RANT

[beemerdons]

A pox on all computer viruses? Is that an oxymoron?

Thank you for picking up on the double entendre. Old sheep dip missed it I notice.

I'm going to go riding now... the wife needs practice being a pillion.

Perhaps Shiny, just a little less time spent surfing for goat **** might solve your problem. Please consider cutting back goat *** activities to three hours, from your current 6 to 7 hour daily fix!!!

 

[k7lvo]

Mayor Ig - Don't do this abroad, as it may cause an international incident. :dribble:

One does not have to go international with this. In my case a 3 hour ride from my home and I'd be able to tranquilize dart, tag, and beat the crap out of our own domestic *******.

Hmmm,,, I've had a BUNCH of spam in the past week or so from folks I know with Hotmail addresses. It seems to be sent to their entire address list (whose addresses - as well as mine - are now re-spread to the bit-world). The entire body of the emial is a url, usually Russian. No, I have not clicked on any of them. Maybe this guy has a buddy???

 

[rushes]

Mayor Ig - Don't do this abroad, as it may cause an international incident. :dribble:

One does not have to go international with this. In my case a 3 hour ride from my home and I'd be able to tranquilize dart, tag, and beat the crap out of our own domestic *******.

Hmmm,,, I've had a BUNCH of spam in the past week or so from folks I know with Hotmail addresses. It seems to be sent to their entire address list (whose addresses - as well as mine - are now re-spread to the bit-world). The entire body of the emial is a url, usually Russian. No, I have not clicked on any of them. Maybe this guy has a buddy???

Sounds like Shiney should use protection while lookin at Russian goat ****??

:dntknw:

Dang...

What's this world cumin to....

 

[dustyrains]

Recently went through a cleansing operation on my wifey's PC. Kidlets get to use her box to surf kiddie sites (danger Will Robinson) and guess what? It was infected and basically useless for about 3 weeks as I tried several different methods to get it back. Nothing was working...it was a very sophisticated trojan that was DL'd (basically it did away with all the tools on the computer you would use to fix it with and did it in the registry...pretty neat actually) and I was staring reloading the OS in the face. Now I'd rather have a root canal w/o anesthetic if the truth be told. But I lucked out...as I was contemplating giving the PC its last rites, I stumbled on these guys.
Bookmark this site 'cause they really ARE some white knights of the IT world. They have a set of odd rules that must be followed and they use a pretty capable freeware tool to diagnose, but once you get someone to assist you, they'll carry you all the way to the goal line. Quite a group and free to boot. PC is running like a top today and the kiddies are banned.

Cheers,

W2

Thanks for that link. I am frequently called upon to clean up friends and relatives computers, and that site will certainly be helpful.

 

[ShinyPartsUp]

Um, a little late to the party, but the loss of Internet connection is the result of the FakeAV app setting up a proxy in your Internet browsers, pointing to itself on your own PC. Since it wasn't running, all that would have been needed is to remove the proxy setup in the browser.
However, the FakeAV installs a rootkit, which will eventually reinstall the fakeAV app. Unless your real AV is good at rootkits, it would have come back.

Combofix kills it, though. You still have to manually remove the fake proxy settings in your browser, but it's killed.

As for how it got there in the first place, its installer comes most often from a malformed web page or an ad, which may not even present itself on the screen. What it does do, however, is take anything you do and intercepts it, passing it to Windows as permission to install. That's why your real antivirus has no clue about it when it first appears. it goes to the OS as an app with full permissions to be installed.

Once installed, it intercepts anything you try to do and claims it's infected, you have to activate your scanner. Of course, there's the fraud. "Activating" does nothing but temporarily turn off the fake and let you have the computer back. Only costs you 50 bucks!

Its only weakness is that it takes a while to start once you log on to your desktop. You can use CTRL-ALT-DEL while the desktop is starting up and go ahead and start the Task Manager, Regedit, Internet Explorer, and a Windows Explorer window, none of which it will allow once it's running. It won't kill them once they're up, though, they work just fine. You can find the process in Task Manager and kill it, and you regain control of your PC, and since IE is open, you can go get Combofix and run it. Once Combofix has completed, which takes a while, your PC is back, as it was, with nothing missing except the rootkit which would re-install the thing.

Basically what I did. Once I got Norton Antivirus running (I know it isn't the best, but it is easy and 360 is cheap with multiple computers in the house) it took a while, but identified and wiped out the trojan. But the proxy settings were crapped on. It was a little beyond my current skill level as I've forgotten most of my old DOS stuff. Several restore points failed and VERY BAD ON ME, my last backup was older than I wanted to use -- thank God I didn't have to go there. Customer service at my ISP got me going in minutes after I figured out what was going on.

