Well, my Windows computer locked up and deleted my post so I'll try again -

I'm tired of all the time, money, searching, downloading, updating, and general CRAP involved with Microsoft products when it comes to viruses, malware, spybots, keyloggers, worms, and hackers in general, and you still get hit.

I'm laid off, and can't afford anymore fixes, software, help or just a new OS. (I'm on dialup and can't process massive downloads). Can the Library allow program downloads to removable drives ?

When I can afford it, it will be Apple. F*ck Microsoft, they lost all of my future business.

In the meantime, Microsoft got extremely rich off of their mandatory OS, and owes the consumers now stuck with it, a complete fix, on a separate disc, instead of tens of thousands of warnings, patches, updates, and downloads. I've been pretty good on things up until a few weeks ago, and have some kind of malware now. (Not the Conficker worm).

My main problem is Google search redirects, and my computer does not recognize my thumb drives for backups.

I want to open this thread to complaints, suggestions, brand loyalists, and general information about on line software that can help or hurt anyone.

Look at the Mac mini (599-799), or a refurbished used Mac...you will not regret it.

I might replace my Commodore 64 soon, too.
:D

I have been running Win 2000 Pro for about a year, since the larger HD that I purchased and used in my nearly 10 year old IBM Thinkpad bit the dust and forced me to use the original10 GB HD that it came with. I was running Win XP with the larger HD.

I have never had any problems at all with any Windows OS that wasn't my fault, and I am teaching my newbie neighbor to use the infamous Win ME OS that I installed on an old desktop computer I sold to him.

I must admit that I have never used Vista, since I found out that it is Windows XP with buggy apps and a $39.95 eye candy.upgrade. I also have some experience running Linux and Unix OSes, but I am no expert.

Of course your experiences may differ, based on your browsing habits, and third-party app downloads that you have installed, or have stored on your HD, if any. I haven't paid for anything in years for use in a Windows OS.

Better hurry...leaded fuel is nearly unavailable as it is.

Bigb23, you're gonna' love your mac!

Almost all PC to Mac converts become the most rabid boosters of Macs.

Bigb,

What is your exact configuration (OS, model computer, etc.)?

Other than the fact that you use dialup, none of us really know. Right now you are sounding like most end users complaining about something not working but not giving enough detail.

The fact that you are using a computer that won't recognize a thumb drive is a bit disconcerting. Also, since you are using dialup I'm sure you're not using a router, which is in essence a hardware firewall among other things. It keeps a lot of crap from floating down to your PC.

Lastly, take a look at where you are going on the internet. Since you are not probably downloading a lot of crap using bit torrent, music, etc. either your dialup has the security of a Thai hooker, or you like surfing to web sites featuring Thai hookers. (No offense to you or Thai hookers).

I have both been an end user and administrator of Windows based PCs for over a decade, and have only once caught something so bad that I had to reformat my drive, and that was years ago, and my fault.

A router, AVG Free antivirus, and Ad-Aware have kept me safe for many years.

I want to open this thread to complaints, suggestions, brand loyalists, and general information about on line software that can help or hurt anyone.

I noticed that you have uploaded some uh..interesting images on DYes, and have to wonder what and where you browse and, what third party applications that you may have installed. You also did not mention which Windows OS it is that you are running, I am guessing that it is Vista? Have you downloaded any music, images, and/or video clips from filesharing websites as well??

Flanders,

He is on dialup, so I am going on the assumption that he's not doing too much filesharing, but I could be wrong.

My biggest computer hassle in the past few years has been a networking problem with my elderly parents' Mac. Although I use PCs, we bought them a Mac since my siblings are Mac devotees and praise their ease of use. Maybe this bad Apple experience was an aberration, but my Mac "expert" siblings couldn't debug it for a few months. My PCs on the other hand have been trouble free.

For well-regarded free PC apps, go to http://www.techsupportalert.com/best_46_free_utilities.htm#5

Free firewalls, antivir, anti-spyware, utilities, etc.

:rolleyes:
Flanders,

He is on dialup, so I am going on the assumption that he's not doing too much filesharing, but I could be wrong.

I had dialup as a backup when I was selling heavily on eBay for about a year, and had to check my seller accounts everyday, power failure or not. My landline telephone provider (AT&T) began to get as expensive as having a broadband connection, due to its toll charges for dialing calls "outside" of my area. (my phone number for IP internet access was local of course) If I was Bigb, I would construct a rooftop antenna to grab any "free" and unencrypted wireless signals that might be available within range...

