Off Topic Chit Chat Get to know other eflight modelers in the WattFlyer community here in this off topic forum. NO politics or religion discussion please (Holiday well wishes are ok)

New virius threat, Antivirus .com .net .av

Old 02-09-2011, 06:59 AM
  #1  
Saucerguy2
Super Contributor
Thread Starter
 
Join Date: Apr 2006
Posts: 1,893
Default New virius threat, Antivirus .com .net .av

I'm giving you guys a heads up on the latest and greatest threat that will be coming to a pc near you "yours, likely", and it's yet another one called Antivirus. We had the fun filled days of Antivirus 2007, 2008, and 2009, now we get the latest and greatest one named that way, but luckily, it's a different script that's easily fixed.

So far, I've been hit with the .com and the .av version of it, my buddy got hit with it's .net extension, and it's the same game being played before. You are doing pretty much nothing on the web except checking email or goofing off on the web, even harmless places, and then you get the Sun Java pop up on some page, and before you know it, you are being told you have some virus threats and a fun new icon in your task bar. It then begins to do it's fake scan, and pops up asking you if you want to purchase the program to clean out the fake viruses it's so called found. You then try to terminate it through the cpanel, only to find, it now won't let you into it to get rid of it through that way. You then try to do a computer restore through the system tools, same thing.

You then opt to try to find a solution through another uninfected pc to download the fix, only to now find all of these sites that say they have it, but you must download their software, which is of course never free.... Report those guys that are exploiting this one, their so called manual approach to fix it is a pack of lies, I know this because I'm the type of IT guy that will go in and manually adjust the windows registry settings if that is what it takes....

To Fix this antivirus "virus", is actually easy. and not public knowledge, but it is now, I hope google is still up on watching watt flyer, I have my own .com to post this stuff from if it's not. The moment that thing shows up, reboot your computer into safe mode, do your restore from there, let it do it's thing, virus is gone, yet you have to reinstall/update firefox, for it won't be able to work again, so, gotta use IE for at least that moment for that one.

It's really sad these guys have to resort to these levels just to make a buck, any site offering anything that requires you to download their software to fix it, flag it big time, it's part of the problem and exploiting it, and I suspect are behind it in the first place. If you don't have auto restore set up on your computer, make sure you have that setting on right now, you are going to need it.
Saucerguy2 is offline  
Old 02-09-2011, 03:05 PM
  #2  
crxmanpat
Community Moderator
 
crxmanpat's Avatar
 
Join Date: Feb 2006
Location: Crawfordville, FL
Posts: 6,966
Default

I prevent this type of stuff by simply using Malwarebytes (www.malwarebytes.org). Stops adware, spyware and these nasty "Antivirus" popups.

If you get the Antivirus bug, just download Malwarebytes, do a full scan and it will clean you up real nice.

And best of all, it's free!
crxmanpat is offline  
Old 02-09-2011, 03:10 PM
  #3  
Wrongway-Feldman
Member
 
Wrongway-Feldman's Avatar
 
Join Date: Jan 2011
Location: Govan, Saskatchewan
Posts: 936
Default

Better yet, switch to Linux like I did years ago. Never have to worry about stuff like that again.
Wrongway-Feldman is offline  
Old 02-09-2011, 04:30 PM
  #4  
JBoyd
completely green
 
Join Date: Jan 2011
Location: Kelowna, B.C.
Posts: 61
Default

Originally Posted by Wrongway-Feldman View Post
Better yet, switch to Linux like I did years ago. Never have to worry about stuff like that again.
+1, I switched and don't worry, although you always have to keep in mind that linux isn't bullet-proof. All that means is don't do stupid things while on the internet.
JBoyd is offline  
Old 02-09-2011, 05:30 PM
  #5  
radialarm
Crash Test Clown!!!
 
radialarm's Avatar
 
Join Date: Sep 2009
Location: Boyd, TX
Posts: 299
Default

I fixed a computer for a guy several months ago that had that fake antivirus virus. It wouldn't even let malewarebytes run. I had to use a program called rkill to stop the process long enough to get malewarebytes to run. I even had to rename rkill and run it from a flash drive to get it to work. It took about 2 hours to get his computer cleaned up. I warned him about those little java windows that pop up and tell you your AV is out of date or that it has detected a virus. If you don't have antivirus software or it's out of date search for "Microsoft security essentials" it's a good free antivirus.
radialarm is offline  
Old 02-09-2011, 06:15 PM
  #6  
Wrongway-Feldman
Member
 
