G oog le BadWeB | Login/out | Topics | Search | Custodians | Register | Edit Profile Ads by Motorcycle.comMotorcycle InsuranceMotorcycle PartsMotorcycle Helmets Motorcycle Tires Buell Motorcycles

Author Message   Ft_bstrd Posted on Saturday, August 16, 2008 - 06:19 pm:        So I boot up this morning and get a great surprise, I have contracted the Antivirus XP 2008 fake anti-spyware spyware. It's a pain in the ass to deal with, but I have to admire it's execution. If you haven't seen it, it does these wonderful things: Replaces your wallpaper with an image of scanned viruses and a warning. Create a fake program in your program files called Antivirus XP 2008 Create a system tray icon for Antivirus XP 2008 that pops up every 30 seconds with a message that you computer is infected with 3842 (or some other such horrible number) viruses and that you should disinfect files as soon as possible. It will also create a pop-up listing all of the files and give you the option to close out and operate "unprotected" or continue with the scan. It then directs you to a fake software site that looks like it's from Microsoft and gives you the option to buy the basic or advanced programs. This is merely an opportunity for them to directly steal your credit card information. If you don't act on your computer, they have even entered a screen saver that looks just like a blue screen error message regarding changing your BIOS settings, etc., etc., etc. It even interferes with Google searches to give you a message that they "Can't let you in. Your PC is infected." I'm having a really great time getting rid of it. Get laid computer nerd and maybe you won't feel the need to create crap like this.   Guell Posted on Saturday, August 16, 2008 - 06:24 pm:        No more internet Porn for you Fat. Try Malwarbytes Anti malware, ive read that will take care of it supposedly. If you need me to download it and email it i can. (Message edited by guell on August 16, 2008)   Ft_bstrd Posted on Saturday, August 16, 2008 - 06:29 pm:        I think it was my 473rd viewing of two chicks, one cup that did it. Downloading malwarebytes as we speak. Lucky for me Microsoft installed the Malicious Software Removal Tool earlier this month. I feel safer already.   Rah7777777 Posted on Saturday, August 16, 2008 - 07:38 pm:        Odie over at special ops was hit by that same one last week. He said it was a pain. I say we find that little computer nerd and hang his XXXXX XXX! just my thoughts   Dynasport Posted on Saturday, August 16, 2008 - 07:41 pm:        I love my Mac.   Ft_bstrd Posted on Saturday, August 16, 2008 - 08:03 pm:        Got it cleared off. That's the most in your face virus I've seen. Most are comfortable slinking around the background. This thing was running a full on frontal attack.   Firebolt020283 Posted on Saturday, August 16, 2008 - 08:06 pm:        dynasport im with you i love my mac and the fact that i do not have to worry about that mess.   Reepicheep Posted on Saturday, August 16, 2008 - 08:10 pm:        There is a zero day exploit out there right now, I am expecting a nightmare at work soon (as all these infected machines start stealing customers passwords). https://www.sans.org/newsletters/risk/display.php? v=7&i=33 Its not just nerds needing attention now, its plain and simple greedy bastards (not known if they are fat or not). Probably a lot of it run by organized crime... strictly professionals now. Thats why they are so good, and go straight for the money (the credit cards and passwords). Windows seems to want to collapse under it's own weight after about a year of entropy anyway, so rebuilding from scratch may have other benefits. If you have a machine that really is just a "thin client" internet browser, *strongly* consider something like this: http://www.ubuntu.com/ We are running it on "the kitchen laptop" now, and it passes the "wife test", where she could care less about technology, and just wants to get on the internet. Runs great on a $400 laptop, or whatever old machine you have around. A core precept now of defense in depth is that you *never* surf the web on machine that is also a web server. Otherwise you could pick up a virus, it infects your server content, and you become a distributor. Its just a little further (and just as reasonable) to say you have a dedicated "web surfing" machine that is a dedicated web surfer. Get an infection? Rebuild from the CDRom and be back up and running with a clean slate in an hour. Especially if you are going to be going to "those sites". Kinda like going to a bad neighborhood to buy drugs... don't be surprised if your car stereo gets stolen in the process... Macs have not been a target, but they have been getting a reputation of late of having a pretty lousy track record of getting patches out in a timely fashion. Even patches they didn't have to write, ones that are for their open source components. Getting that reputation is going to get them attention... right now people don't bother because there are 10 PC's for every Mac. But once you get the reputation as a soft target, they will be all over you like flies on &^%&. So the "security honeymoon" for OSX is about to be over. That being said, OSX has a sane underlying