:D

BigB- I can relate what you are saying about dial up and Microsoft issues. We recently upgraded to DSL, and I am thrilled with the results. The Mac will probably serve you better if you can do the DSL now.

There is a web site that I have found to be a great help with self fix issues. It's called Bleeping Computer (bleepingcomputer.com) a bunch! I used it a lot when I had dial-up, and maybe it could help you too. ;)

(http://www.detroityes.com/mb/member.php?u=478)Islandman (http://www.detroityes.com/mb/member.php?u=478) -

Bigb,

What is your exact configuration (OS, model computer, etc.)?

I'm running an emachine media center, with a 2.2 gig AMD 64 processor, 7 USB, DVD RW+ multi layer, CD write, 300 gig hard drive. 8 in 1 card reader, microdrive, blah blah. Not a heavy user of the stuff available to me. And Windows XP , with the 40 # XP bible that you need to get. The bible does not upgrade. (Like the real one).

Also, I had the the self described computer god, from across the street, do a little tuning up, years ago, but the problems have only been in the last month or so. AVG would not update, and the squirrely google redirects. In researching, ALOT of people have the same problem, but to run startup logs and post them online, for anonymous help, and line by line editing, seems a stretch.

Just a rant, but any easy help would be appreciated. :confused:

Search redirects are generally a result of a virus infection.

If you haven't been able to get rid of the infection through your antivirus or antimalware, download HijackThis (http://www.trendsecure.com/portal/en-US/tools/securit~~~ools/hijackthis). Be sure to read the FAQ.

Then post the results at a HijackThis forum ( such as http://www.hijackthis.de/ or http://en.community.dell.com/forums/3521.aspx?tid=4a0d012d-f4a3-41a5-a409-ce012fa092f5 )

That's the point of my thread - do we have to have ALOT of regular people correcting the mistakes of a corporate monopoly ? How much do they earn helping the average Joe ? (Nothing). Yeah, I could upgrade to broadband and download 350 GB of fixes, but does that solve the problem at the head end ? No. They have to have a conscience, maybe import some more visa workers ? (no they can't find the PROPER workers in the USA), NO MORE MICROSOFT.

Now all I want to do is save some E-mails and pics and start from scratch. :mad:
Any thoughts ?

Back your computer up completely. You should have a copy of anything you care about anyway! Then make your purchase...

Islandman... I too use the free AVG anti-virus software and Ad-Aware, no problems.

You also have to do periodic antivirus system scans just to make sure you have a clean bill of health... just depending on software to prevent incoming viruses doesn't always help.

I also use Earthlink TotalAccess, so they remove all viruses from EMAILs before I even get them (and they warn me that an infected EMAIL has been marginalized).

I am also enjoying my recent migration to Mac...and marvel at how the Book simply gets out of the way so I can create.

I understand more fully why Mac converts can be SO enthusastic, bordering on offensive evangelical.

I haven't thought about the hardware in over a month. I've gotten more done on this box since then than it seems I got done in three with the PC.


I'm with you...screw Microsoft. My desktop is a Linux device, which my wildly evangelical cousin setup for me last year after a friend gifted me with the computer...in the midst of the horrors I suffered with my laptop and Palm Pilot and Cell Phone.

Open Office provides all I need for writing, calculating, and presenting...enough to get me to totally forget Microsoft's Office Suite.

Mac's Mail program was the final nail in that coffin...I will never suffer Outlook again...and now I won't miss any of the functionality.


Cheers, hope you find peace with your technology...

I'm not even going to Google F*ck Microsoft, on top of the 25,000,000 hits, it will redirect me to a Russian shopping site. Nyet ! :mad:

I'm not even going to Google F*ck Microsoft, on top of the 25,000,000 hits, it will redirect me to a Russian shopping site. Nyet ! :mad:

I use Spybot BigB...its a free spyware/malware searcher, and it solves the problems...

Did I mention FREE???

I use Spybot BigB...its a free spyware/malware searcher, and it solves the problems...

Did I mention FREE???
That one is free, as well as one of the best ones, Malwarebytes, and Ad-Aware. And Microsoft includes a firewall and Windows Defender with Win XP and Vista.
Also, Zone Alarm still has a free firewall available.

