351
General Software Discussion / Re: Massive malvertising campaign on Yahoo, AOL and other sites delivers ransomware
« on: October 24, 2014, 09:06 AM »
Hopefully Malwarebytes will protect users from this.^
What I would do if hit with something like this, is;
-Shut down.
-Kill power physically (as in unplug for 30-60 seconds) [to prevent virus hiding in the RAM chips between boots].
-Reboot with a CD of Derik's Boot & Nuke (freeware).
-Write zeros to the drive (takes 3 hours on average size drive).
-Not sure if Derik's will do same to any thumb drives, but it's worth considering.
-Shut down.
-Reboot from backup hard drive.
-Run backup restore using any drive cloning software from alternate drive which has been kept physically unplugged.
Once, I forgot to kill power first, and a virus in the RAM jumped to my #1 backup drive and killed that one also.
So I killed power, and got it all up and running using my #2 backup drive.
Now, I also keep a #3 backup drive.
Backups tend to get a little out of date, but are easily updated when needed.
I avoid CNET at all costs.
I picked up a couple of PUPs with a download of 'little registry checker' from MajorGeeks, and Malwarebytes caught and stopped it.
Norton 360 initially gave the download a clean bill of health
Then, after I had clicked on 'littleregistrycleaner.exe', Malwarebytes ran a pop-up warning me of two PUPs.
By that time, I was presented with the option to proceed with either 'Install' or 'Cancel'.
I clicked on 'Cancel', and 'littleregistrycleaner' was quite 'in your face' about wanting to 'install' and ignored its own 'cancel' button.
The little hack was like, "I've got you now; screw you."
So I ran a scan with Malwarebytes which shut it down.
What I would do if hit with something like this, is;
-Shut down.
-Kill power physically (as in unplug for 30-60 seconds) [to prevent virus hiding in the RAM chips between boots].
-Reboot with a CD of Derik's Boot & Nuke (freeware).
-Write zeros to the drive (takes 3 hours on average size drive).
-Not sure if Derik's will do same to any thumb drives, but it's worth considering.
-Shut down.
-Reboot from backup hard drive.
-Run backup restore using any drive cloning software from alternate drive which has been kept physically unplugged.
Once, I forgot to kill power first, and a virus in the RAM jumped to my #1 backup drive and killed that one also.
So I killed power, and got it all up and running using my #2 backup drive.
Now, I also keep a #3 backup drive.
Backups tend to get a little out of date, but are easily updated when needed.
I avoid CNET at all costs.
I picked up a couple of PUPs with a download of 'little registry checker' from MajorGeeks, and Malwarebytes caught and stopped it.
Norton 360 initially gave the download a clean bill of health
Then, after I had clicked on 'littleregistrycleaner.exe', Malwarebytes ran a pop-up warning me of two PUPs.
By that time, I was presented with the option to proceed with either 'Install' or 'Cancel'.
I clicked on 'Cancel', and 'littleregistrycleaner' was quite 'in your face' about wanting to 'install' and ignored its own 'cancel' button.
The little hack was like, "I've got you now; screw you."
So I ran a scan with Malwarebytes which shut it down.