Announcement

Collapse
No announcement yet.

Odd new wave of computer virii

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Odd new wave of computer virii

    Anyone else see this?

    You go to a legit site, and an add loads that causes a popup that says something to the effect of, "You have a virus on your computer, allow us to remove it!"

    Even if you use your computer jedi tricks to get around clicking it, its too late, and its already loaded a trojan virus to your computer.


    The recent wave of trojans like to load websites for advertisements.

    I seriously have to wonder about this. EVERY time ive had one of these infect my computer I have had to reformat and reinstall. either i cannot get rid of them with a suite of AVG, Adaware, Spybot and Malware Bytes. OR they break something on my computer when it reboots and i have to deal with a bluescreen as soon as the computer logs into windows.

    I just now got a new one, that makes 4 times. 2 in 2 weeks

    I am using Firefox 3 also.

    So what is my recourse? Is there a better protection program, or do i have to get a virtual machine setup going just to surf the internet?
    Last edited by symposes; 01-24-2009, 11:57 PM.
    http://www.vilecity.com/index.php?r=221271
    Cyberpunk mayhem!

  • #2
    Use No-Script.
    Ba'al: I'm a god. Gods are all-knowing.

    http://unrelatedcaptions.com/45147

    Comment


    • #3
      Virii like this tend to use a rootkit to avoid detection/removal.

      AVG and others have Anti-rootkit programs.

      I use a free rootkit scanner called Avenger which allows you to load scripts to run along with a regular scan. Virii like this can be particularly nasty and a pain in the arse to remove. - I don't really have any links but there was a recent thread involving advice on computer security and various programs to use that has quite a bit of nice advice in it.

      If you're using firefox I recommend installing an add on called NoScript: http://noscript.net/

      This basically prevents scripts from running on a site unless you tell the add on that it is ok for the site to let the script run. It takes a bit of getting used to, but it is a very very nice added layer of security for firefox.
      Last edited by Chanlin; 01-25-2009, 12:09 AM.

      Comment


      • #4
        great, hopefully These will help me out.

        Im getting to the point now, if i caught the jerk making these virii. Id stomp a mudhole in him. jail time or not.

        ive pretty much reformated my computer to remove these things because i couldnt find a way to remove them otherwise. after 4 reformats, im getting seriously tired of this.
        http://www.vilecity.com/index.php?r=221271
        Cyberpunk mayhem!

        Comment


        • #5
          One caveat if you go with Avenger. Avenger is a very advanced tool in terms of using it to actually remove threats. I use it more just to locate the culprit and then research the removal. More often than not you can visit dedicated technical support forums for advice on how to remove specific Virii.

          Comment


          • #6
            nitpick
            http://www.wsu.edu/~brians/errors/virii.html
            /nitpick

            On another note, last year it was found that some flash ads can contain trojan and/or virus droppers in them, so just loading up pages can infect a computer.

            You might also look into adding FlashBlock to Firefox as well. Your flash ads will appear with a little F within a circle that you can click on to allow it.

            I've used it since reading about these, and haven't had any problems. You CAN allow flash ads on a site-per-site basis, if you know said site is safe, like You Tube, or well-known sites that only use a few. I generally won't allow sites that I either don't trust fully, or that have an over-abundance of ads.


            Eric the Grey
            In memory of Dena - Don't Drink and Drive

            Comment


            • #7
              Quoth Eric the Grey View Post
              I had never known of this distinction before. Or more accurately, I probably did but ended up hypercorrecting myself.

              For those who don't know what I mean by hypercorrecting; Hypercorrection is a linguistic term for when people misuse a word or phrase a sentence incorrectly in an attempt to sound correct because its what they believe the correct form is.

              Comment


              • #8
                I've had luck with AdBlockPlus. Make sure you get the EZElement and Element "subscription" (it's just preloaded lists).
                Ridiculous 2009 Predictions: Evil Queen will beat Martha Stewart to death with a muffin pan. All hail Evil Queen! (Some things don't need elaboration.....) -- Jester

                Ridiculous 2010 Predictions: Evil Queen, after escaping prison for last years prediction, goes out and waffle irons Rachel Ray to death. -- SG15Z

                Ridiculous 2011 Prediction: Evil Queen will beat Gordon Ramsay over the head with a cast-iron skillet. -- FireHeart

                Comment


                • #9
                  First and simplest: Broom is right, the NoScript extension is what you want. You also do not need FlashBlock if you have it, since NoScript stops Java, JavaScript, and Flash, until you say it's okay to run the scripts.

                  Second, and more complex (and less likely to be tenable): Switch to Ubuntu. I use Linux myself (a more geeky version of it called Debian). As such, especially with NoScript, I really don't worry. My system seems pretty safe and stable.

                  I've got no comment on AdBlock, since I don't use it myself.

                  Comment


                  • #10
                    Quoth Eric the Grey View Post
                    THANK YOU!
                    I AM the evil bastard!
                    A+ Certified IT Technician

                    Comment


                    • #11
                      Actually, thx too!

                      I didn't know about No-Flash.
                      Neato, and thanks!

                      Cutenoob
                      In my heart, in my soul, I'm a woman for rock & roll.
                      She's as fast as slugs on barbituates.

                      Comment


                      • #12
                        Quoth Eric the Grey View Post
                        [...] if you know said site is safe, like You Tube, or well-known sites that only use a few.
                        Just a side note.

                        You Tube is not 100% safe. About two months ago, I helped a friend clean off WinAntivirus2008 (or a clone) from his machine. If he was telling me the truth about where he had been browsing (and I think he was), then it is almost certain he got it off of You Tube somehow.
                        The Rich keep getting richer because they keep doing what it was that made them rich. Ditto the Poor.
                        "Hy kan tell dey is schmot qvestions, dey is makink my head hurt."
                        Hoc spatio locantur.

                        Comment


                        • #13
                          The problem isn't with the sites. They get advertising in through agencies. The agencies sell the advertising to people they think they can trust. There's embedded bollocks in that to scupper machines - Keenspace had that very recently.

                          Rapscallion

                          Comment


                          • #14
                            Quoth Rapscallion View Post
                            The problem isn't with the sites. They get advertising in through agencies. The agencies sell the advertising to people they think they can trust.
                            True, but with You Tube and similar sites, there is also some basic danger from the videos themselves, as you can piggyback malicious code on the Flash broadcast. Not as common as it used to be as many live scanners can catch that sort of thing now, but it could catch someone running unprotected if you get an infected feed. I'm sure You Tube has taken some protective steps as well, but I've never really cared enough to look into what those steps might be.
                            The Rich keep getting richer because they keep doing what it was that made them rich. Ditto the Poor.
                            "Hy kan tell dey is schmot qvestions, dey is makink my head hurt."
                            Hoc spatio locantur.

                            Comment

                            Working...
                            X