I've always had my firewall on, and whatever I have has affected the updates on my AVG free. I used to run Spybot and Ad-aware, but they conflicted with my Symentec and AVG. And, online, people say that for the most part, they don't work on the redirects.
Just a few hackers ruin things for millions of people. I appreciate the advice - keep it coming.

I've always had my firewall on, and whatever I have has affected the updates on my AVG free. I used to run Spybot and Ad-aware, but they conflicted with my Symentec and AVG. And, online, people say that for the most part, they don't work on the redirects.
Just a few hackers ruin things for millions of people. I appreciate the advice - keep them coming.

MACs are no longer impenatrable. Security through obscurity had to run out sometime.

http://www.msnbc.msn.com/id/12537279/

If you still want to do a reformat and want to save emails and pictures, just burn what you want to keep to a DVD/CD and then do your reformat/reinstall. Make sure that you install a virus scanner, malware scanner and firewall and ALL of the updates. After all that's done, begin copying all of your data on the DVD back, and the malware prgs should catch any virii, etc as you copy.

Avast is another really good free a/v product. I've seen serious conflicts on machines that try to have Symantec and AVG trying to co-exist.

Jcole -

What I can't figure out is, how can a virus prevent my computer from recognizing any thumb drives on any of the USB's ? And I also tried a defrag and got an error message saying it won't start. I need my personal confuser for job searching, and the redirects are really pissing me off. I'll download ad aware tonight and see what happens. :confused:

Jcole -

What I can't figure out is, how can a virus prevent my computer from recognizing any thumb drives on any of the USB's ? And I also tried a defrag and got an error message saying it won't start. I need my personal confuser for job searching, and the redirects are really pissing me off. I'll download ad aware tonight and see what happens. :confused:

A lot of the newer malware is coded to not allow you any way to get rid of it. In other words, it prevents the use of thumb drives that might have a new virus program on them, or it won't let you go to a website for malware software.

A lot of the newer malware is coded to not allow you any way to get rid of it. In other words, it prevents the use of thumb drives that might have a new virus program on them, or it won't let you go to a website for malware software.

Second. They also "act" like they are doing a scan of your computer when they are doing nothing. Even doing an online scan will not work at this point. Definitely wipe time.

Second. They also "act" like they are doing a scan of your computer when they are doing nothing. Even doing an online scan will not work at this point. Definitely wipe time.

I definitely agree.
Even my suggestion of burning your data to DVD may not fly. It depends on the virus. Or trojan, or whatever the case may be.

Too bad that you probably don't know how to use a live Linux CD/DVD with Clam AV, it will scan and remove viruses from a Windows OS while it is not running, but the partition where the OS is located "C" in windows but 1 in Linux, has to be mounted first, and the Clam AV has to be updated from its website.

Jcole -

What I can't figure out is, how can a virus prevent my computer from recognizing any thumb drives on any of the USB's ? And I also tried a defrag and got an error message saying it won't start. I need my personal confuser for job searching, and the redirects are really pissing me off. I'll download ad aware tonight and see what happens. :confused:

A defrag won't help you, but I always defrag Windows in safe mode the less apps running while defragging, the better, IMO.

All of the wasted time dealing with this PC nonsense easily makes up for the cost differential to Mac...even at 5 dollars an hour, you end up ahead.

All of the wasted time dealing with this PC nonsense easily makes up for the cost differential to Mac...even at 5 dollars an hour, you end up ahead.
Did you miss this link by d.mcc in your haste to make it to your 20 post quota today?
Macs no longer immune to viruses, experts say

Apple's growing market share, new chips said making it more of a target

http://www.msnbc.msn.com/id/12537279/

All of the wasted time dealing with this PC nonsense easily makes up for the cost differential to Mac...even at 5 dollars an hour, you end up ahead.

$5.00 an hour?

I've never paid one red cent for tech support, what I needed to find out was easily discovered in books, trial and error, or by browsing for it online, you can't learn by paying for someone else to fix computer problems.

Just this am, my free AVG software program displayed an error message when checking for updates, turns out that the server mirror that it contacts is down. I could not change the fixed web address within the free version of the software, so I checked online to see if anyone had the same problem, and of course there were several links regarding it, I deleted two files within the application, and AVG now downloads updates automatically once again with no problems..

