N10.adhostnet.com problems

[John Lacey]

I'm now infected with this pop-up virus that is extremely bothersome. Malwarebytes does not recognize it and I would like a work-around for it. Anyone?

[Wiz Feinberg]

It would help us to know your operating system and brand and version of browser that is compromised.

Most of these PUPs arrive as "toolbars" for browsers. Internet Exploder is the absolute worst for ease of exploitation, via ActiveX controls. Even so, it provides a means of disabling or removing toolbars, extensions and plug-ins. This is found under the menu item Internet Options.

Firefox has an Add-Ons link where you can disable and remove unwanted toolbars, Add-ons or Plug-ins.

Google Chrome also provides a means of uninstalling unwanted extensions.

Most browsers can be started in a secure mode, sometimes called safe mode. This disables all non-default items that have been installed. You can go through the lists until you find the one that is plaguing you and destroy it.

Lastly, have you tried simply going to Control Panel (Windows only) and uninstalling the varmint?

[Jack Stoner]

I just "cleaned" a PC for a friend. It had many toolbars, and Chrome seemed to be the main one with most of the toolbard. The friends grand daughter had used the PC and downloaded a lot of crap.

Some of the toolbars would not install, even using Revo Uninstaller Pro. I ran Malwarebytes and it got a lot of garbage out of the PC. I had to first run Malwarebytes with Windows in safe mode. Then I rebooted and had to run Malwarebytes twice more. I still had garbage that Malwarebytes did not remove. I had to download and use Hitman Pro to finally get it cleaned out.

[Wiz Feinberg]

I'm now infected with this pop-up virus that is extremely bothersome. Malwarebytes does not recognize it and I would like a work-around for it. Anyone?

It just dawned on me that you may not have checked the options in Malwarebytes to search out PUPs. Do do this, open the MBAM interface (GUI). Click on Settings. Click on Detection and Protection. On the right side, under Non-Malware Protection > PUP and PUM, select the option: Warn users about detections - or - Treat detections as Malware.

Scan again and see if MBAM detects this as a PUP or PUM. You can also select a Custom Scan. Options include treating PUPs and PUMs as malware, as well as scanning for rootkits. I would have it scan the entire C drive if that is your boot drive.

[John Lacey]

'm running Windows 7 and it's happening with Chrome and Explorer. I tried running Malwarebytes with those changes you mentioned, Wiz and it's still there. The Version of Chrome is 39.0.2171.71m

[Jack Stoner]

Try the Hitman Pro. It found things that Malwarebytes didn't, for me.

http://www.surfright.nl/en/hitmanpro/

I have a full, paid version, of Malwarebytes Pro and its considered by many as the best of the bunch. But it wouldn't fully clean up the PC I was working on. Hitman Pro finished the job.

[John Lacey]

That seemed to do the trick, Jack. Thanks.

[Richard Sinkler]

Isn't there one program that is efficient enough to do the job. I keep seeing the need to use several programs to solve a problem here. First, your anti-virus program doesn't stop malware, as I think it should. Second, you have to use a malware program like Malwarebytes, which sometimes misses some malware. Then you need to use another program, like Hitman Pro to get rid of what Malwarebytes can't deal with. If Hitman Pro can find thing that Malwarebytes can't, wouldn't make more sense to bag Malwarebytes and just use Hitman Pro? For God's sake, can't one of these software companies come up with a program that does all of tjis, and does it efficiently?

[Wiz Feinberg]

Isn't there one program that is efficient enough to do the job. I keep seeing the need to use several programs to solve a problem here. First, your anti-virus program doesn't stop malware, as I think it should. Second, you have to use a malware program like Malwarebytes, which sometimes misses some malware. Then you need to use another program, like Hitman Pro to get rid of what Malwarebytes can't deal with. If Hitman Pro can find thing that Malwarebytes can't, wouldn't make more sense to bag Malwarebytes and just use Hitman Pro? For God's sake, can't one of these software companies come up with a program that does all of this, and does it efficiently?

No. Hitman Pro (which I an also an affiliate for) is self described as the last resort tool to remove the most stubborn threats and nuisances. In almost every malware removal forum I've visited, the experts have the infectees use several malware removal tools before the job is really done. MBAM and Hitman Pro are often both needed.

If there is one program that really does all detection and removal of all known and emerging threats and nuisances, I don't know about it yet.

I personally run Trend Micro Titanium Antivirus and MBAM, together. I operate as a standard Windows user, not an administrator. I have UAC fully functional and it pops up a box asking for admin credentials before I can install most programs or even open some of their interfaces. Lock down your computer to the point where you can use it, but malware has a hard time slipping in.

[Richard Sinkler]

I also run Trend Titanium And MBAM. I even run Trend on my phone. And, I also run myself as a user and not an administrator. I have the paid version of MBAM and have it working full time. I rarely have an issue. I was just wondering why one of these companies hasn't come out with a program that does it all.

