NASTY new Windows exploit - look out for this one!

Page 1 of 1 [ 13 posts ] 

rearden
Pileated woodpecker
Pileated woodpecker

User avatar

Joined: 9 May 2005
Gender: Male
Posts: 196

30 Dec 2005, 1:42 pm

http://forums.myispfinder.org/showthrea ... ge=1&pp=15

There's a new exploit out there that can infect Windows-based systems. Under IE or pre-1.5 Firefox, all you need to do is visit an affected web page. With FF 1.5, you are prompted to download a graphic file and will be infected if you choose Yes.

I got burned by this one when I was using a friend's computer a few days ago, before this exploit hit the mainstream media. I visited se ri al s.ws (DO NOT GO THERE IF YOU USE WINDOWS!! !!) in search of a replacement serial number.. Next thing I knew the web browser went nuts, a DOS box opened, and a system tray popup alerted me that I should download "Spy Sheriff". Shortly thereafter, it screwed with the desktop and brought the system to a crawl. I tried to install a few virus scanners, and immediately after installing them the trojan would run a system restore and wipe it out! I managed to get several virus and spyware scanners on there, manually deleted a bunch of files (including one text file it had made consisting of every e-mail address in the address book!), and ran them till they found nothing. But the computer STILL ran like crap. I ended up reformatting and reinstalling.

Be careful out there.. Avoid porn, warez, and other shady sites until MS gets around to patching this mess.



Jonny
Velociraptor
Velociraptor

User avatar

Joined: 9 Feb 2005
Gender: Male
Posts: 440
Location: London

31 Dec 2005, 9:26 am

Wow dodgy, thanks for the warning

/runs off to install Firefox 1.5

This is particularly scary since you mentioned it run System Restore. I tend to rely on System Restore to clear our viruses its often easier to do that than running a full virus scan.



Pikachu
Veteran
Veteran

User avatar

Joined: 24 Mar 2005
Age: 40
Gender: Male
Posts: 2,434
Location: half way up a big hill

31 Dec 2005, 5:20 pm

I'm glad I use Linux, oh wait, my fiancee uses windows, i'll tell her to be careful before it is too late (she won't have a clue what's going on if her system gets it, and she would probably say yes to the download as I have found lots of junk on her system which backs up that theory, i just need to remember which version of firefox i installed on to it)


_________________
Thanks Tinkerbell.

Allegedly away with the fairies for 6-7 years


CDRhom
Deinonychus
Deinonychus

User avatar

Joined: 5 Nov 2005
Age: 61
Gender: Female
Posts: 354
Location: DFW, TX

01 Jan 2006, 5:09 pm

You don't have to use windows to run the IE or Firefox internet browsers.

Fortunately I use Opera at home. Unfortunately my lab uses IE and Firefox. I wonder why the virus designers exempted Netscape?


_________________
'The question of whether computers can think is like the question of whether submarines can swim.' - Edsgar Dijkstra


Jonny
Velociraptor
Velociraptor

User avatar

Joined: 9 Feb 2005
Gender: Male
Posts: 440
Location: London

02 Jan 2006, 6:50 pm

Patch up guys

http://www.grc.com/sn/notes-020.htm

Although i cant guarantee this is actually a fix. I have installed it though. MS just need to get off their asses !



MindOfOrderedChaos
Veteran
Veteran

User avatar

Joined: 26 Sep 2005
Age: 35
Gender: Male
Posts: 751
Location: New Zealand

02 Jan 2006, 9:43 pm

People still use Netscape?



Jonny
Velociraptor
Velociraptor

User avatar

Joined: 9 Feb 2005
Gender: Male
Posts: 440
Location: London

05 Jan 2006, 5:48 pm

MS have finally got something for us

http://www.microsoft.com/technet/securi ... 6-001.mspx



Pikachu
Veteran
Veteran

User avatar

Joined: 24 Mar 2005
Age: 40
Gender: Male
Posts: 2,434
Location: half way up a big hill

06 Jan 2006, 6:40 pm

CDRhom wrote:
You don't have to use windows to run the IE or Firefox internet browsers.

Fortunately I use Opera at home. Unfortunately my lab uses IE and Firefox. I wonder why the virus designers exempted Netscape?


True but reading the warning gives anyone the impression that this vunerability will fully execute on a windows system


_________________
Thanks Tinkerbell.

Allegedly away with the fairies for 6-7 years


BeeBee
Veteran
Veteran

User avatar

Joined: 31 Mar 2005
Gender: Female
Posts: 2,257
Location: Upper Midwest, USA

08 Jan 2006, 4:20 pm

My home computer got hit with this. First thing i tried was system restore but it won't let you select a date before infection.

Any suggestions before I pay some computer geek money to help me?

Please make suggestions in non-techincal terms!


BeeBee



ghotistix
Veteran
Veteran

User avatar

Joined: 2 Feb 2005
Gender: Male
Posts: 1,186
Location: Massachusetts

09 Jan 2006, 3:13 am

If you can get on the Internet, download and install AVG Free, then run a scan. They're pretty good about having up-to-date virus definitions, so hopefully it'll be able to find the problem. After that, run Windows Update and reboot.



violentcloud
Veteran
Veteran

User avatar

Joined: 9 Dec 2005
Age: 36
Gender: Male
Posts: 1,491
Location: Cambridge

09 Jan 2006, 3:18 am

I love OS X :)



BeeBee
Veteran
Veteran

User avatar

Joined: 31 Mar 2005
Gender: Female
Posts: 2,257
Location: Upper Midwest, USA

09 Jan 2006, 4:33 pm

Thanks, ghotistix.

My son is running AVG now and he says it seems to be finding all the %#*.

BeeBee



Bateau
Blue Jay
Blue Jay

User avatar

Joined: 22 Aug 2005
Age: 37
Gender: Male
Posts: 83

02 Feb 2006, 3:53 am

having dealt with a few cases of this now, I would recomend downloading and patching AdAware, and getting current versions of HiJack This and Look2me fix (often labeled l2mfix)

pull the comptuer off the net (physicially remove the network cord/modem cable)

go into safe mode, run ad-aware, reboot into normal mode, run it again, then run hijack this, come back, and post a log (you can find plenty of tutorials on how to do this) Most anyone here who has donemuch malware removal can instruct you on how to proceed, the l2mefix was needed on most of the infected machines I dealt with, but bestnot to use unless sure.