PC Pals Forum
Technical Help & Discussion => Broadband, Networking, PC Security, Internet & ISPs => Topic started by: Clive on April 18, 2006, 14:35
-
A friend of mine has been infected with a serious piece of malware which has completely taken over hold of his computer. It's called Brave Century and claims to be an antivirus/malware remover. It keeps asking for money and will not allow itself to be deleted or allow normal computer use. I can boot it up in Safe Mode and managed to delete 21 trojans using AdAware - mostly diallers. But when you boot up normally Brave Century just takes control of the machine. A Google search finds virtually no trace of this program.
-
Are you certain of the spelling, Clive? It's unusual for nothing to be found on Google. Suggest you try the trial version of Ewido (http://www.ewido.net/en/), which seems to remove some stuff others miss. Install, then disable System Restore, and Norton Recycle Bin (if installed), before running in safe mode.
-
Yes the spelling is correct - very strange that it doesn't show up on Google. I'm thinking it may be best to do a clean install since there is very little on his machine anyway. He has just bought a new laptop so it's only going to be a back up machine from now on.
-
Seems a bit radical just for one trojan. Why don't you try Ewido first, and if that doesn't work, you haven't lost anything.
-
Has he told you its name over the phone Clive ?
Theres a Brave Sentry nasty around :(
http://www.itconsultancy.org/?spyware=brave+sentry&Submit=Go%21
-
He told me the name over the phone Sandra and I've visited him this afternoon. But I'm sure that you are correct that I've read what I was expecting to read and that it is in fact Brave Sentry. A constant picture of a man wearing a visor is further proof! After reading that website, I'm now more convinced than ever that a clean install is the best solution. It says to allow 10 hours to remove it but then doesn't explain how to go about it anyway. Incidentally this was caused by a babysitter being allowed access to his computer so no prizes for guessing what he must have been browsing!
-
Clive, you have email. I think 10 minutes might be a closer estimate than 10 hours. ;)
-
Yes, that's definitely the one Simon! Every symptom is listed including Task Manager being disabled. Thanks very much for the removal tool!
-
Hope it helps, Clive. :)
-
The removal tool worked fine Simon. All traces of Brave Sentry are now removed. 8) The only (presumably related) problem remaining is that Norton's refuses to enable autoprotect nor will it liveupdate. I think I will have to download a different antivirus program for him to use because Brave Sentry has corrupted it. I can't re-install Nortons as it's the 2002 version which is no longer supported and will only update until the current subscription runs out in 6 months time.
-
I would try AVG Free Home Edition.
-
I would suggest F-Secure, which a fully functioning 30 day trial version of can be downloaded from here (http://www.f-secure.com/). You can purchase the full version from the website, but it's cheaper if you shop around in places like Dabs (http://www.dabs.com/productview.aspx?Quicklinx=3YPK&SearchType=1&SearchTerms=f+secure&PageMode=3&SearchKey=All&SearchMode=All&NavigationKey=0) and Redstore (http://www.redstore.com/fx/techinfo.php?itm_code=FSESFT003).
-
Thanks for the suggestions guys - much appreciated! 8)
-
Right.
Is that an IRA smiley?
-
Better still reinstall Norton as it will still work for the next 6 months.
I cant understand people being so against Norton, its still one of the best AV programs around.
I know people say that it slows their pc down, maybe thats because its working harder to protect them ?
On anything faster than a 1 ghz cpu I have never noticed it to slow a pc down.
-
I agree Sandra, but have you tried the 2006 version yet? Practically every review I have read has mentioned a significant system slowdown, even more so than with older versions. I am not against Norton, and yes, it probably is still one of the best systems around, but there's no harm in trying alternatives, and recommending them if found to be satisfactory. One BIG difference I have noticed is the amount of time Norton Firewall takes to flash up the permission box, if a new application tries to access the network. When I was using Norton Internet Security 2005, it could take up to 30 seconds to ask a permission, but with F-Secure, it's instantaneous. Also, doing a full system scan with Norton took around 3½ hours on my machine, but a full system scan with F-Secure, bearing in mind it's the same full system, takes around half the time Norton did, and on the first scan, found things Norton had missed, which had been in files on my system for years. Norton is also hell to install, particularly the Security Suite, and takes a good hour, with all the reboots between the numerous Live Updates initially required. It's also a bugger to uninstall. I switched from Bit Defender to F-Secure, and had everything updated and running in 30 minutes, and it didn't require more than one reboot during the process. As I said, I'm not against Norton, per se, but there are alternatives worth checking out.
-
Better still reinstall Norton as it will still work for the next 6 months.
An existing installation of 2002 will continue to update until the 12 month subscription period is complete but a new installation will not update at all because they insist on you buying a later version. Brave Sentry has effectively stolen his remaining 6 months subscription. He's just been on the phone again to say that Winfixer 2006 has taken control of his computer!!
