Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:

Regularly scheduled events

Out of the Blue

A reader sent along a note yesterday to warn me his machine picked up a virus infection from a page on CVG after following a link to there from here. I was skeptical this was the case on such a major site, so I visited the page to see what was up. A couple of minutes later I got an antivirus pop-up that started scanning, saying I was infected with a virus, except this was not actually from my AV software. I killed this with the task manager, and removed the infection using Malwarebytes, and restored my system from earlier in the day. I got some weird responses from my antivirus software, and the infection recurred, so I realized the AV software got hijacked along the way, and I repeated that procedure adding an uninstall and reinstall to the checklist, which seems to have cleared things up, ending my tale of woe.

You hear stories about being able to get a virus payload from visiting a page and not even clicking links, but I never knew anyone who actually experienced that (until now), with the weird part being I must have visited the site to post the link in the first place, without incident. Anyway, I notified CVG about the problem, and can only hope that not many of you were impacted by this, and if you were, you managed to clear things up without having to do anything drastic.

R.I.P.: Marvin Isley, Isley Brothers Bass Guitarist. Thanks Mike Martinez.
R.I.P.: Jack Harrison, the last survivor of The Great Escape dies at 97. Thanks Joker961.

Links: Thanks Ant and Mike Martinez and Acleacius.
Play: R-Type: Stage 01.
The Spline.
Kill The Weeds. Thanks Javier.
Links: This Is Pete Rose's Corked Bat. Thanks nin via Dubious Quality.
6 Companies That Make Money Solving Problems (They Made Up). Thanks Joker961.
The Most Expensive and the Coolest Home Theatre in the World. Thanks Digg.
Stories: Lost WWII battlefield found - war dead included. Thanks Joker961.
Banks Paying Colleges For Students Who Rack Up Credit Card Debt.
Dogfish Head Unveils Miles Davis-Inspired Beer, Bitches Brew.
Science: Do aliens live on a Saturn moon? Thanks Kxmode.
Heart attack admissions fall after smoking ban.
Crocodiles Can Surf Across Oceans, Scientists Say.
Images: The Women of Steampunk 2010.
Meet the Tiger Dog- Chinese owners dye pets to look like wild animals.
Camping Newbies Are Always Easy To Spot.
Media: You Became A Meme.
Follow-up: Ocean Saratoga: Another Oil Spill In The Gulf? Coast Guard Investigates.

View
34 Replies. 2 pages. Viewing page 1.
< Newer [ 1 2 ] Older >

34. Re: Out of the Blue Jun 10, 2010, 08:57 Verno
 
That wasn't me Ant, that was Creston. You have your quotes messed up. Although I do agree with Creston that major parts of the computer security industry are self-sustaining in many ways and not altogether healthy.

Also, wheres the demo?!
 
Avatar 51617
 
Playing: South Park, Dark Souls 2
Watching: Enemy, Network, Wer
Reply Quote Edit Delete Report
 
33. Re: Out of the Blue Jun 10, 2010, 08:41 Ant
 
Creston wrote on Jun 9, 2010, 17:13:
ForgedReality wrote on Jun 9, 2010, 16:07:
Verno wrote on Jun 9, 2010, 16:00:
90+% of all virusses come straight from Symantec and their ilk.
That's a lie/myth. Show us hard evidences as proofs.
 
Avatar 1957
 
Ant @ The Ant Farm: http://antfarm.ma.cx and Ant's Quality Foraged Links: http://aqfl.net ...
Reply Quote Edit Delete Report
 
32. Re: Out of the Blue Jun 10, 2010, 08:23 Verno
 
Out of the hundreds of machines I've fixed, only a few have been the "HEY BUY THIS!" scareware variety. Most of them are either "we're gunna see how badly we can fuck your machine up before you reformat" or "hey, pal, I'm just gunna hide here in the shadows and try to remain undetected for as long as possible while I pass on your personal information to our skilled team of thieves, mkay?" kinds of malware.

Sounds pretty vague and general to me. Have you ever actually done the things you say or are you just one of those people who runs Malwarebytes once and thinks that they know what the score is? Hundreds of machines? Ahh yes, another internet tech guy. Also my earlier point was that you were acting creepy and should probably stop while you're behind.
 
Avatar 51617
 
Playing: South Park, Dark Souls 2
Watching: Enemy, Network, Wer
Reply Quote Edit Delete Report
 
31. Re: Out of the Blue Jun 10, 2010, 02:54 ForgedReality
 
Creston wrote on Jun 9, 2010, 17:13:
ForgedReality wrote on Jun 9, 2010, 16:07:
Verno wrote on Jun 9, 2010, 16:00:
This is the uncomfortable conversation point where everyone avoids making eye contact with you, in case you were wondering.
I was only half joking.

You realize that the biggest reason virusses (virii?) are still being written is so that the people writing them can SELL you anti-virus software, right?