Wrongway-Feldman's Avatar
 
Join Date: Jan 2011
Location: Govan, Saskatchewan
Posts: 936
Default

Originally Posted by JBoyd View Post
+1, I switched and don't worry, although you always have to keep in mind that linux isn't bullet-proof. All that means is don't do stupid things while on the internet.
I've been in IT long enough to know that nothing is secure. In fact, Windows 7 is more secure than Linux and especially Mac OS. The biggest difference is that Windows has the biggest user base therefore is the biggest target for malicious software.
If these code writers ever were to seriously target Mac or Linux we'd be hooped. LOL
Wrongway-Feldman is offline  
Old 02-09-2011, 06:20 PM
  #7  
Wrongway-Feldman
Member
 
Wrongway-Feldman's Avatar
 
Join Date: Jan 2011
Location: Govan, Saskatchewan
Posts: 936
Default

Originally Posted by radialarm View Post
I fixed a computer for a guy several months ago that had that fake antivirus virus. It wouldn't even let malewarebytes run. I had to use a program called rkill to stop the process long enough to get malewarebytes to run. I even had to rename rkill and run it from a flash drive to get it to work. It took about 2 hours to get his computer cleaned up. I warned him about those little java windows that pop up and tell you your AV is out of date or that it has detected a virus. If you don't have antivirus software or it's out of date search for "Microsoft security essentials" it's a good free antivirus.
I have to agree that Microsoft security essentials is a terrific free antivirus. It integrates seamlessly with windows and windows firewall. Probably the best free antivirus there is IMHO.
Probably the worst that there is of all antivirus software available is unfortunately the most popular. Norton. I have fixed more systems that got hooped by Norton software than I care to remember.
Wrongway-Feldman is offline  
Old 02-09-2011, 06:49 PM
  #8  
radialarm
Crash Test Clown!!!
 
radialarm's Avatar
 
Join Date: Sep 2009
Location: Boyd, TX
Posts: 299
Default

Originally Posted by Wrongway-Feldman View Post
I have to agree that Microsoft security essentials is a terrific free antivirus. It integrates seamlessly with windows and windows firewall. Probably the best free antivirus there is IMHO.
Probably the worst that there is of all antivirus software available is unfortunately the most popular. Norton. I have fixed more systems that got hooped by Norton software than I care to remember.
I've been using it since it came out, because I'm cheap, and it works well with windows. I was using AVG, but didn't care much for it. I don't like Norton either. A friend told me about a really good firewall named Comodo. I tried it for a while, but got annoyed by all the warnings and asking permissions for every little thing.
radialarm is offline  
Old 02-09-2011, 07:10 PM
  #9  
tarheal63
Member
 
tarheal63's Avatar
 
Join Date: Jan 2010
Location: Murfreesboro TN
Posts: 398
Default

I make my living fighting things like thing in a large enterprise environment(read Windows). I do agree with Wrongway that Windows 7 took a great step in security by implementing UAC. But the only way to prevent anything bad happening to your computer is to unplug that blue cable from the network card. Unfortunately there are alot of people out there on computers that know absolutely nothing about computers, so in their thinking, when a pop up like that presents itself, they think they are doing a good thing. Take a look at the statistics of the amount of machines out there running as bots and you will see what I mean. Knowledge is your best defense against these types of attacks. Never go to an unknown website, don't open email from someone you don't know, don't install software that didn't come from a trusted source. Basic rules, but sometimes even that won't prevent intrusion. A good AV solution is your next line of defense. I run McAfee enterprise on all of my machines and it has been very effective. Please remember in the world of software, you get what you pay for. I manage AV on over 2000 systems and thank the Lord, we have not had a major outbreak in many years. That being said, I wish they would take all of these malicious and, well do something nasty to them for making our lives more difficult than they already are, do the same for the spammers and scammers too. The internet should be a place for free trade of information without threat of data loss. I do not ever want to go back to a world without it.
tarheal63 is offline  
Old 02-09-2011, 07:33 PM
  #10  
bthrel
Member
 
bthrel's Avatar
 
Join Date: Feb 2011
Location: Rural Tennessee
Posts: 66
Default

Originally Posted by JBoyd View Post
+1, I switched and don't worry, although you always have to keep in mind that linux isn't bullet-proof. All that means is don't do stupid things while on the internet.
+1 on that, while its 99.9% free of attacks, you do still have to exercise some common sense.

Cheers

Brian
bthrel is offline  
Old 02-09-2011, 09:32 PM
  #11  
Saucerguy2
Super Contributor
Thread Starter
 
Join Date: Apr 2006
Posts: 1,893
Default

My older systems were running linux on them. I like it, except for a couple of things. The linux wireless drivers are very scarce, you end up having to write drivers for the newer systems, of which I have never delved into. And windows aps that I use, won't work with it as well. Yeah, I know, use a dual boot system, and that works, but it's still a pain to go back and forth.