I'm not sure how I got the virus, but it may have been an email with picture and joke attachments from somebody I don't usually hear from. I will be hearing less from them going forward, as the emails will go unopened. Antivirus runs 24/7 including checking internet, emails, etc. This one slipped through. I'm sure it wasn't goat ****, as I only go to reputable sights for my 4-legged beauty fixes.

It was my first nasty virus on this computer since I bought it more than a year ago. Kids have their own PC's to screw up.

Thanks for the support to all. It seems my rant hit some nerves. On a good note, it helped get me and the wife out of the house and we had a fun ride to Florence via 38, and back by way of 126 to Eugene and home. Wife rode on the freeway for the first time and says she'll ride again another day!

 

[Bounce]

What others have said. Viruses have changed dramatically in the past 3 years. It's gone from hijacking your computer to send out spam to hiding in the background and snatching accounts and passwords (and even piggy backing transactions through your bank once you've logged in). Once it became big money the mobs and other international groups got involved and very able programmers starting making very sophisticated attacks. One type sits on your computer, recognizes when you've manually gotten past your bank security, and then shoots off 3 or 4 transaction just under the warning threshold before you log back out. Another embeds itself via scripting (think java, flash, and adobe acrobat), can disable your antivirus programs and lock you out of all actions except to go to their web site and pay for THEIR antivirus program (which only disables the attack they put there in the first place).

Several of the various exploits are known to send out TENS OF MILLIONS of additional attacks each day using each of the systems they compromised previously.

The only real protection is between your (and my) ears. Understand what it is you're doing. Disable enable scripting on your browser. Reconfigure the defaults on Acrobat Reader to disable external program execution and turn off scripting. Use a 3rd party PDF viewer (like FoxIT) until Adobe addresses the security problems they admit are in their software.

Then think twice about using web sites that want to run scripts to other sites, look at the status bar at the bottom of your browser when hovering over a link (before clicking on a link, know where it goes). DO NOT reply to spam e-mails. Turn off PREVIEW so that weaponized e-mails aren't launched automatically. Oh, and disable HTML e-mail (it should have been kept for web pages only like it was designed for). ASCII e-mail in/outbound also helps stop weaponized e-mails from attacking.

As for kids (and everyone actually) in any Windows system since NT, you can set up accounts for each person. USE IT. Set EVERYONE (even yourself) up with a login that had limited (User) rights. DO NOT use the system on a daily basis with Admin rights. By only using limited rights most stuff that tries to install itself will be blocked. You'll get a warning that you don't have rights to do that. Your response will be one of two things. You'll slap your forehead as you remember, log out, log in as Admin, install the software, log out and back in as yourself to continue computing. Otherwise you'll wonder what the hell just tried to install itself without asking and be thankful for the slight change of routine.

 

[GalaxyBlue]

All this windows talk, And not even ONE mention of ...

 

[ShinyPartsUp]

All this windows talk, And not even ONE mention of ...

We can't afford one of whatever you are talking about. Besides, in business, MS rules -- for better or worse.

 

[GalaxyBlue]

All this windows talk, And not even ONE mention of ...

We can't afford one of whatever you are talking about. Besides, in business, MS rules -- for better or worse.

Can you see this image in between the brackets? []

:lol:

 

[zephyrsix]

Down load Microsoft Security Essentials and run a full scan and all will be good. Bill loves all his PC's

 

[Barabus]

Second the Apple. According to MAC RUMORS there has never been a wide spread virus. Not sure about the why or how behind it, but viruses suck.

 

[beemerdons]

Second the Apple. According to MAC RUMORS there has never been a wide spread virus. Not sure about the why or how behind it, but viruses suck.

Amen Brothers Barabus and GalaxyBlue! I switched to an Apple MacBook Pro 17" on April 19 and it is the best $$$ move I have ever made. Screw Windows and the horse that Bill Gates rode in on.

My Company Metro Mechanical has asked me to come back on a part time basis with my old customers: McDonnell Douglas, Boeing, State of Arizona, etcetera. I told them my terms were no interference with my many motorcycle rides and I must be allowed to use my MAC! In three months of working with my Apple, there is nothing a MAC can't do for the Senior Project Manager of Metro Mechanical. Microsoft Inc. blows smoke up everybody's ***** about how they are essential for business, especially the hard money bid construction business. ********, Mac's do this work just fine!