90+% of all virusses come straight from Symantec and their ilk.

Creston
The majority of the ones I run into don't pose any kind of sales pitch whatsoever. They are just there to fuck your PC up because virus writers think it's "fun" to cause havoc and think they're badass "h4x0rz."

Out of the hundreds of machines I've fixed, only a few have been the "HEY BUY THIS!" scareware variety. Most of them are either "we're gunna see how badly we can fuck your machine up before you reformat" or "hey, pal, I'm just gunna hide here in the shadows and try to remain undetected for as long as possible while I pass on your personal information to our skilled team of thieves, mkay?" kinds of malware.

Virii are getting more sophisticated, but only the most recent ones I've seen are ransomware/scareware/fake-virus-alert-ware, whatever you wanna call it. It seems far more common that they're out to steal passwords and whatnot. Just based on my observations, I'd hardly call the ransomware variety of infection "90+%," and I've removed quite a lot of them. But that might just be dumb luck, I suppose.
 
Avatar 55267
 
Reply Quote Edit Delete Report
 
30. Re: Out of the Blue, Science from Tabloids?! Jun 9, 2010, 23:35 Cefu
 
Um... What's happening to the Science section? Since when does Blue's News include links to tabloid (Daily Mail) articles in this section?  
Reply Quote Edit Delete Report
 
29. Re: Out of the Blue Jun 9, 2010, 19:55 Stormsinger
 
On a happier note, the "Women of Steampunk 2010" couldn't be more accurately titled and captioned. "Breath-Taking Ladies of Steampunk World's Fair 2010" and "The women of Steampunk World's Fair 2010 were an intoxicating mixture of loveliness, mystery and style".

Indeed, a remarkable collection of young ladies and costumes. I guess Steampunk's got a wider audience than I ever guessed.
 
Reply Quote Edit Delete Report
 
28. Re: Out of the Blue Jun 9, 2010, 17:13 Creston
 
ForgedReality wrote on Jun 9, 2010, 16:07:
Verno wrote on Jun 9, 2010, 16:00:
This is the uncomfortable conversation point where everyone avoids making eye contact with you, in case you were wondering.
I was only half joking.

You realize that the biggest reason virusses (virii?) are still being written is so that the people writing them can SELL you anti-virus software, right?

90+% of all virusses come straight from Symantec and their ilk.

Creston
 
Avatar 15604
 
Reply Quote Edit Delete Report
 
27. Re: Out of the Blue Jun 9, 2010, 16:07 ForgedReality
 
Verno wrote on Jun 9, 2010, 16:00:
This is the uncomfortable conversation point where everyone avoids making eye contact with you, in case you were wondering.
I was only half joking.
 
Avatar 55267
 
Reply Quote Edit Delete Report
 
26. Re: Out of the Blue Jun 9, 2010, 16:00 Verno
 
This is the uncomfortable conversation point where everyone avoids making eye contact with you, in case you were wondering.  
Avatar 51617
 
Playing: South Park, Dark Souls 2
Watching: Enemy, Network, Wer
Reply Quote Edit Delete Report
 
25. Re: Out of the Blue Jun 9, 2010, 15:39 ForgedReality
 
I think my liberal use of ABP has prevented any real ailments of my machine. Although, I keep disinfecting family members' computers on a continual basis. I've spent many hours in personal contact with many different malware/scareware lately.

It's sickening to see people stooping to such tactics (the virus-writers). I put these pathetic individuals in the same group as the pieces of shit who rob convenience stores, murder, rape, vandalize, steal cars, etc. They all deserve to be lined up and fucking shot in the face. They are doing nothing to assert that they deserve to live. All they do is make life more difficult for others. We have no room for people like that. Let them be killed so we can get on with our lives without the constant threat of someone fucking up the planet for everyone else. It's shit like that that keeps us from growing as a species.
 
Avatar 55267
 
Reply Quote Edit Delete Report
 
24. Re: Out of the Blue Jun 9, 2010, 15:25 Verno
 
Creston wrote on Jun 9, 2010, 12:26:
I'd like to point out that in Home versions of Vista and Windows 7, gpedit.msc does not exist, since they have no policies. (Policies are typically a domain function only.)

If task manager somehow got disabled on your system, you should be able to use regedit, and go to :

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

There should be a REG_DWORD called DisableTaskMgr. If it has a value of 1, it's disabled. Switch the value to zero.

(Note, if you're checking this on Home versions, the Registry key likely doesn't go farther than Policies. That's because there are no policies installed. But if Task manager ever gets disabled, it'll likely be there at that point.)

Creston

Good catch bro, I totally forgot about that.
 
Avatar 51617
 
Playing: South Park, Dark Souls 2
Watching: Enemy, Network, Wer
Reply Quote Edit Delete Report
 
23. Re: Out of the Blue Jun 9, 2010, 15:20 xXBatmanXx
 
Batman AA is on sale for 50% off Steam.