[Wiz Feinberg]

Back to John Lacey's original topic, his problem was not a virus, nor even real malware. It was what is dubbed as a PUP; a Potentially Unwanted Program. How it arrived is anybody's guess. I've neither seen nor heard of it before. It is a nuisance that most standard anti-virus and anti-malware programs aren't programmed to identify.

Hitman Pro is not an anti-virus or anti-malware program, although it yearns to become one, someday, possibly soon. It is a currently best used as a removal tool for nuisances, PUPs and Trojans it both does and doesn't have definitions for. Behavioral analysis programs are subject to many false positives and should be used with caution, preferably under the guidance of a trained malware removal expert.

As for one anti-malware company's program being able to do it all, every time, for viruses, Trojans, rootkits, PUPs, settings changers and hijackers, they don't have the individual resources to analyze every new or varied piece of malware in the wild. It takes numerous company's honeypots and hundreds of real people to reverse engineer malcode, before effective definitions are released. In contrast, the other side employs hundreds to thousands of student coders who get paid to write or rewrite malware every minute of every day. This doesn't take into account State sponsored spyware, which often leaks into the cybercrime underground and gets used against us. All told, it is safe to say that on average, there are between 120,000 to 150,000 new and varied malcode signatures being released by cybercriminals every day of the year. Some are also strongly encrypted to slow reverse engineering by security researchers.

Aside from Heuristic analysis, most onboard security programs always play catch-up with the bad guys.

I applaud Richard for using Trend Micro and Malwarebytes Anti-malware together and for operating with a less privileged user account.

If anybody out there wants to know more about these programs, contact me.

BTW: As of the current release of Trend Micro 2015, it no longer forced me to uninstall MBAM when I upgraded Trend. They seem to be on friendly terms now. It used to be that I was forced to uninstall MBAM to install Trend Micro. After the first reboot, I was always able to reinstall MBAM. All its settings remained intact, mainly because I didn't check the option to remove user settings or quarantined items. The license survives also.

[John Lacey]

Thanks for the input, Wiz as usual. Would it be worthwhile to jump platforms to say Mac? All my friends keep saying it'll most of my problems.

[Wiz Feinberg]

Thanks for the input, Wiz as usual. Would it be worthwhile to jump platforms to say Mac? All my friends keep saying it'll most of my problems.

If all of the software programs you depend upon have versions written for the Mac OS that you want to buy and you can accept the learning curve, go for it. But, I would very strongly suggest that you find somebody nearby who has a current version Mac and go see how it operates.

Windows users are often shocked to learn that many programs that have existed for a decade or two for Windows aren't also ported to a Mac platform. Some once were, but have been abandoned. Others may have limited functionality, unless specifically being updated as Apple releases OS updates and security fixes.

FYI: I have never accidentally installed a PUP or virus since learning my lesson 3 months into owning my first Windows 95 computer. I borrowed a friend's business card program, which loaded from 3 3.5 inch floppy diskettes. Unbeknownst to me, the first one's MBR was infected with the Anti-Exe-A virus (near end of 1994, or beginning of 1995) In fact, fighting it off manually, with the help of Thunderbyte, launched a dozen to 15 year long side-career as a computer troubleshooter for hire.

During those years I disinfected and protected hundreds of PCs, some networked, others privately owned. I looked into the eyes of a spambot when they first made their appearance. It got onto a Windows 2000 Server at a large metal fabricating company I took care of. I learned that a night shift employee plugged in his infected laptop to browse the net and do personal email during his breaks overnight. The virus was network aware and found the server in no time. The owner had insisted on weak passwords that he could remember, so the compromise was a piece of cake. Fighting it off was not so easy.

The best security advice I can give any computer user, whether Windows, Mac or Linux, is to operate as a limited or "standard" user. Establish a complex password to protect the Administrator or Root account. Only log into Root or Admin to do upgrades and driver installations, or deinstallations that refuse to work from your less privileged account.

Browsing Internet websites from an Administrator level account is extremely foolhardy and dangerous. If you must visit websites from your Admin account (to download updates, etc), install Firefox and the NoScript Add-on. Downloads will not happen automatically, so look for links to start your downloads manually. Always keep UAC prompts active for program installations and changes to system settings. It may be a small nuisance to accept the UAC prompt, but not nearly the nuisance of cleaning up a malware infection.

I keep WinPatrol's Scotty dog in the System Tray on all my PCs. He yelps and displays an alert if a program wants to change an established setting, or add itself to the Startup folder, or run as a new service at Startup.

I always recommend using commercial security programs which are updated multiple times daily and which monitor what goes on in real time. The better ones keep the bulk of malware definitions on servers in the cloud and smaller databases on your computers. The latest instant definitions are always in the cloud before being pushed to desktop PCs.