I've done a lot of repairs on other systems, and have popped in h/drives into my linux tower in order to restore and do data recovery, especially in cases where it seemed hopeless. It's a good tool to have in your arsenal, but at the same time, I'm the IT guy most in my crowd calls up, so I gotta stay on top of things, and this also means troubleshooting within all of the windows Os's.
Saucerguy2 is offline  
Old 02-09-2011, 09:37 PM
  #12  
Wrongway-Feldman
Member
 
Wrongway-Feldman's Avatar
 
Join Date: Jan 2011
Location: Govan, Saskatchewan
Posts: 936
Default

Originally Posted by Saucerguy2 View Post
My older systems were running linux on them. I like it, except for a couple of things. The linux wireless drivers are very scarce, you end up having to write drivers for the newer systems, of which I have never delved into. And windows aps that I use, won't work with it as well.
Very true. Anything bleeding edge generally isn't supported right away. ATI is the worst offender for this. I've got an ATI 6850 in one of my systems and there is still no support from ATI for this card. That being said, the only reason I use windows these days is to play games, and as I'm getting older this is happening less and less.
Wrongway-Feldman is offline  
Old 02-09-2011, 09:38 PM
  #13  
bthrel
Member
 
bthrel's Avatar
 
Join Date: Feb 2011
Location: Rural Tennessee
Posts: 66
Default

Originally Posted by Saucerguy2 View Post
My older systems were running linux on them. I like it, except for a couple of things. The linux wireless drivers are very scarce, you end up having to write drivers for the newer systems, of which I have never delved into. And windows aps that I use, won't work with it as well. Yeah, I know, use a dual boot system, and that works, but it's still a pain to go back and forth.

I've done a lot of repairs on other systems, and have popped in h/drives into my linux tower in order to restore and do data recovery, especially in cases where it seemed hopeless. It's a good tool to have in your arsenal, but at the same time, I'm the IT guy most in my crowd calls up, so I gotta stay on top of things, and this also means troubleshooting within all of the windows Os's.
Saucerguy2


I manage a large installation of LINUX systems, desktops and servers, 1000's. In the past year, on most distros I have found the wireless drivers almost a non issue, granted, as far back as last year they were sometimes sketchy, video drivers can be problematic as well.


One way I personally get around the Windows software issue ( I hate WINE emulation) is to load Virtual Box (free) on my LINUX desktop, then create a windows VM with whatever MS software needed loaded, that way you dont have to dual boot to access your MS apps.

YMMV

Brian
bthrel is offline  
Old 02-09-2011, 09:48 PM
  #14  
Saucerguy2
Super Contributor
Thread Starter
 
Join Date: Apr 2006
Posts: 1,893
Default

What flavor of Linux are you typically using?
Saucerguy2 is offline  
Old 02-09-2011, 09:52 PM
  #15  
Wrongway-Feldman
Member
 
Wrongway-Feldman's Avatar
 
Join Date: Jan 2011
Location: Govan, Saskatchewan
Posts: 936
Default

Depends on the system. some of them are running Ubuntu. But recently I've started using PclinuxOs and have come to really like the look and feel of it. I highly recommend it to people new to linux as it is very easy to use. If you install the full monty eddition it comes complete with almost all the software you will ever need.

Last edited by Wrongway-Feldman; 02-09-2011 at 09:52 PM. Reason: typo
Wrongway-Feldman is offline  
Old 02-09-2011, 10:23 PM
  #16  
bthrel
Member
 
bthrel's Avatar
 
Join Date: Feb 2011
Location: Rural Tennessee
Posts: 66
Default

In my case, desktops (over 500) are all running the current LTS version of Ubuntu, on the server side we are Red Hat v5 and 6.

We did much testing last year on desktops and Ubuntu has the best driver support and a more aggressive release schedule for fixes and patches.

