Major_A
LPmember
Name's Ash. [cocks rifle] Housewares.
Posts: 1,378
|
Post by Major_A on Jun 22, 2011 16:26:19 GMT -5
I knew it was past due for my every 2 year windows reinstall. I've been fighting the xp internet security 2012 antivirus... virus
This is a nasty one...a real pain in the brown eye to fix all the devastation! browser redirects, windows update turned off AND blocked websites, and more, you name it!
Every 2 years I re-install windows anyway just to get rid of junk I've stopped using and doing so does the ultimate registry clean, among other things.
If anyone runs into something really nasty and just wants to reinstall windows but need to back up certain things first, download combofix.
I just happen to be using IE for some info I needed to look up for some store security info I needed for work when it hit me....RIGHT AFTER I GOT HOME..what a serious piss in the post toasties!
I downloaded Combofix on another machine and put it on the desktop of the problem machine and it fixed most of the problems, but not enough to satisfy me so I guess it's time for that re-install.
Hope that info helps someone. Info www.bleepingcomputer.com/download/anti-virus/combofixDownload download.bleepingcomputer.com/protected/2f220c1bb2a5cb510b9792bfcf35ba14/4e02544e/ComboFix.exe
|
|
Lamron
Benevolent Dictator
Posts: 5,214
|
Post by Lamron on Jun 22, 2011 17:56:42 GMT -5
That's got to be the worst virus out there. I got it and NOTHING would kill it short of reformating the hard drive and doing a fresh Windows install.
|
|
Major_A
LPmember
Name's Ash. [cocks rifle] Housewares.
Posts: 1,378
|
Post by Major_A on Jun 22, 2011 18:13:14 GMT -5
to rekindle an old quote..."ah feel your pain"
BTW, who is in charge of the assassination death squad that hunt down the bastids that write these things anyway?
OH wait, that would be immoral....if anyone should get their privacy invaded here or any other country it should be these f**ks!
They should die after having their fingernails pulled, then bitten by rattle snakes and left to bloat and swell, then right b4 they die...HANG THEM by their tally wackers while hog tied!
|
|
Lamron
Benevolent Dictator
Posts: 5,214
|
Post by Lamron on Jun 22, 2011 18:52:37 GMT -5
They should die after having their fingernails pulled, then bitten by rattle snakes and left to bloat and swell, then right b4 they die...HANG THEM by their tally wackers while hog tied! You are FAR more merciful than I would be.
|
|
RedRock
LPmember
Never ask what kind of computer a person uses--if it's a Mac, he'll say; if not, why embarrass him?
Posts: 4,968
|
Post by RedRock on Jun 22, 2011 21:05:19 GMT -5
Let's see.....hmmmm.....where on my Mac do I look for that virus? Oh, wait, that's right, I DON'T!
|
|
Major_A
LPmember
Name's Ash. [cocks rifle] Housewares.
Posts: 1,378
|
Post by Major_A on Jun 22, 2011 21:16:45 GMT -5
Let's see.....hmmmm.....where on my Mac do I look for that virus? Oh, wait, that's right, I DON'T! some punk homo will do it one of these days, but I don't wish it one anyone but the ones who write them.
|
|
RedRock
LPmember
Never ask what kind of computer a person uses--if it's a Mac, he'll say; if not, why embarrass him?
Posts: 4,968
|
Post by RedRock on Jun 22, 2011 23:41:06 GMT -5
LOL, yeah, I know, Major. It's just a matter of time until something really nasty is created for the Mac.
|
|
Lamron
Benevolent Dictator
Posts: 5,214
|
Post by Lamron on Jun 22, 2011 23:48:39 GMT -5
Let's see.....hmmmm.....where on my Mac do I look for that virus? Right here: www.digitaltrends.com/computing/trojan-mac-defender-starts-to-chalk-up-victims/www.digitaltrends.com/computing/new-macdefender-malware-infecting-unsuspecting-apple-users/"Mac Defender" is basically the same thing as the "XP Internet Security 2012 Antivirus" we're talking about. It comes attached to some other legitimate file and after it installs itself, it pops up a window that shows it "scanning" your computer files and "finding" several terrible threats. It then offers to clean all of that out for you, for a reasonable cost. Meanwhile, it interferes with other computer functions and slows things down, contributing to the illusion that you have lots of viruses and you really NEED to give the helpful anti-virus program your credit card number. It also alters the link destinations on your browser, so even though you might be clicking on a legitimate link that you've used before, now you get forced to some other site. There's a security flaw in the Safari browser that lets it automatically open files that are "safe". Google Images thumbnails are a "safe", so you can get this virus simply by browsing Google Images. (Apple is working on fixing this vunerability, and may have already done it by now.) The Mac version isn't nearly as hard to kill as the Windows one, but you need to already know how to do it. Because once you have it, you won't be able to Google for removal instructions without being redirected to some other malicious site. Mac's are getting to be a large enough market share that virus/trojan makers are begining to target them. The Mac file structures and OS do make it less vunerable to many types of attacks, but Mac users have been told that they are completely immune for so long that they are probably less paranoid and will fall for "human engineering" tricks to get them to authorize actions that can't be done secretly.