As for nuisances, or Trojans, slipping past these defenses, it's been said that the weakest link in any computer system exists between the chair and the keyboard. Social engineering by seasoned criminals and fraudsters can fool busy people not expecting it to come from that source. Just look at all the "OMG, ur not gonna believe this video" posts on Facebook that urge you to click a link to read a story beyond belief. There goes your account, for spammers to use against your friends.

Then there are the cleverly worded email scams that claim that you were billed for something that was expensive. In a panic, you click the link, or open the attachment. Nothing appears to happen and you may even see a document with phoney charges listed. But, the next day, all your documents, pdfs, images, music and video files have been encrypted and are being held for ransom by a CryptoLocker Trojan. Even your networked shares have been encrypted! Ya got a couple of BitCoins laying around to pay to buy the key to decrpyt them? Do you even know how to make the extortion payment to a Tor user's website? Didn't think so.

[Jack Stoner]

There was an article this morning, I think in USA Today on line, about Apple facing more and more security issues. Apple wasn't much of a target for a long time as its footprint (percentage of users) was very small. There were security issues but they weren't very many. It has gained and now more infections are targeting Apple products.

My main issue with Apple (and I have an iPhone and like it)is the price of the hardware. An equivalent Mac can be 3 times as much as an equivalent Windows machine.

My DAW system is a home built i7 3770 CPU with 16GB of RAM and both SSD and conventional hard drives. It has Windows 7 64 bit OS. The system, including the motherboard, power supply, video card, optical drives, etc., was around $1100. An equivalent Mac would have been over $3000. And because I use Sonar for my DAW software I would have also had to install software to enable running Windows software since Sonar is only Windows.

[Richard Sinkler]

Wiz said:

BTW: As of the current release of Trend Micro 2015, it no longer forced me to uninstall MBAM when I upgraded Trend. They seem to be on friendly terms now. It used to be that I was forced to uninstall MBAM to install Trend Micro. After the first reboot, I was always able to reinstall MBAM. All its settings remained intact, mainly because I didn't check the option to remove user settings or quarantined items. The license survives also.

I just had a major upgrade to Trend within the last couple of weeks. It wouldn't install. It finally did, and my Malwarebytes had disappeared (I was looking for it to uninstall it). It's folder was gone. I have no explaination for that.

I occasionally get these stupid ad programs and un-necessary toolbars when I install free software that I downlodd and may only use a couple of times for a specific purpose. They stick around even after I uninstall the program. Some ask if you want to install them, but many don't. I often open up control panel if I'm seeing more ads and in places where I don't expect them. Often times, when you look at the screen to uninstall programs, you will find adware programs.

[Wiz Feinberg]

Richard, were you able to reinstall MBAM? If not, I might be able to help.

[Richard Sinkler]

My first attempt to re-install MBAM failed. I rebooted and did the install again. That time it worked and even found my license.

[Dave Potter]

I keep WinPatrol's Scotty dog in the System Tray on all my PCs.

I implemented a new PC a few months ago, and had to go through all the business of making it "mine". I bought the paid version of Winpatrol previously, but forgot to re-install it on the new box. Thanks for reminding me. You truly are an asset to SGF.

[Jack Stoner]

I have Win Patrol, but there haven't been any updates since the new owner bought it.

[Wiz Feinberg]

I like the fact that WinPatrol doesn't really "have" to have constant updates to do its thing. I did update mine when I ran Windows and Adobe and Chrome updates this month.

Sometimes, when really bored, I click on Scotty's icon in the SysTray, just to hear him bark.

[John Lacey]

Wiz, how do you change your account to a standard one from Administrator?

[Jack Stoner]

I agree it doesn't "have" to have updates. But the original owner, Bill P, did occasionally update something or get "news from Bill P". Nothing since the new owner bought it.

[Wiz Feinberg]

Wiz, how do you change your account to a standard one from Administrator?

Assuming you use a Windows Vista or newer computer, go to (Start >) Control Panel > User Accounts > Add/Remove User Accounts > Create a new account > Name the account and choose the account type "Standard User." Click Create Account and choose an icon for the Welcome Screen.

You will now see the new account and icon listed along with your existing (Admin) account. Click on the new account icon to open its editable properties. Set a password if you want to protect the account from others in the house, or thieves. Change other things that are listed under the account's properties, if you want to, then close out all open windows.

Restart your computer. Click on the new account name and icon on the Welcome Screen and log in. Set up your desktop as desired. If some shortcut icons aren't displayed on the desktop, go to the Start Menu > Programs, find those programs in the list, right click on a shortcut icon, drag it to the desktop and let go. From the right click options choose Copy here.

You will have to ack the UAC prompts and type in the existing Administrator password every now and then. You will be much more protected in exchange fore this small nuisance.

BTW: I assumed you already had a password protecting the Administrator account. If you didn't, go back to Control Panel and repeat the process to open the Admin account properties. Ack the UAC prompt to work with User Accounts. With the Admin properties open, set a (different) password for that account. Repeat it, then save and close out. Next time you see a UAC prompt, or need to log into that account, you'll need to type its password.