infrasctruture that can actually be secured, unlike Vista or Windows, so if Apple gets their act together it *will* be more secure. But I digress   Dummkauf Posted on Saturday, August 16, 2008 - 08:22 pm:        I know everyone hates it when I say this but probably the best defense you have against viruses/spyware/trojans/etc... is to simply create a second user account on your pc that is only a "limited user" and use this account for your day to day use of the pc(email, web/porn surfing, downloading malicious files, etc...). This will stop probably 99% of the crap out there from ever infecting your PC. True it may be a pain to have to log out and log in as Administrator to install anything, but how often are actually installing software anyway(if the answer is a lot, then that's probably the reason you have the virus in the first place ) I have been running like this forever and I have never used antivirus and I don't think I've had to remove a virus or anything else from my PC in years, and this is also with my girlfriend using my computers as well. Note that I don't condone not using antivirus, I work in IT and am able to fix my own system if I were to get infected, for the common user I STRONGLY recommend it no matter what!   Doon Posted on Saturday, August 16, 2008 - 08:42 pm:        I run all of my computers regardless of OS(I run FreeBSD,Ubunut,MacOSX primarily) as limited or non admin/root users. I've never had a problem. Heck I've never gotten a virus yet (Not sure how I've been so lucky) and I've been using computers for 24 years now (dang I getting old)   Guell Posted on Saturday, August 16, 2008 - 10:17 pm:        Fat, did that work? I had seen that odie had it and did some reading up on it, thats why i recomended that program.   Ft_bstrd Posted on Saturday, August 16, 2008 - 10:40 pm:        Yep. Like penicillin. My HO tech guy recommended it also. Said it cleared it up for the other cases they had.   Lost_in_ohio Posted on Saturday, August 16, 2008 - 10:54 pm:        I got that program. It came thru as an msnbc update. You need to edit your registry to get ride of it. and then delete the programs by hand here is what I did. Now the program numbers were different but it worked. XP or Vista Antivirus 2008 Descriptions: XP Antivirus 2008, or Vista Antivirus 2008, or Antivirus XP 2008, is one of the latest counterfeit antispyware that devastates the wolrd wide web. XP Antivirus 2008 usually come up after you installed a video codec or software patch that come with Trojan, malware and virus. XP Antivirus 2008 normally generates fake and misleading system popup error messages so end-users will be tricked into purchase XP Antivirus 2008, Antivirus 2008 or Vista Antivirus It is very important to remove all the components of of the XP Antivirus 2008 and all the malware and trojans that it might have come bundle with (such as zlob.trojan, trojan.vundo and Trojan.Downloader). To effectively remove XP Antivirus 2008, we have created a manual removal instructions which is easy to understand. As always, make sure you back up the data before proceeding. Good luck! Manual XP Antivirus 2008 Removal Instructions: Unregister XP Antivirus 2008 DLL Files: (Learn how to do this) %ProgramFiles%\[RANDOM NAME]\MFC71.dll %ProgramFiles%\[RANDOM NAME]\MFC71ENU.DLL %ProgramFiles%\[RANDOM NAME]\msvcp71.dll %ProgramFiles%\[RANDOM NAME]\msvcr71.dll %ProgramFiles%\[RANDOM NAME]\shlwapi.dll %ProgramFiles%\[RANDOM NAME]\wininet.dll Stop XP Antivirus 2008 Processes: (Learn how to do this) vav.exe XPAntivirus.exe XPAntivirusUpdate.exe xpa.exe xpa2008.exe Find and Delete these XP Antivirus 2008: (Learn how to do this) xpa.exe vav.exe xpa2008.exe xpa_2008.exe XPAntivirus.exe XPAntivirusUpdate.exe XPAntivirus.lnk Uninstall XPAntivirus.lnk XPAntivirus on the Web.lnk XP Antivirus 2008.lnk Uninstall XP Antivirus 2008.lnk %ProgramFiles%\[RANDOM NAME]\MFC71.dll %ProgramFiles%\[RANDOM NAME]\MFC71ENU.DLL %ProgramFiles%\[RANDOM NAME]\msvcp71.dll %ProgramFiles%\[RANDOM NAME]\msvcr71.dll %ProgramFiles%\[RANDOM NAME]\shlwapi.dll %ProgramFiles%\[RANDOM NAME]\wininet.dll %program_files%\rhc7nsj0e57c\mfc71.dll %program_files%\rhc7nsj0e57c\mfc71enu.dll %program_files%\rhc7nsj0e57c\msvcp71.dll antivirusxp2008installer.exe rhc7nsj0e57c.exe %common_desktopdirectory%\antivirus xp 2008.lnk %common_programs%\antivirus xp 2008.lnk %common_programs%\antivirus xp 2008\antivirus xp 2008.lnk %common_programs%\antivirus xp 2008\how to register antivirus xp 2008.lnk %common_programs%\antivirus xp 2008\license agreement.lnk %common_programs%\antivirus xp 2008\register antivirus xp 2008.lnk %common_programs%\antivirus xp 2008\uninstall.lnk %profile%\application data\microsoft\internet explorer\quick launch\antivirus xp 2008.lnk %program_files%\rhc7nsj0e57c\database.dat %program_files%\rhc7nsj0e57c\license.txt %program_files%\rhc7nsj0e57c\uninstall.exe %program_files%\rhc7nsj0e57c\msvcr71.dll %program_files%\rhc7nsj0e57c\rhc7nsj0e57c.exe %program_files%\rhc7nsj0e57c\rhc7nsj0e57c.exe.loca l antivirusxp2008installer.exe %program_files%\rhc7nsj0e57c\uninstall.exe %program_files%\rhc7nsj0e57c\rhc7nsj0e57c.exe %program_files%\rhc7nsj0e57c\mfc71.dll %program_files%\rhc7nsj0e57c\msvcr71.dll %program_files%\rhc7nsj0e57c\msvcp71.dll %program_files%\rhc7nsj0e57c\mfc71enu.dll Remove XP Antivirus 2008 Registry Values: (Learn how to do this) HKEY_USERS\Software\XP antivirus HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run smrhc7nsj0e57c HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\rhc7nsj0e57c HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\rhc7nsj0e57c displayname HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\rhc7nsj0e57c uninstallstring HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c advid HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c automaticallyupdates HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c backgroundscan HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c backgroundscantimeout HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c databaseversion HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c daysinterval HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c domain HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c engineversion HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c guiversion HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c installdir HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c minimizeonstart HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c programversion HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c proxyname HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c proxyport HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c registrationdiscurl HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run smrhc7nsj0e57c HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c registrationurl HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c scandepth HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c scanpriority HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c scansystemonstartup HKEY_LOCAL_MACHINE\software\rhc7nsj0e57c softid   Lost_in_ohio Posted on Saturday, August 16, 2008 - 10:55 pm:        Ya it was about 2 hours of screwing around.   Cityxslicker Posted on Sunday, August 17, 2008 - 02:53 pm:        I am not excited that Microsoft and Ford have combined to make 'synergistic' vehicle electronic components. I am now and forever done with Ford. I do not ever what to have to 'reboot' my vehicle due to the blue screen of death.   Kyri Posted on Sunday, August 17, 2008 - 03:21 pm:        I use Avast antivirus, which is a freeware program. Avast found it and removed it from my daughter's machine with no problems. The home version is free- have used it for several years- catches everything, and uses minimal system resources. Not like McAffe or Norton. http://www.avast.com   Ft_bstrd Posted on Sunday, August 17, 2008 - 03:23 pm:        If you want to see what Microsoft looks like in the hardware business, look at the XBOX 360. I'm on my 5th.   Jettdawg Posted on Sunday, August 17, 2008 - 05:49 pm:        "I do not ever what to have to 'reboot' my vehicle due to the blue screen of death." Wouldn't THAT be something... BSOD in your CAR! LOL   Barker Posted on Sunday, August 17, 2008 - 08:33 pm:          Ft_bstrd Posted on Sunday, August 17, 2008 - 08:35 pm:          Barker Posted on Sunday, August 17, 2008 - 09:03 pm:        touche. and for those of us who remember macs before OSX.   Froggy Posted on Sunday, August 17, 2008 - 10:24 pm:        My personal fav:   Buellinachinashop Posted on Sunday, August 17, 2008 - 11:09 pm:        "I think it was my 473rd viewing of two chicks, one cup that did it." Pics?   Froggy Posted on Sunday, August 17, 2008 - 11:25 pm:        Your not serious are you? Incase if you are: NSFW!! Actually wait till Buelltoberfest to watch it, half the fun is seeing your reaction. http://video.google.com/videoplay?docid=-169960435 7062757768&q=2girls1cup&total=11360&start=0&num=10 0&so=1&type=search&plindex=31   Buellinachinashop Posted on Sunday, August 17, 2008 - 11:31 pm:        I don't feel well and I'll never eat another ice cream cone again.   Ft_bstrd Posted on Monday, August 18, 2008 - 12:35 am:        I have purposefully never watched it. I don't need that running around in my head thanks. I still have far too many Happy Days episodes in there.   Cruisin Posted on Monday, August 18, 2008 - 12:27 pm:        Ft_bstrd - I remember seeing that before - just the funniest damn thing I have ever seen, and so true sometimes...   Thumper74 Posted on Monday, August 18, 2008 - 01:07 pm:        I got an e-mail that looked EXACTLY like a Paypal e-mail asking me to log in to re-confirm my information, the link directs you to www.pypal.com with a long suffix of directories on the end, but www.pypal.com is a wrinkle treatment product's website.   Buellinachinashop Posted on Monday, August 18, 2008 - 01:54 pm:        "I still have far too many Happy Days episodes in there." Are you kidding me?? You know how many socks I've ruined because of Erin Moran?   Chopped58 Posted on Monday, August 18, 2008 - 02:24 pm:        Stupid question from a pc dummy.....I downloaded avast (I got that stupid virus too) it scanned, said I had some viruses, put them in a "chest", now how do I know that the XP anti virus bug is out of my system? Is it considered a virus or spy/ad/mal ware? Do I need a program specific to this bug?