|
|
Lamron
Benevolent Dictator
Posts: 5,214
|
Post by Lamron on Jun 23, 2011 0:19:50 GMT -5
Here's a very quickly thrown together example of how many causual computer users can be fooled. Download this PDF file and click on it to read a short article I wrote on the subject. www.lamronsplayground.com/downloads/MemberList.PDFSorry, this example is for Windows users only.
|
|
RedRock
LPmember
Never ask what kind of computer a person uses--if it's a Mac, he'll say; if not, why embarrass him?
Posts: 4,968
|
Post by RedRock on Jun 23, 2011 15:59:39 GMT -5
Yes, I've had that Mac Defender thing thrown at me in other forums by Mac haters. But it has to be downloaded by the end user in the first place, who has to put in an authorization password (basically, run as "Administrator") to allow the download to happen, so I am not terribly upset at those few MacUsers who fall to that.
I'm currently running my Mac without virus software. I might need to think about considering looking into possibly ordering something in the near future that might help with viruses.
|
|
Lamron
Benevolent Dictator
Posts: 5,214
|
Post by Lamron on Jun 23, 2011 18:43:49 GMT -5
Its the same way with the "XP Internet Security 2012 Antivirus". Maj_@}{ole and I didn't magically get it while innocently sitting there minding our own business. We downloaded it, and then ran it as "Administrator" and gave it access to our computers. Anti-virus software didn't catch it because it wan't trying to secretly run itself, we started it manually. The user is the weak security link, and trojans are designed to exploit that.
|
|
Major_A
LPmember
Name's Ash. [cocks rifle] Housewares.
Posts: 1,378
|
Post by Major_A on Jun 23, 2011 22:12:41 GMT -5
The download you talking about is that a script in the webpage?
I thought mine hit me when I went to a web page and the script was ran on the page to run it.
I could have sworn I saw a flash of the get me outta here page but I could be wrong, it just happened so fast. I knew something went south when the page jumped the way it did.
|
|
RedRock
LPmember
Never ask what kind of computer a person uses--if it's a Mac, he'll say; if not, why embarrass him?
Posts: 4,968
|
Post by RedRock on Jun 24, 2011 12:10:44 GMT -5
Ah. A PEBKAC issue. Got it.
|
|
Major_A
LPmember
Name's Ash. [cocks rifle] Housewares.
Posts: 1,378
|
Post by Major_A on Jun 24, 2011 22:51:09 GMT -5
Major A and I didn't magically get it while innocently sitting there minding our own business. then let me it this was also...does that mean that something purposefully downloaded days or weeks before was a timed release of destruction? I'm asking because I only did 2 clicks in a google search and it did what it did.
|
|
Lamron
Benevolent Dictator
Posts: 5,214
|
Post by Lamron on Jun 25, 2011 2:50:06 GMT -5
It comes attached to something else. For example, lets say you want to update your video card drivers, so you do a search for "Nvidia Drivers". The webpage " www.nvidiadrivers.com" comes up in the search, so you go there and download the drivers from what you think is the manufacturer's webpage. (Real site: " www.nvidia.com") Everything looks legit, because they're ripping the HTML right off the original website, and you really do get the driver file you were looking for. So everything is fine as far as you can tell. But the file was actually a little bigger than it should have been, and it does wait for a while before it does anything. They can also do this if you happen when you misspell the site name, like " www.nividia.com" and accidently go to a fake site. Take a look at this: www.amazon.comI spent about 30 seconds making that page. If you have an Amazon account, you'll notice that the page read the cookies stored on your computer and greeted you by name at the top, and showed you real "Recently Viewed" and "Wishlist" items. With a bit more effort, I could use it to get your account info and add all sorts of malware to those product links. It can also be done on a webpage by popping up a fake update. For example, "Adobe Flash must be updated to display this content" or "Video codec must be updated for this video". Clicking on things like that can get you more than you bargained for! Somewhere in the last few weeks, you downloaded something that contained the trojan. Or maybe they've come up with a new, even sneakier way to infect you. Some parts of your computer are only vulnerable during boot-up, so if you usually use sleep mode it might not be unusual for you to go a few weeks without an actual restart.
|
|