Brian
bthrel is offline  
Old 02-10-2011, 05:11 AM
  #17  
CHELLIE
Super Contributor
 
CHELLIE's Avatar
 
Join Date: Oct 2006
Location: Hesperia, So. Calif
Posts: 19,269
Default

I like ESET NOD32, its not free, but it gets them before they get into your comp its not very expensive, I have just about tried them all, and ESET is the best IMHO for its ease of use its ranks 5th out of the top ten, I tried Norton, and it crashed my computer

http://anti-virus-software-review.toptenreviews.com/
CHELLIE is offline  
Old 02-10-2011, 05:18 AM
  #18  
JBoyd
completely green
 
Join Date: Jan 2011
Location: Kelowna, B.C.
Posts: 61
Default

Norton is one of the worst, personally I don't run virus scanners on any of my computers whether they run windows or linux. I use a hardware firewall for any trojans/RATs and the like, and I just utilize safe surfing and downloading practices.
JBoyd is offline  
Old 02-10-2011, 06:47 AM
  #19  
kyleservicetech
Super Contributor
 
kyleservicetech's Avatar
 
Join Date: Apr 2008
Location: Wisconsin, USA
Posts: 8,952
Default

Originally Posted by Saucerguy2 View Post
I'm giving you guys a heads up on the latest and greatest threat that will be coming to a pc near you "yours, likely", and it's yet another one called Antivirus. We had the fun filled days of Antivirus 2007, 2008, and 2009, now we get the latest and greatest one named that way, but luckily, it's a different script that's easily fixed.

So far, I've been hit with the .com and the .av version of it, my buddy got hit with it's .net extension, and it's the same game being played before. You are doing pretty much nothing on the web except checking email or goofing off on the web, even harmless places, and then you get the Sun Java pop up on some page, and before you know it, you are being told you have some virus threats and a fun new icon in your task bar. It then begins to do it's fake scan, and pops up asking you if you want to purchase the program to clean out the fake viruses it's so called found. You then try to terminate it through the cpanel, only to find, it now won't let you into it to get rid of it through that way. You then try to do a computer restore through the system tools, same thing.

You then opt to try to find a solution through another uninfected pc to download the fix, only to now find all of these sites that say they have it, but you must download their software, which is of course never free.... Report those guys that are exploiting this one, their so called manual approach to fix it is a pack of lies, I know this because I'm the type of IT guy that will go in and manually adjust the windows registry settings if that is what it takes....

To Fix this antivirus "virus", is actually easy. and not public knowledge, but it is now, I hope google is still up on watching watt flyer, I have my own .com to post this stuff from if it's not. The moment that thing shows up, reboot your computer into safe mode, do your restore from there, let it do it's thing, virus is gone, yet you have to reinstall/update firefox, for it won't be able to work again, so, gotta use IE for at least that moment for that one.

It's really sad these guys have to resort to these levels just to make a buck, any site offering anything that requires you to download their software to fix it, flag it big time, it's part of the problem and exploiting it, and I suspect are behind it in the first place. If you don't have auto restore set up on your computer, make sure you have that setting on right now, you are going to need it.
Wow, sounds like a virus I picked up a year ago. Take a look:
http://www.wattflyer.com/forums/showthread.php?t=54154

This virus was so severe I had to buy a new PC. Then I erased (not formated, erased) the hard drive on the original PC, and re-installed Windows xP. By pure dumb luck, I'd just backed up everything on my PC to an external 1 Tb drive two weeks prior.

That virus got into my PC by a fake Norton warning that a virus was attempting to get into my PC. That fake warning was the virus it self. Nothing worked, could not even get into safe mode.

Bottom line:
DO NOT CLICK ON ANY POP UPS ON YOUR PC, NO MATTER WHAT IT SAYS IT IS. DON'T EVEN CLICK ON THE "X" TO CLOSE IT.

I've set my PC to block all pop-ups on the internet, but an occasional one still gets through Windows 7.

Use control alt delete, go to the task manager and close the pop up there. If it's not there, shut down the PC and start over.

It's interesting, after warning the company I worked for before retiring, three employees got hit by the same virus last year. All three had to have their PC's stripped of their operating system, and completely re-loaded. And that company with 10's of thousands of PC's division wide has one of the best virus protection systems available.

One thing you can do, is to put your PC mouse in the top left corner of your monitor, click, and copy the whole PC screen, copying all of your PC Icons. Then save this file to an off PC location. So, if you do get hit, you'll know what you had on your PC, and what needs to be re-installed.
kyleservicetech is offline  
Old 02-10-2011, 09:10 PM
  #20  
JZSlenker
Member
 
JZSlenker's Avatar
 
Join Date: Jul 2010
Location: Harrisburg, PA
Posts: 206
Default

My favorite anti-virus is called a Mac
JZSlenker is offline  
Old 02-10-2011, 09:19 PM
  #21  
bthrel
Member
 
bthrel's Avatar
 
Join Date: Feb 2011
Location: Rural Tennessee
Posts: 66
Default

Originally Posted by JZSlenker View Post
My favorite anti-virus is called a Mac
MAC;s come with a pre-installed virus, its called "MAC O/S X Snow Leopard"

Just Kidding, Although I dont own any Apple products, I do agree 100%. Most people dont know why MAC's are so virus proof, its because its based on a UNIX kernal that its so bullet proof...

