G oog le BadWeB | Login/out | Topics | Search | Custodians | Register | Edit Profile

Buell Forum » Quick Board Archives » Archive through January 01, 2008 » Virus on BadWeB - can someone advise please. « Previous Next »

Author Message
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 07:16 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

In the 'Wow check this forum out' I've put up some info regarding a virus I caught a few minutes ago before putting up this thread. DON'T ATTEMPT TO OPEN THE LINK IN THE THREAD would be my advice. I'm a computer nerd. Should I, or do I need to do anything? I will do a full Symantec scan whilst I'm out this afternoon. Any help advice appreciated thanks.

Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Ulywife
Posted on Saturday, December 22, 2007 - 08:00 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Thanks Rocket - in the interest of being overly cautious, I've moved the post so no one else can open the link and possibly infect their computer.



(Message edited by Ulywife on December 22, 2007)
Top of pagePrevious messageNext messageBottom of page Link to this message

Mr_grumpy
Posted on Saturday, December 22, 2007 - 06:53 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I get a blank page off that link.
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 07:03 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

WARNING DON'T OPEN THE LINK

Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 07:04 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)


1


Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketsprink
Posted on Saturday, December 22, 2007 - 07:05 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Why not Rocket? A virus or something? But I will take your advice on that one.
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 07:05 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)


2


Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketsprink
Posted on Saturday, December 22, 2007 - 07:06 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Yep. I see that now.
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 07:06 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)


3


Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 07:07 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)


4


Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 07:11 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Can someone tell me anything about the 3rd one down? The infected file? Do I need to do anything / something? I am a computer nerd.

Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Natexlh1000
Posted on Saturday, December 22, 2007 - 07:37 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I didn't get any of that crap when I clicked on the link.
Is it only a internet explorer thing?
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 08:17 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

That's a technical question for me to answer, and yes I do use Explorer.

Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Saturday, December 22, 2007 - 10:18 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Can you try and get more information from your AV software? It should have a specific identifier for the vector... "downloader" is just a class of malware, if you can find out the specific species of this bug I can dig it up and see what you are into.

Explorer is far more vulnerable to malware then firefox.

Make sure your windows system is always up to date with the latest patches. Malware almost always has to exploit a security flaw to install itself, and the patches are usually out before the malware can become wide spread. So as a general rule, if you are aggressively patching your system (start->control panel->Windows Update), you will be far safer.

You can throw another piece of anti-virus at it as well. I started using AVG because it was free, I kept using it because it was better. http://free.grisoft.com

Addaware also has a free download... you can run that as well.

Its a good news bad news thing. If you antivirus / antimalware software caught it, you are probably fine, and you didn't really need to know. If it didn't, you don't know you got it, and you aren't fine.

I also highly recommend k9 web protection.

http://www1.k9webprotection.com/

Get it to know what your kids are up to, and to prevent yourself from being slimed (you can over ride it when you want to do so, but it will otherwise filter content based on your configured settings). Thats why I got it. But as I looked through the logs for what the kids were up to, I found it was doing an outstanding job of blocking the sites that malware and spyware get served up from.
Top of pagePrevious messageNext messageBottom of page Link to this message

Sgthigg
Posted on Saturday, December 22, 2007 - 10:41 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

What?? Holy Crap!

I did that post. I copied the link right from my internet browser. There shouldnt be a problem. It is a link to a motorcycle forum in Japan. I have been on it many times and have had no problems. I also run virus protection at all times.
I sincerely apologize if it caused any problems for anyone.

The forum was bashing americans and I wanted to show how twisted people are. I guess that one blew up on me.

(Message edited by sgthigg on December 22, 2007)
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Saturday, December 22, 2007 - 11:59 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Sgt Higg, no worries. You weren't to know, and I think I'm ok.

Bill, the concern I have is the third thingy down that says I'm 'infected' and quarantine was only partially successful.

Please advise me on how to find "a specific identifier for the vector" and I'll do my best. Until this morning I'd never seen the 'Auto Protect' window. Didn't know I had one either. To me a computer is a glorified typewriter with some clever stuff on top

Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Saturday, December 22, 2007 - 04:37 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I don't know what software that is...

