disappoints by failing certification.
I didn't realize MSE sucked that much. To be honest with you it's the first antivirus I've consistently used because it's free and it's just there. I've been perhaps very lucky or benefited from herd immunity because in almost two decades of having a PC I've pretty much never run an antivirus and in terms of bonafide definite viruses I'd say I get one per decade. Malware is another matter, though I'm very careful with what I click and I use this PC for 90% of the time, just not 100% unfortunately.
Doppel is offline   Reply With Quote
Old 04-16-2013, 08:00 PM   #8
berryracer
Golden Member
 
berryracer's Avatar
 
Join Date: Oct 2006
Location: Dubai
Posts: 1,915
Default

The thing is, when you go to any forum out there and ask for a good free antivirus, they recommend MSE which is a scary fact. The reason is, as you mentioned, it is free, has no ads whatsoever, and they *think* it protects them.

Well, you never know if u have a virus anyway until it destroys something coz MSE won't even detect it.

Microsoft is the last company I would trust with anything related to security.

Avast! free antivirus or Avira Free (yes Avira has annoying ads but avast doesn't) are way better.

Take a look at the latest virus comparison test here:

http://chart.av-comparatives.org/chart1.php

I have been using Bitdefender for years with not a single virus, take a look at their detection rates and you'll know why. It is very light on the system as well.

My 2nd best choice would be Eset's NOD32 which I use on my other computers.

Try installing the Bitdefender Demo after uninstalling MSE and run a scan, if u r lucky, it will be able to repair ur computer

worst case scenario is ull have to format to get a clean system and then use real protection.

My security setup is as follows:

- Bitdefender Antivirus Plus 2013 (link is for the full version demo) [you can download the free version of Bitdefender Antivirus here: Download Bitdefender Antivirus Free
- MVPS hosts file (nice to keep u from even visiting bad sites and blocks many ads / tracking
- Ad-Block Plus on Pale Moon (which is like Firefox but faster)
- DoNotTrackme add on for Pale Moon
- SUPERAntiSpyware Free just to scan on a weekly basis to get rid of any tracking cookies (it always finds nothing thanks to adblock plus and donottrackme but just in case

* note, when installing SUPERAntiSpyware, please make sure to uncheck the google chrome installation during setup. After setup, enter options, and disable the checkboxes as the image below, you only need it on demand:

berryracer is offline   Reply With Quote
Old 04-16-2013, 08:19 PM   #9
yhelothar
Lifer
 
yhelothar's Avatar
 
Join Date: Dec 2002
Posts: 18,058
Default

System restore. I don't understand why more people don't use it. Most likely you have a restore point within 2-3 days so you won't really lose anything. It doesn't affect your documents. And it's pretty much 100% effective.
__________________
My Heatware
yhelothar is offline   Reply With Quote
Old 04-16-2013, 08:23 PM   #10
HeXen
Diamond Member
 
HeXen's Avatar
 
Join Date: Dec 2009
Posts: 6,002
Default

Any family type PC or one used by non geeks should have a more robust AV. MSE is just very basic, it will catch known worms and trojans but that is mostly it.
Some of the toughest things I ever had to remove from someone's PC were from pop ups. Usually they nag you for money on a fake AV and keep you from getting help online or are some kind of toolbar/extension that screws stuff up

I really liked Eset smart security, fast and unobtrusive. But it's one of those things that everyone will have their own opinion on as to which is best but usually anything freeware has some kind of limitation, lack of some features or really likes to call home a lot, probably for ad related stuff.

Quote:
Originally Posted by astroidea View Post
System restore. I don't understand why more people don't use it. Most likely you have a restore point within 2-3 days so you won't really lose anything. It doesn't affect your documents. And it's pretty much 100% effective.
100%? lol
HeXen is offline   Reply With Quote
Old 04-16-2013, 08:31 PM   #11
lxskllr
Lifer
 
lxskllr's Avatar
 
Join Date: Nov 2004
Location: Somewhere over the rainbow
Posts: 38,458
Default

System restore was always a mixed bag for me. It's always worth a try. If it works, it doesn't get any easier, but I wouldn't expect miracles.
lxskllr is offline   Reply With Quote
Old 04-16-2013, 08:56 PM   #12
yhelothar
Lifer
 
yhelothar's Avatar
 
Join Date: Dec 2002
Posts: 18,058
Default

Hmmm it's been 100% for me, and it makes sense that it should be given that it changes your entire file structure to a point where you haven't gotten the malware yet, short of your documents/pictures folder, which when was the last time you've seen malware store itself in the documents/pictures folder? Yeah, never.

What malware have you guys gotten where system restore was ineffective? I'm curious now.
__________________
My Heatware
yhelothar is offline   Reply With Quote
Old 04-16-2013, 09:58 PM   #13
WilliamM2
Senior Member
 
WilliamM2's Avatar
 
Join Date: Jun 2012
Posts: 919
Default

I've never been infested with Malware myself, but have cleaned many systems. System restore has never worked for me, most malware disables it. Now a system image on the other hand, from outside Windows is the easiest solution possible. Just back up the pst file and documents, and use a rescue disc to restore the image.

