Do bjgarrick and haslang still help on this site?

bjgarrick was helping me with my desktop computer before, which again has malware and is my work computer, so I am losing money (and my company is losing turnaround time with its client) each day I am not working. I already had a thread going with him before, so, as instructed, I replied to it with my logs.

haslang had helped me with my laptop, which now has the same malware as the desktop, so I replied to the existing thread I had going with him.

neither has responded. The laptop isn't urgent, but the desktop is, and the last time he helped me, bjgarrick had expressed understanding for the urgency of medical personnel keeping their computers malware free. so, I wondered if he and haslang are still working on this site.

Thanks for any info!

 

If Chas successfully cleaned off your old malware for you, did you subsequently follow his advice on security to avoid reinfection?

 

Okay. It's hard to be patient about the desktop situation because every day that goes by is a day I'm losing work, and the account I'm working on is behind in turnaround time...very badly. They really need my help. I'm just really surprised it's taken this long because last time I got a response within 2 days, and it has now been 5.

 

Yes, I have been doing that on both computers all along. I follow the advice on this site regularly. In fact, my local guy accuses me of being "hyper paranoid" and never finds malware on my computer when there ends up being some...which is why I always come to you guys for help. I only go to him when I need hardware, hardware repairs, or software. He's completely clueless about anything else.

 

As I replied to one of the other respondents, I have always followed the "how to prevent malware" post on this site; in fact, I even asked the advice of both guys who helped me as to which they recommended for each machine. I'm not stupid or ignorant. I can't afford to purchase new machines...or hard drives...every six months, and the friend who built my desktop has told me several times that a computer without its own firewall running for 1 millisecond is vulnerable to nasties climbing on board. My local guy laughs at me and calls me hyper paranoid and is otherwise a doof as far as the dangers that lurk on the 'net/web, which is why I come to you instead of him for anything other than hardware and software purchases/repairs...and he's even failed me in those areas on occasion. I live in the boonies, so I don't have much choice.

 

That's sad to hear MedTx, I mean, after all your precautions that you still get infected? Hey, I don't want to insult you but you're doing something that lets the bugs in.

I've got only a FW and an anti-virus and I surf in areas that perhaps I shouldn't, be that as it may but I've only been infected twice and both were easy to get rid of on my own. I hope you can find the 'hole' in your security.

 

The only thing I can think of is Online Armor giving me too many choices where I'm not sure whether to allow or block, and whether something is hijacking a download and/or installation or not. Some processes used during installations and or save of downloads aren't necessarily recognizable by name to be that of the genuine items you're dealing with. So, a person needs to know which processes are legit and which are not, and I'm afraid I'm not that savvy. Now, I know to block it if I get this 5-line URL of all sorts of odd characters and Online Armor tells me something is trying to change my default search page to that URL.

Oh, and I did uninstall Webshots because I kinda got some hints that it might have been through that program and/or site that I contracted the Vundo.variant.

I am currently using OnlineArmor; Avast Antivirus; Firefox with KeyScrambler, AdBlock, CookieSafe; NoScript; CCleaner; RegSeeker; SpywareBlaster; Spybot S&D; and I also run SAS and MBAM on rotation with Avast and S&D. The only things I have running in the background are Avast, SpywareBlaster, and OnlineArmor. I also occasionally run a scan with a-squared, but not very often because it's a pain to stop it from running in the background afterward.

 

You need to realise the difference between the way a commercial or service organisation view things and the way dedicated enthusiasts like Chas and Co work.

Commercially it may not be economic to put in the man hours needed to clean up or repair. Also data, is or should be, backed up elsewhere. Finally commercial organisations can deploy extra resources and spread the cost over many repair/cleaning.

Chas has to work with the computer you have, faults and all, and replace expensive commercial props with pure skill.

I doff my cap.

Since I am firmly rooted in the commercial camp I can't help much with malware removal as I use different techniques.

However I can help harden you security.

Look at what Halo has said, this is only the tip of a security iceberg.

Major Geeks takes pride in being a secure place for members, but it is still not a good idea to post too much information about your system in open forum as other, non members, may also read it.

So you could answer some questions by PM if you wish.

I will separate recommendations into a second post.

 

Well, crap. I don't suppose it does any good to say that I had no idea this was what bumping was? I never read that post because I figured it meant something like replying to other people's requests for malware assistance, thereby interrupting the help they were getting. I had no idea it meant anywhere in the forum.
:confused
I have Asperger syndrome that was only diagnosed 3 years ago, and there are a lot of things I don't know the meaning of. Sorry.

So, you're telling me I now have to wait as long again as I did when I first posted? Like, I should go ahead and spend my parents' money (they just had to remortgage the house we are currently living in to pay theirs and my health bills for this month) to pay the local guy $60/hr in order to get my desktop computer fixed fast enough for me to get back to work before the end of next week?

 

I guess I don't understand what I gave away that was a security breach. I can be pretty net naive, though, I guess, as I have been the victim of 2 cyber bully attacks in 2005 and 2007.

 

First.

Use the twin account system.

Create a new administrator account and use itonly for administrating.
Demote your existing acount to limited user.

Review your router. Are you using wifi or ethernet or USB?

Turn off remote assistance, remote desktop and the like.

Cull startup programs/processes and make a list of allowed ones.

Create a multi stage Email system, using both webmail as frontline and a suitable client for wanted mail.

Review your website security.

I assume you send and receive work by internet. Establish an agreed verification system with (trusted) clients.

I'll happily expand on these if you are interested.

 

It's 3.30 pm my time, and I have to go out now. I will be back around 6pm, my time.