| View previous topic :: View next topic |
| Author |
Message |
rearden
Pileated woodpecker
Joined: May 10, 2005
Posts: 196
|
 Posted: Fri Dec 30, 2005 1:42 pm Post subject: NASTY new Windows exploit - look out for this one! |
 |
|
http://forums.myispfinder.org/showthread.php?t=42247&page=1&pp=15
There's a new exploit out there that can infect Windows-based systems. Under IE or pre-1.5 Firefox, all you need to do is visit an affected web page. With FF 1.5, you are prompted to download a graphic file and will be infected if you choose Yes.
I got burned by this one when I was using a friend's computer a few days ago, before this exploit hit the mainstream media. I visited se ri al s.ws (DO NOT GO THERE IF YOU USE WINDOWS!!!!) in search of a replacement serial number.. Next thing I knew the web browser went nuts, a DOS box opened, and a system tray popup alerted me that I should download "Spy Sheriff". Shortly thereafter, it screwed with the desktop and brought the system to a crawl. I tried to install a few virus scanners, and immediately after installing them the trojan would run a system restore and wipe it out! I managed to get several virus and spyware scanners on there, manually deleted a bunch of files (including one text file it had made consisting of every e-mail address in the address book!), and ran them till they found nothing. But the computer STILL ran like crap. I ended up reformatting and reinstalling.
Be careful out there.. Avoid porn, warez, and other shady sites until MS gets around to patching this mess. |
|
| Back to top |
|
Jonny
Velociraptor
Joined: Feb 10, 2005
Posts: 462
Location: London, UK
|
| Posted: Sat Dec 31, 2005 9:26 am Post subject: |
|
|
Wow dodgy, thanks for the warning
/runs off to install Firefox 1.5
This is particularly scary since you mentioned it run System Restore. I tend to rely on System Restore to clear our viruses its often easier to do that than running a full virus scan. |
|
| Back to top |
|
Pikachu
CB operator, Callsign 26-TM-082
![]()
Joined: Mar 25, 2005
Age: 26
Posts: 1513
Location: On top of a hill next to a golf course (0 golf balls have broken the back windows on the house)
|
| Posted: Sat Dec 31, 2005 5:20 pm Post subject: |
|
|
I'm glad I use Linux, oh wait, my fiancee uses windows, i'll tell her to be careful before it is too late (she won't have a clue what's going on if her system gets it, and she would probably say yes to the download as I have found lots of junk on her system which backs up that theory, i just need to remember which version of firefox i installed on to it)
_________________
26, Aspie, living in North Yorkshire, UK, home to his 2 computers and server, coolblue, lappy, and xana 
-----------------
10-4 Good buddy |
|
| Back to top |
|
CDRhom
Deinonychus
Joined: Nov 06, 2005
Posts: 341
Location: DFW, TX
|
| Posted: Sun Jan 01, 2006 5:09 pm Post subject: |
|
|
You don't have to use windows to run the IE or Firefox internet browsers.
Fortunately I use Opera at home. Unfortunately my lab uses IE and Firefox. I wonder why the virus designers exempted Netscape?
_________________
'The question of whether computers can think is like the question of whether submarines can swim.' - Edsgar Dijkstra |
|
| Back to top |
|
Jonny
Velociraptor
Joined: Feb 10, 2005
Posts: 462
Location: London, UK
|
| Posted: Mon Jan 02, 2006 6:50 pm Post subject: |
|
|
Patch up guys
http://www.grc.com/sn/notes-020.htm
Although i cant guarantee this is actually a fix. I have installed it though. MS just need to get off their asses ! |
|
| Back to top |
|
MindOfOrderedChaos
Phoenix
Joined: Sep 27, 2005
Posts: 732
Location: New Zealand
|
| Posted: Mon Jan 02, 2006 9:43 pm Post subject: |
|
|
| People still use Netscape? |
|
| Back to top |
|
Jonny
Velociraptor
Joined: Feb 10, 2005
Posts: 462
Location: London, UK
|
|
| Back to top |
|
Pikachu
CB operator, Callsign 26-TM-082
![]()
Joined: Mar 25, 2005
Age: 26
Posts: 1513
Location: On top of a hill next to a golf course (0 golf balls have broken the back windows on the house)
|
| Posted: Fri Jan 06, 2006 6:40 pm Post subject: |
|
|
| CDRhom wrote: | You don't have to use windows to run the IE or Firefox internet browsers.
Fortunately I use Opera at home. Unfortunately my lab uses IE and Firefox. I wonder why the virus designers exempted Netscape? |
True but reading the warning gives anyone the impression that this vunerability will fully execute on a windows system
_________________
26, Aspie, living in North Yorkshire, UK, home to his 2 computers and server, coolblue, lappy, and xana
-----------------
10-4 Good buddy |
|
| Back to top |
|
BeeBee
Phoenix
Joined: Apr 01, 2005
Posts: 2257
Location: Upper Midwest, USA
|
| Posted: Sun Jan 08, 2006 4:20 pm Post subject: |
|
|
My home computer got hit with this. First thing i tried was system restore but it won't let you select a date before infection.
Any suggestions before I pay some computer geek money to help me?
Please make suggestions in non-techincal terms!
BeeBee |
|
| Back to top |
|
ghotistix
Phoenix
Joined: Feb 03, 2005
Posts: 1186
Location: Massachusetts
|
| Posted: Mon Jan 09, 2006 3:13 am Post subject: |
|
|
| If you can get on the Internet, download and install AVG Free, then run a scan. They're pretty good about having up-to-date virus definitions, so hopefully it'll be able to find the problem. After that, run Windows Update and reboot. |
|
| Back to top |
|
violentcloud
Hyphenophile
Joined: Dec 10, 2005
Posts: 1808
Location: Cambridge
|
| Posted: Mon Jan 09, 2006 3:18 am Post subject: |
|
|
I love OS X
_________________
- Everything I ever did, I did because nobody knew how to stop me- |
|
| Back to top |
|
BeeBee
Phoenix
Joined: Apr 01, 2005
Posts: 2257
Location: Upper Midwest, USA
|
| Posted: Mon Jan 09, 2006 4:33 pm Post subject: |
|
|
Thanks, ghotistix.
My son is running AVG now and he says it seems to be finding all the %#*.
BeeBee |
|
| Back to top |
|
Bateau
Yellow-bellied Woodpecker
Joined: Aug 23, 2005
Posts: 74
|
| Posted: Thu Feb 02, 2006 3:53 am Post subject: |
|
|
having dealt with a few cases of this now, I would recomend downloading and patching AdAware, and getting current versions of HiJack This and Look2me fix (often labeled l2mfix)
pull the comptuer off the net (physicially remove the network cord/modem cable)
go into safe mode, run ad-aware, reboot into normal mode, run it again, then run hijack this, come back, and post a log (you can find plenty of tutorials on how to do this) Most anyone here who has donemuch malware removal can instruct you on how to proceed, the l2mefix was needed on most of the infected machines I dealt with, but bestnot to use unless sure. |
|
| Back to top |
|
|