I would never trust my machine after it was infected anyways, so I make a new image occasionally just in case, but I don't change my system much, so it's quite easy. It doesn't work well in a work environment unless you can train the users to save all files to the network, and not on their own pc.
WilliamM2 is offline   Reply With Quote
Old 04-16-2013, 10:56 PM   #14
yhelothar
Lifer
 
yhelothar's Avatar
 
Join Date: Dec 2002
Posts: 18,058
Default

If the malware disabled system restore, you need to boot into safe mode so that the malware doesn't start and system restore should work.
__________________
My Heatware
yhelothar is offline   Reply With Quote
Old 04-16-2013, 11:10 PM   #15
TheReaWarmonger
Banned
 
Join Date: Jan 2013
Location: ::1
Posts: 108
Default

First off,
  1. AVG/Avira/Avast/MSE/Malwarebytes
Stay away from everything else. Or if you're like me, use nothing. I've been running for 5+ years strong without a single infection nor real time antivirus scanner (tho I do guess my background would explain as to why). If other people use your machine, push them off onto a guest or limited account. Nothing beats infections better than a little common sense.
TheReaWarmonger is offline   Reply With Quote
Old 04-16-2013, 11:35 PM   #16
Jodell88
Diamond Member
 
Jodell88's Avatar
 
Join Date: Jan 2007
Location: Sweet T&T
Posts: 6,933
Default

Quote:
Originally Posted by Warmonger View Post
First off,
  1. AVG/Avira/Avast/MSE/Malwarebytes
Stay away from everything else. Or if you're like me, use nothing. I've been running for 5+ years strong without a single infection nor real time antivirus scanner (tho I do guess my background would explain as to why). If other people use your machine, push them off onto a guest or limited account. Nothing beats infections better than a little common sense.
How do you know that you're not infected if you don't have a virus scanner?

Can you go around one hundred percent certainty that you don't have an STD/STI if you don't get tested?
__________________
“Defend the weak, protect both young and old, never desert your friends. Give justice to all, be fearless in battle and always ready to defend the right." - The law of Badger Lords
Jodell88 is offline   Reply With Quote
Old 04-16-2013, 11:44 PM   #17
TheReaWarmonger
Banned
 
Join Date: Jan 2013
Location: ::1
Posts: 108
Default

Quote:
Originally Posted by Jodell88 View Post
How do you know that you're not infected if you don't have a virus scanner?

Can you go around one hundred percent certainty that you don't have an STD/STI if you don't get tested?
I am 100% certain that I am not infected, nor have I ever been. As a grey hat and a software developer. It's nearly impossible for an infection to go un-traced by my naked eye. And believe me I don't say it to sound "kewl", its just hard to infect someone who knows every nook and cranny of an operating system and how most malicious software works (I have written my fair share). You can assume the gas tank is empty, or give it a shake and listen.
TheReaWarmonger is offline   Reply With Quote
Old 04-17-2013, 11:00 AM   #18
HeXen
Diamond Member
 
HeXen's Avatar
 
Join Date: Dec 2009
Posts: 6,002
Default

Quote:
Originally Posted by astroidea View Post
If the malware disabled system restore, you need to boot into safe mode so that the malware doesn't start and system restore should work.
Alot of Malware contaminates restore. Those malware writers are not stupid and System restore is a part of every Windows right there on the C drive, so it's kinda a duh situation anyway. Some use other methods to revive themselves or infect other files not on C drive.
Not that it doesn't hurt to try it then do another scan afterwards, just that even on clean systems sometimes System Restore fails to restore, I have seen this many times.
I would never really trust contaminated systems anyway as some can somehow prevent your AV from working correctly or hide from it, contaminate other files, boot configs..etc. There are some mean ones out there and many people have Bots and AV's without ever knowing it. I heard Bot infections were ridiculously common and there is an interesting book out there about the current Cyber warfare situation that is pretty scary and good read btw.

I tried to fix this XP system years ago that was so bad I couldn't even boot from CD or USB drive nor get into safe mode, So even my USB boot drive with all my tools wouldn't work. All it would do is load XP and reroute most every web site I tried to access and prevent System Restore from functioning. Disabling most ever service didn't work either as certain ones would always restore themselves. I suspected something more like a bios virus or some other bios issue as well but after i pitched the hard drives and tested using one I had laying around it all worked fine.

