Author |
Topic |
|
Stanley
Local Historian & Old Fart
36804 Posts
|
|
Posted -
16/08/2006
:
07:13
|
I have my system set for automatic updates from Mcaffee, Windows and Spyware Doctor. These have all issued a flurry of upgrades over the last few days, some of them major and involving re-starting the system to install. This is generally due to improved security patches or installation of updated databases to address new threats. So, the safe inference is that for some reason there are new threats out there. If you aren't on auto upgrade it might be a good idea to manually check for any upgrades available and install them. Can't do any harm, could save you a lot of hassle.
Stanley Challenger Graham
Barlick View stanley at barnoldswick.freeserve.co.uk
|
|
Replies |
Author |
|
|
Stanley
Local Historian & Old Fart
36804 Posts
|
|
Posted - 07/05/2008 : 11:48
Spybot did its usual startup check this morning and found a particularly nasty high risk virus. Can't think where it cane from, I'm very careful about sites and attachments. Nevertheless it got through the firewall but can't have been there for more than 24hours and I haven't noted any bad effects. It is zapped now but I thought I'd mention it in case it is about and looking for other targets. I missed the name so can't be specific but it must be a fairly new one.
Stanley Challenger Graham
Barlick View stanley at barnoldswick.freeserve.co.uk |
pluggy
|
Posted - 07/05/2008 : 13:29
Drive by hijacking is a likely explanation. One of the most prevelent means of distributing c**p nowadays. Hacker plants virus on website, you visit website and and it can go into your cache files. It could have even been have planted on OGFB, many forum scripts have holes in them which allow stuff to be planted.
Whether it actually runs is dependant on several factors, it needs a browser exploit (or sombody dumb enough to run it), and administrative rights usually to install itself, other wise its just a file sat in your cache. Most exploits are aimed at IE and old or unpatched versions are the worst. The best defence is not to use IE and not to run as Administrator or an account with administrative rights. (which of course everybody does, because they don't know how not to........)
Need computer work ? "http://www.stsr.co.uk"
Pluggy's Household Monitor |
pluggy
|
Posted - 07/05/2008 : 13:42
Not running Windows is the best way because then the virus cannot run at all, but God forbid I suggest you let Bill G slide further down the worlds rich list........
Need computer work ? "http://www.stsr.co.uk"
Pluggy's Household Monitor |
Big Kev
|
Posted - 08/05/2008 : 16:13
Fake media file snares PC users
The fake file claims to be an mp3 of Girls Aloud
Almost 500,000 people have been caught out by a booby-trapped media file, says security firm McAfee.
The fake file poses as a music track, short video or movie and has been widely seeded on file-sharing networks to snare victims.
McAfee said the fake media file outbreak was the largest it had seen for about three years.
Those running the fake file get bombarded with pop-up ads and risk compromising the safety of their PC.
The fake file or trojan has been widely distributed on the eDonkey and Limewire file-sharing networks.
The file has many names and is written in different languages to trick people into downloading it.
The titles make the file appear to be music tracks, pornography and full versions of popular movies.
Anyone downloading the trojan and trying to run it is asked to install a codec that will play the supposed media.
FAKE FILE TITLES girls aloud st trinnians.mp3 changing times earth wind .mp3 heartbroken fast t2 ft jodie.mp3 meet bambi in kings harem.mp3 paralyized by you.mp3 pull over levert.mp3
Instead of playing the media, running the file installs a bundle of adware that plagues a user with pop-ups.
Included in the bundle is an MP3 media player that will only play the tracks included with it.
McAfee said seeing such a large outbreak was rare because hi-tech criminals typically prefer to target their malicious creations to keep numbers manageable and to avoid detection.
In the last seven days McAfee said the trojan had been found on more than 500,000 of the PCs that notify the company when a malicious file is downloaded.
It added that, so far, only 10% seem to have gone as far as to install the fake codec and be plagued with pop-ups.
Other security companies have seen the trojan but not in such large numbers as McAfee.
Only those using Windows are vulnerable to the malicious program.
McAfee urged users to update their security software and to be wary when using file-sharing networks.
Big Kev
It doesn't matter who you vote for, you always end up with the government. |
frankwilk
|
Posted - 08/05/2008 : 19:01
Had an e-mail today about a virus call POSTCARD I wouldn't recommend opening anything that has Postcard in the heading.
Frank Wilkinson Once Navy Always Navy |
pluggy
|
Posted - 09/05/2008 : 00:00
quote: frankwilk wrote: Had an e-mail today about a virus call POSTCARD I wouldn't recommend opening anything that has Postcard in the heading.
Ignore it, virus warnings in e-mails are always hoaxes. They are put out by losers that don't have the talent to write them for real.
This is the current 'Postcard' that is doing the rounds : http://urbanlegends.about.com/library/bl_postcard_virus.htm
Edited by - pluggy on 09/05/2008 00:04:09
Need computer work ? "http://www.stsr.co.uk"
Pluggy's Household Monitor |
Stanley
Local Historian & Old Fart
36804 Posts
|
|
Posted - 09/05/2008 : 06:58
I've just had a pop-up. Spybot telling me it's just finished the daily full scan, takes twenty minutes but seems to find the nasties. Nice to have it looking after me.
Stanley Challenger Graham
Barlick View stanley at barnoldswick.freeserve.co.uk |
pluggy
|
Posted - 09/05/2008 : 09:38
Nice not to need it......
Need computer work ? "http://www.stsr.co.uk"
Pluggy's Household Monitor |
HerbSG
|
Posted - 14/05/2008 : 18:55
2 days ago clicked on new member Jalil's profile, seeing Ottawa, Ca I clicked on picture, got a screen full of porno, since then have been updating ca,spyware and removing viruses which included copius files of illegal porno. Still cannot access OGFB by simply clicking on OGFB, I then get ads for various things, this time I accessed by clicking on most popular topics.
HERB
|
HerbSG
|
Posted - 14/05/2008 : 19:36
Just logged off and back on, again only by going through top downloads. During that time warnings popped up with 3 attempts to "attack" internet , warnings referred to: C:\windows\system 32\ketonduu.exe this was one of the viruses detected and deleted by ca.spyware
HERB
|
Callunna
Revolving Grey Blob
3044 Posts
|
|
Posted - 14/05/2008 : 20:43
Perhaps our mods could be persuaded to delete JalilMan from the new members list?
Is it time to introduce email authentication for new member applications? |
panbiker
|
Posted - 14/05/2008 : 22:01
I helped a new member to sign up last night Cally, the registration on OG sent an email which required a reply before the new member was admitted. She's on the site now although hasn't posted yet. She was a bit poorly last night though. Give bobbysgirl a welcome when she posts, come on Carol nobody bites on here, (apart from Cally who sometimes bites ankles)!
Ian |
HerbSG
|
Posted - 14/05/2008 : 23:14
Is this now the norm (e mail authentication is in place)?
I seriously warn y'all not to view the picture on profile of new member Jalilman. Was the e mail authenticated in that case?
HERB
|
Stanley
Local Historian & Old Fart
36804 Posts
|
|
Posted - 15/05/2008 : 08:02
I have looked for Jalilman's membership, coul;dn't find it and assumed that one of the other admin mambers had deleted it. Will mail Doc.
Stanley Challenger Graham
Barlick View stanley at barnoldswick.freeserve.co.uk |
Ringo
Site Administrator
3793 Posts
|
|
Posted - 15/05/2008 : 08:37
quote: Stanley wrote: I have looked for Jalilman's membership, coul;dn't find it and assumed that one of the other admin mambers had deleted it. Will mail Doc.
I did the same as you Stanley
|