You are probably fine. If it knew bad things were happening, it would have told you.

It would not hurt to install avgfree (link in my above post), get the latest updates, and do a full system scan. If there is a problem, that will find it. If not, then you will have a trustworthy second opinion that everything is fine.
Top of pagePrevious messageNext messageBottom of page Link to this message

Brinnutz
Posted on Saturday, December 22, 2007 - 05:21 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Rocket,
Download AVG Anti-Virus from Grisoft...Just get the FreeVersion, and run it...

Otherwise, head over hardforum.com and join, someone over there MIGHT be able to help out..

It's a computer nerd mecca over there bro..


Edit:
Rocket,
Give use the full file name of the infected file, as well as the full location..I'll do some research on it.

(Message edited by brinnutz on December 22, 2007)
Top of pagePrevious messageNext messageBottom of page Link to this message

Mr_grumpy
Posted on Sunday, December 23, 2007 - 12:11 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Sean, I ran a full antivirus check after seeing your post & I got nothing.
I'm using Avast free antivirus software, it usually tells me if it picks up an infection & quarantines it automatically.
Free download from Avast for home use.
Top of pagePrevious messageNext messageBottom of page Link to this message

Xb12rene
Posted on Sunday, December 23, 2007 - 03:28 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

It looks like the files were/are in your local "temp" or "temp internet" folder. Use the cleanup feature from the IE or a program like "ccleaner" to remove the files. After that run a full virus scan and an ad-ware, spyware scan. Normally there should be no more infection, if yes delete the offending files manually.

Consider to use a script blocker with your browser to prevent future attacks. I use Firefox with the "noscript" add-on. I don't know about IE, because I don't use it.

Hope that helps
Rene
Top of pagePrevious messageNext messageBottom of page Link to this message

Pwnzor
Posted on Sunday, December 23, 2007 - 04:52 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

I thought "computer nerds" knew how to:

a) not get
b) deal with

viruses...

reboot your computer in safe mode (hold F8 while rebooting)

Make sure you select the option with no networking. You don't want any access to or from the outside while you're ridding yourself of pests.

Run your virus scan software, I recommend AVG also.

Oh.... by the way... use the "Prt Scr" key to save an image of your desktop, no need to use a camera.

(Message edited by pwnzor on December 23, 2007)
Top of pagePrevious messageNext messageBottom of page Link to this message

Rocketman
Posted on Monday, December 24, 2007 - 08:36 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Downloaded the AVG, scanned using that and the Symantec. I think all is ok. Thanks all.

Ah hum, the "Prt Scr" thing. My 14 year old daughter was looking at my camera work in this thread, and she sez "Dad, why don't you just press............"

Thanks again peeps.

Rocket
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Monday, December 24, 2007 - 09:49 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Sounds like you are fine. Make sure you are letting Windows XP automatically update and install patches. That will include the "genuine windows" patches, which send a *lot* of information back to Microsoft (cpu serial number, ip addres, windows license information).
Top of pagePrevious messageNext messageBottom of page Link to this message

Court
Posted on Monday, December 24, 2007 - 10:54 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

>>>>Sounds like you are fine.

A rather broad and sweeping statement you may well come to regret. . . .

: )
Top of pagePrevious messageNext messageBottom of page Link to this message

Jaimec
Posted on Monday, December 24, 2007 - 04:35 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only) Ban Poster IP (Custodian/Admin only)

Yeah, you never know WHAT kinds of bugs you can pick up.
Bug
« Previous Next »

Add Your Message Here
Post:
Bold text Italics Underline Create a hyperlink Insert a clipart image

Username: Posting Information:
This is a private posting area. Only registered users and custodians may post messages here.
Password:
Options: Post as "Anonymous" (Valid reason required. Abusers will be exposed. If unsure, ask.)
Enable HTML code in message
Automatically activate URLs in message
Action:

Topics | Last Day | Tree View | Search | User List | Help/Instructions | Rules | Program Credits Administration