Whatever infection(s) it had, was one mean mofo

Quote:
Originally Posted by Warmonger View Post
I am 100% certain that I am not infected, nor have I ever been. As a grey hat and a software developer. It's nearly impossible for an infection to go un-traced by my naked eye. And believe me I don't say it to sound "kewl", its just hard to infect someone who knows every nook and cranny of an operating system and how most malicious software works (I have written my fair share). You can assume the gas tank is empty, or give it a shake and listen.
Even the best security experts out there have had systems comprimised and never even read of Malware writers say such things of confidence. Plenty of good stories out there related to that. However it's unlikely your personal computer is ever targeted for such but if you were in the business of security, you would still be susceptible even if you are ZeroCool

Last edited by HeXen; 04-17-2013 at 11:05 AM.
HeXen is offline   Reply With Quote
Old 04-17-2013, 11:07 AM   #19
yhelothar
Lifer
 
yhelothar's Avatar
 
Join Date: Dec 2002
Posts: 18,058
Default

Hmmm, I guess I must've just got lucky over the years then, since system restore has always worked for me. There were countless of times where I spent hours fiddling with various scanners and manually trawling through the file system trying to remove all traces of the malware, only to be left in frustration. Then I tried system restore and it was done in 5 minutes.

I have to say that system restore has worked for me at least 7 times removing malware for myself and friends. So I must've had incredible luck according to what you guys are saying.
__________________
My Heatware
yhelothar is offline   Reply With Quote
Old 04-17-2013, 05:49 PM   #20
Chiefcrowe
Diamond Member
 
Chiefcrowe's Avatar
 
Join Date: Sep 2008
Posts: 3,667
Default

I've also seen several cases where system restore did not work, even though it was still left on by the malware. Just wouldn't restore to a particular point and didn't say why.
Chiefcrowe is offline   Reply With Quote
Old 04-17-2013, 06:04 PM   #21
PowerEngineer
Platinum Member
 
PowerEngineer's Avatar
 
Join Date: Oct 2001
Posts: 2,479
Default

Quote:
Originally Posted by Doppel View Post
It's worth it. This happens about every 3-4 years and is not worth the hassle of managing accounts for the rest of the time.

I may revisit this, though
You really should! Even if you decide against establishing accounts for each user (which I would do just to keep them out of each others' files), you should make everyone use a "limited" account. Even you, unless you're doing something that really requires administrative privileges.
PowerEngineer is offline   Reply With Quote
Old 04-17-2013, 08:55 PM   #22
Kaido
Lifer
 
Join Date: Feb 2004
Posts: 29,655
Default

Quote:
Originally Posted by berryracer View Post
Outstanding result for Bitdefender.
Trend Micro continues to make good progress.
Microsoft disappoints by failing certification.
I've had mixed results with Bitdefender lately, and much better results with MSE. I have a couple hundred machines on endpoint stuff at work, and then a small pool for those "special" users who are repeat virus offenders where I test different A/V products. I do really like Bitdefender's cloud product though...super easy deployment and a cloud console is pretty awesome.

OP, Bitdefender has a really nice quick-scan tool available free as a Chrome plugin here:

http://labs.bitdefender.com/projects...scan/overview/

Although if you have the time, I've found that Trendmicro's Housecall online scanner has had the best results in my own testing: (download/scanning takes longer, but it finds a lot that others miss)

http://housecall.trendmicro.com/

Like you said, sounds like maybe the spyware search engine named itself as Google search and removed the real Google search, which would explain why swapping to Bing & removing Google and then adding it back in worked.

Le sigh. Where's my Chromebook haha.
__________________
Dave Likes Food

Last edited by Kaido; 04-17-2013 at 08:58 PM.
Kaido is offline   Reply With Quote
Old 04-21-2013, 10:18 AM   #23
Doomer
Diamond Member
 
Join Date: Dec 1999
Posts: 3,693
Default

I absolutely refuse to run any AV/ scanner that noticeably slows down my computer. I make zero exceptions to this rule. ALL AV programs suck ass in one way or another, most degrade the performance of your computer. I practice safe surfing and use common sense when faced with an unexpected popup. I assume all encounters in cyberspace are hostile and act accordingly. The only scanner I run is Malwarebytes Pro paid edition. It does a great job of blocking malicious web site and is the best scanner I've found. Norton, Mcaffee, etc. can KMA.
__________________
I'm like Jesus only bitter and hateful.
Doomer is offline   Reply With Quote
Old 04-21-2013, 11:21 AM   #24
Matt1970
Lifer
 
Matt1970's Avatar
 
Join Date: Mar 2007
Location: Syracuse NY
Posts: 11,183
Default

Truth is they all suck. I have seen some heavily infected computers come in my shop with every AV program imagineable. 9 times out of 10, if not more, your AV software will only catch the infections trying to spread in your PC, if it catches them at all, and by then the damage is already done.
Matt1970 is offline   Reply With Quote
Old 04-22-2013, 03:22 AM   #25
akugami
Diamond Member
 
akugami's Avatar
 
Join Date: Feb 2005
Location: 費城, 賓夕法尼亞州
Posts: 4,193
Default

MSE is not a bad program. The best? No, but not as bad as AV-Comparatives makes them out to be. Granted MSE hasn't been doing as well in the AV testing as of late. But MSE still had people bashing it when it was near the top of the list. For what I need it to do and for the expected use of the systems I help deploy, it's good enough and also just as importantly it's light enough on computer resources.
__________________
Canon 50D
Canon 16-35mm L MK1
_______________________
That was insensitive of me. I asked you to stop being stupid without considering how extremely difficult that must be for you.
akugami is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 03:24 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.