 

[wfooshee]

Second the Apple. According to MAC RUMORS there has never been a wide spread virus. Not sure about the why or how behind it, but viruses suck.

That's odd . . . . . The very first easily spread personal computer viruses were on the Mac, back when things were still floppy-based, apps were installed from floppies, backups were made from floppies, there was no Internet, etc. I'm talking '80s, here.

The first thing a Mac did when you put a floppy in was read the boot sector and directory, so it could display the disk in the Finder. It also ran whatever code might have been found there. No simpler distribution method for malware had ever been developed. All you had to do was insert an infected floppy, and your system had it.

Of course, most of the folks at MAC RUMORS probably weren't born yet back then, so how would they know?

 

[johnny80s]

Right now Microsoft Security Essentials seems to be the best thing for AV. That can always change. We have good luck cleaning PCs with Malwarebytes and Superantispyware both of which are free. I will add Combofix to my tool box now.

As was said earlier the best protection is using your head and not going places that are sketchy or ordering viagra and helping Nigerian Princes who are temporarily strapped for cash. If you are that stupid get an ipad so you can't hurt yourself or others around you.

If you have kids using a computer lock it down and get webfiltering for your home. The best thing you can do is put the computer in your family room where you watch them use it. As an adult in your home or a professional in the work place always lock your computer when you leave it. That way people can't use when you are taking your morning dump or cleaning the bathrooms upstairs. They can both have dire consequences.

I use both Macs and PCs and prefer Mac but that is personal preference like Ford, Mopar or Chevy. Macs don't have viruses because they are two small of the market share. The more people buy them the more an attractive target Mas become.

So I leave you all with the parting gift. Tell every one you know that Macs suck and we will be virus free for many years to come. I am betting you will see more appliances with iOS on them in the future and less computers with Mac OS.

 

[Bounce]

Anyone acting as if Macs don't get attacked are kidding themselves. As was noted, the first Mac attacks were decades ago. As their market share has increased and they moved away from their proprietary OS to one based on Unix/Linux, the rate has increased. The difference is that Apple is very tight lipped about plugging holes while MS seems to be pretty transparent. MS does Microsoft Tuesday with more important stuff as needed in between. Apple does OS patches and upgrades without spelling out what each includes. Both have been known to drag their feet on plugging known, documented exploits until the people who discovered the weakness goes public after being ignored by the parent company for months.

As systems become increasingly complex they become decreasingly secure.

Security through obscurity isn't a valid business model.

 

[exskibum]

Perhaps Shiny, just a little less time spent surfing for goat **** might solve your problem. Please consider cutting back goat *** activities to three hours, from your current 6 to 7 hour daily fix!!!

Exactly what I thought, too, Don. Aren't goat **** sites known to be among the most infested websites -- viruses, trojans, worms, adware and spyware?

 

[SilverHound]

What's really disturbing to me is how easily you can get infected. Having cleaned/killed virus attacks on my kid's/wife's/neighbor's and sister in law's PCs I always warned and shamed them afterwards about visiting sites, clicking links, keeping their virus protection up to date and actually running it once in a while etc. Recently though I had to suck it up and admit that even with all my precautions my PC was hit too. I did a Google search to try and find out how to fix my kid's digital camera and when I clicked on the second link down I was sent to a webpage that froze up my computer and a Java installation applet opened up. I quickly shut down IE Explorer in the Task Manager but it was too late and I watched as the tray icon for Microsoft Security Essentials disappeared and a new AV shield icon appeared.

Fortunately I already had Malwarebytes installed on my PC so I shut down, rebooted in Safe Mode and ran the app. I had just updated the definitions a day before and it found nothing...I updated it again and BAM it found 8 nasties before even getting out of the registry check. Anyhow a full scan cleaned out the malware.

Seems though that these viruses are getting better and better at getting in and disabling any attempts to fix them...very troubling. :blink:

 

[wfooshee]

My experience is that Malwarebytes and SuperAntiSpyware will clean the installed app, but they don't find the rootkit that will bring it back in a few days. Get Combofix. The only legitimate sites for getting it are bleepingcomputer.com or forospyware.com (in Spanish.)

Happened on my PC Thursday night, too. I was watching a DVD movie, hadn't been on the web for several hours. When I closed the movie it started up with its messages and warnings. No idea still where it actually came from.

 

[johnny80s]

Security through obscurity isn't a valid business model.

Your secret identity has been revealed Mr. Gibson!

 

[Bounce]

[sNORK!]

but it's good to know at least two of us are staying current on the state of things.