Brian
bthrel is offline  
Old 02-10-2011, 09:25 PM
  #22  
JBoyd
completely green
 
Join Date: Jan 2011
Location: Kelowna, B.C.
Posts: 61
Default

Originally Posted by bthrel View Post
MAC;s come with a pre-installed virus, its called "MAC O/S X Snow Leopard"

Just Kidding, Although I dont own any Apple products, I do agree 100%. Most people dont know why MAC's are so virus proof, its because its based on a UNIX kernal that its so bullet proof...

Brian
Actually, the most prevalent reason why Linux and Mac's have few viruses made for them is simply because those that are creating the viruses are using Linux and Mac operating systems. Who would want to create a virus that could infect their system?

The majority of Trojans and Worms are built for Windows because of the sheer market dominance of that operating system.
JBoyd is offline  
Old 02-10-2011, 09:34 PM
  #23  
bthrel
Member
 
bthrel's Avatar
 
Join Date: Feb 2011
Location: Rural Tennessee
Posts: 66
Default

Originally Posted by JBoyd View Post
Actually, the most prevalent reason why Linux and Mac's have few viruses made for them is simply because those that are creating the viruses are using Linux and Mac operating systems. Who would want to create a virus that could infect their system?

The majority of Trojans and Worms are built for Windows because of the sheer market dominance of that operating system.
Has a lot to do with user access privileges as well, On a PC the user typically has full administrator access even though they are not "administrators" and on a MAC based system (UNIX based system) the user doesn't have this kind of access (doesn't run as root) hence limiting the ability of the virus to infect system owned files.

Brian
bthrel is offline  
Old 02-10-2011, 09:42 PM
  #24  
JBoyd
completely green
 
Join Date: Jan 2011
Location: Kelowna, B.C.
Posts: 61
Default

Originally Posted by bthrel View Post
Has a lot to do with user access privileges as well, On a PC the user typically has full administrator access even though they are not "administrators" and on a MAC based system (UNIX based system) the user doesn't have this kind of access (doesn't run as root) hence limiting the ability of the virus to infect system owned files.

Brian
While that is certainly true, the influx of user-friendly Linux distros meant to ease the transition from Windows to *nix has allowed users create accounts with root privileges during installation. Some distro's recommend that the user create a root password and a separate user account during installation but often don't tell the user why.

Often these new users view the root password as admin password in windows, 'having to enter a password every time I change a system setting is annoying, I just want to have it done'. With the creation of UAC, Windows once again annoyed the users in attempts to prohibit how much they can do without a double check.

After switching a couple of friends over to Ubuntu I have received the "why should I have to use sudo and enter a password every time I want to update or anything" question.
JBoyd is offline  
Old 02-10-2011, 09:59 PM
  #25  
bthrel
Member
 
bthrel's Avatar
 
Join Date: Feb 2011
Location: Rural Tennessee
Posts: 66
Default

Originally Posted by JBoyd View Post
While that is certainly true, the influx of user-friendly Linux distros meant to ease the transition from Windows to *nix has allowed users create accounts with root privileges during installation. Some distro's recommend that the user create a root password and a separate user account during installation but often don't tell the user why.

Often these new users view the root password as admin password in windows, 'having to enter a password every time I change a system setting is annoying, I just want to have it done'. With the creation of UAC, Windows once again annoyed the users in attempts to prohibit how much they can do without a double check.

After switching a couple of friends over to Ubuntu I have received the "why should I have to use sudo and enter a password every time I want to update or anything" question.
I disagree with some of your points here, Never have I been able to create a root level user during the GUI of Ubuntu, fedora or any other LINUX distro. Granted a more advanced user can modify a users UID (after installtion) to be 0 or less that 100 to make it appear ad a "root" user, but thats bad form. Also there are settings ACL's trusted key ring, etc as well as sudo settings that can be tweaked to make the root access easier for the defined user when that type of access is required.

I run Ubuntu on my company laptop as well as home PC's and its only very occasional that I must sudo to root for anything at all. And usually its only a prompt from a system management type program not a command line sudo request.

In the end its really of no matter, LINUX accounts for fractions of a percent of desktops in use so PC users best keep anti virus and spyware software up to date to have at least some protection these days.

Not trying to start a argument as I am a new member, but I do have a minor amount of experience in the UNIX administration world.

Cheers

Brian
bthrel is offline  

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information -

Copyright 2021 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.

Page generated in 0.15196 seconds with 11 queries