No brainer at that price point if you dont' have it.
 
Avatar 10714
 
In this present crisis, government is not the solution to our problem; government is the problem. / Few men have virtue enough to withstand the highest bidder.
Playing: New dad
Reply Quote Edit Delete Report
 
22. Re: Out of the Blue Jun 9, 2010, 15:17 noman
 
nin wrote on Jun 9, 2010, 14:30:

In happier news I see on Steam I see that Batman Arkam Asylum GOTY is on sale on Steam for $20.

With limited installs! Yum!


Bigger problem is buying the game on Steam, since its activation system is far worse than the SecuROM one that the game has.

Batman:AA has an activation check only during the game install, similar to Steam-enabled games, but unlike Steam, the license can be revoked. If you buy a retail copy, you don't have to worry about getting games tied to an account and unlike Steam, you can actually have two copies of game running at the same time on two different PCs. Even if your hard disk is shot, the activation policy for this game automatically releases licenses every month for any game key. You don't have to worry about online or offline mode, third-party apps or services, since the game is activated only during the install time.

Most SecuROM protected games these days have very practical activation policies. It's sad to see publishers going the lot more restrictive Steamworks route.
 
Reply Quote Edit Delete Report
 
21. Re: Out of the Blue Jun 9, 2010, 14:37 DangerDog
 
6 Companies That Make Money Solving Problems (They Made Up).

#7 Homeland Security
 
Avatar 6174
 
Reply Quote Edit Delete Report
 
20. Re: Out of the Blue Jun 9, 2010, 14:30 nin
 

In happier news I see on Steam I see that Batman Arkam Asylum GOTY is on sale on Steam for $20.

With limited installs! Yum!

 
http://www.nin.com/pub/tension/
Reply Quote Edit Delete Report
 
19. Re: Out of the Blue Jun 9, 2010, 14:05 banddirector
 

Yes, I am painfully aware of having been hoisted by my own petard on this one

Indeed, that sounded truly painful ....

 
There's no place like 127.0.0.1
Reply Quote Edit Delete Report
 
18. Re: Out of the Blue Jun 9, 2010, 13:07 Cutter
 
In happier news I see on Steam I see that Batman Arkam Asylum GOTY is on sale on Steam for $20.
 
Avatar 25394
 
"The South will boogie again!" - Disco Stu
Reply Quote Edit Delete Report
 
17. Re: Out of the Blue Jun 9, 2010, 12:36 Kxmode
 
nin wrote on Jun 9, 2010, 10:58:
I got a virus once by visiting Foxnews.com

One could argue that foxnews is one giant festering virus.

Little bit of a tip nin. All television news stations are giant festering viruses; people just pick their cyanide laced Kool-Aid flavors. For example Fox News's flavor is Roarin' Raspberry Cranberry.
 
Avatar 18786
 
Reply Quote Edit Delete Report
 
16. Re: Out of the Blue Jun 9, 2010, 12:26 Creston
 
Verno wrote on Jun 9, 2010, 11:52:
If you ever run into it and chances are you will, its becoming increasingly common and they target sites like this, you can restore it by booting into safe mode, killing off non-Windows related executables(they try to prevent you from running gpedit or regedit) then rebooting normally, go into Start->Run->gpedit.msc and set User Configuration / Administrative Templates / System / Ctrl+Alt+Delete Options / Remove Task Manager to "Not Configured".

I'd like to point out that in Home versions of Vista and Windows 7, gpedit.msc does not exist, since they have no policies. (Policies are typically a domain function only.)

If task manager somehow got disabled on your system, you should be able to use regedit, and go to :

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

There should be a REG_DWORD called DisableTaskMgr. If it has a value of 1, it's disabled. Switch the value to zero.

(Note, if you're checking this on Home versions, the Registry key likely doesn't go farther than Policies. That's because there are no policies installed. But if Task manager ever gets disabled, it'll likely be there at that point.)

Creston
 
Avatar 15604
 
Reply Quote Edit Delete Report
 
15. Re: Out of the Blue Jun 9, 2010, 12:15 Creston
 
fyrestorm wrote on Jun 9, 2010, 11:27:
Dear Blue,

When experimenting with potentially viral/malicious software, a good alternative to test it with is a virtual machine!

Another helpful tip from your friendly internet hero fyrestorm.

Words of Wisdom to live by. I also agree with brother19 who says that as soon as he saw that thing pop up, he yanked the power cable out of his system. It's a bit drastic, but if you're lucky it'll prevent the damn thing from installing in the first place. (since usually they do need you to CLICK something before they get the rights to do so. It's just that their Yes/No/X buttons all have the same run/install script behind it.)

Creston

This comment was edited on Jun 9, 2010, 12:26.
 
Avatar 15604
 
Reply Quote Edit Delete Report
 
34 Replies. 2 pages. Viewing page 1.
< Newer [ 1 2 ] Older >


footer

Blue's News logo