-
He seems very unlucky, if he's getting all this stuff, Clive. Has he got no spyware protection? I must admit, Winfixer is a bugger to get rid of the pop ups without falling into it's trap, but if he had some protection, his machine shouldn't have been infected.
-
He has AdAware SE and I updated it only today for him Simon. I have a removal tool for WinFixer so hopefully that will work when I see him on Friday. He really hasn't had any luck with his computer these past few days!
-
I'm starting to get the same feeling. :|
-
Has he tried any on-line scanners such as Trend Micro?
-
Not yet Mac. But hopefully I will be able to spend a bit of time on his machine tomorrow. He didn't even have SP2 installed but I downloaded that for him yesterday. Only about 200 more patches to go to bring him up to date. :laugh: One of the December security patches prevented Brave Sentry from installing so none of this would have happened if he had automatic updates. He soon will have!
-
If he has an XP CD I suggest that you seriously think about a plan involving slipstreaming using nLite and Ryan Vm's updates, as long as it is an English language system.
That way he'll have an up-to-date CD to do future installations with. If you choose to incorporate the unattended installation method then he won't have to register with MS everytime he does a re-install and you won't exceed the number of permittted registrations.
Alternatively if he hasn't got an XP CD try using AutoPatcher to provide the updates.
In either case making a drive image to safeguard your work, and his system, is a good idea, as you won't ever need to do all that laborious work again.
Making the slipstreamed and up-to-date XPSP2 CD is something you can do separately so he'll have a CD which he can use with sfc /scannow or sfc /scanboot
-
Just realised what the problem is with the preview. The preview page is not the same width.
Is it possible to make the compose window any wider?
It would be very handy if all three were the same width.
:thanks:
-
Just realised what the problem is with the preview. The preview page is not the same width.
Is it possible to make the compose window any wider?
It would be very handy if all three were the same width.
:thanks:
The forum template is optimised for 800 x 600 screen resolutions. We used a modification to make it fill the screen for any resolution, but some elements of the template don't quite fit perfectly. It's not usually a problem, and posts can be edited immediately after posting.
-
The forum template is optimised for 800 x 600 screen resolutions. We used a modification to make it fill the screen for any resolution, but some elements of the template don't quite fit perfectly. It's not usually a problem, and posts can be edited immediately after posting.
I should have posted this in Forum Suggestions really. Mea Culpa.
How does it look if optimised for 1024 x 768 resolution which more and more people seem to be using?
To get back on topic (?) this is a shot of Autopatcher adding 123 updates and other changes in just under one hour with just a single re-boot when it is finished updating, which means you can let it update whilst you have lunch or do something more productive.
(https://www.pc-pals.com/smf/proxy.php?request=http%3A%2F%2Fi14.photobucket.com%2Falbums%2Fa327%2FXPOS%2FAutoPatcher01.jpg&hash=fd18600c6245bfa6dddfb65e337a75d6e41c91e6)
Very handy bit of software for those doing a fresh install if they don't have an XP CD which they can slipstream.
-
That seems a brilliant piece of software and is just what I need to take the hassle out of dozens of re-boots between patches. Thanks very much for letting me know about it Mac. :D
-
It is a pleasure Clive.
(21/04/06) Have you had the chance to use it yet? If so, what do you think?
-
I'm visiting him this morning Mac. The plan is to remove WinFixer, install autopatcher and sort out some virus protection. I'll report back later today.
-
I'll look forward to hearing from you Clive.
-
Mission accomplished. Winfixer was simple to remove using the VundoFix tool downloaded from the internet. Autopatcher took 20 minutes to download and a further 20 minutes to bring the machine up to date. There was a single (worryingly slow) re-boot but all was well afterwards. I managed to revive Norton's and get that updated too. It's now working on autoprotect again and I left it happily scanning away.
Thanks once again for your invaluable help Mac.
-
The slow reboot was while it was catching itself up with all the updates, en masse, Clive, but useful to know that software works well.
-
Mission accomplished. Winfixer was simple to remove using the VundoFix tool downloaded from the internet. Autopatcher took 20 minutes to download and a further 20 minutes to bring the machine up to date. There was a single (worryingly slow) re-boot but all was well afterwards. I managed to revive Norton's and get that updated too. It's now working on autoprotect again and I left it happily scanning away.
Thanks once again for your invaluable help Mac.
Good to hear it all worked so well. AutoPatcher always has done when I've used it in the past and AutoStreamer is very easy to use. With nLite you really need to know what your doing if you want to remove everything you don't need, but for removing basics it is excellent.
At least you have both had a good experience even though the re-boot can be a bit of a cliff-hanger.
Pleased to be of service.