The line by line edit can throw me. What I need is a fix that does'nt need a UNIX edit.

Seriously BigB, you need to check out bleepingcomputer.com. I had the Vondue virus and was able to remove it following their program suggestions (free) and their advise. The machine does the work cleaning itself up!

This is a long shot but regarding the "redirects," you might want to check your C:\WINDOWS\system32\drivers\etc\hosts. file. Normally the only non-comment line in that file is
127.0.0.1 localhostAny other addresses in there would likely be the cause of the redirects. That file should normally be left read-only (right-click/properties/attributes) since it's a target of hijackers.

I'm a straight up Mac user. In our office we run 3 - 5 Macs all day long and have for a little over 7 years. The only virus we've ever had to deal with was one that disabled our e-mail. But that doesn't mean that you never have problems with Macs. I know more than a few people that get reasonably annoyed with the mac ads. I also think that it's pretty naive to think that someone isn't going to come up with a nasty virus for macs too. We're very careful about what gets downloaded here and we're always waiting for that bad day.
It's like the old joke of saying, Nobody could do that!, if you wanted to get somebody to do something. I hate hearing anyone touting how safe macs are, because I know that it just drives more and more meatheads to find a way to do it. I love the mac, but they aren't perfect, although for what they cost, they should be.

That is a very low ball estimate of the per hour amount for the frustrated computer user, not tech support.

This is a good site for getting rid of things that other AV don't get.
http://www.malwarebytes.org

I also second http://www.bleepingcomputer.com/forums/ as a good place to get help from others on removing your problem.

This is a good site for getting rid of things that other AV don't get.
http://www.malwarebytes.org (http://www.malwarebytes.org/)



I just used them last night for something that slipped through my Macafee anti-virus/anti-spyware. I used the free trial download and it seems to have worked.

This is a good site for getting rid of things that other AV don't get.
http://www.malwarebytes.org

I also second http://www.bleepingcomputer.com/forums/ as a good place to get help from others on removing your problem.

My gurus, including those [rackAid.com] who watch over, update, patch and back up my dedicated rack server on which this discussion takes place, have advised running the free version of malwarebytes.

All of this stuff is a non issue in the Mac universe.

All of this stuff is a non issue in the Mac universe.

Only because Windows is far more widely used, and has nothing to do with how much better and secure it is. The most secure OS is a Unix distro named OpenBSD. If Mac was as popular as Windows has been, it would be targeted and be the most vulnerable. Crackers would then create viruses, worms and trojans for Mac rather than Windows. Most servers are Apache which uses the Linux kernel.

Maybe so...but possibly not the case at all. It doesn't really matter to the individual user why one is a disaster and the other isn't however.

I just used them last night for something that slipped through my Macafee anti-virus/anti-spyware. I used the free trial download and it seems to have worked

I spoke too soon. The problem came back (fake security warnings) so I am running the Malwarebytes again. How many times do I need to do it? I deleted everything they said to delete the first time.

Make sure you are doing your Windows and other software updates as well as your virus checks


I do.

Has anyone else had this malware that seems to mutate and come back? Will the malwarebytes get rid of it eventually, or do I have to do something else?

Looks like I got this:

http://www.snopes.com/computer/virus/conficker.asp

:eek: It's dormant again right now, but if anyone knows of a removal tool, please post it.

Pam, at the end of that snopes article it mentions something about removal tools.

Thanks for the link. I was looking for some test to verify that I was not infected and that Eye Chart test mentioned in the article indicates that I am not.

The AV industry seems particularly concerned about this Conficker worm but they seem reluctant to reveal the whole story. Maybe that's just my misconception.

Whoever writes the material for the Apple commercials is brilliant.

While he does not write the commercials, John Hodgman, who plays PC, is a funny guy in his own right. He wrote the book entitled:

For Your Consideration, The Firms of Dutton & Riverhead Books Present in the English Language: A Further Compendium of Complete World Knowledge in "The Areas Of My Expertise," Assembled and Illumined by Me, John Hodgman, A Famous Minor Television Personality, Offering More Information Than You Require On Subjects as Diverse as: The Past (as There Is Always More of It), The Future (as There Is Still Some Left), All of the Presidents of the United States, The Secrets of Hollywood, Gambling, The Sport of the Asthmatic Man (Including: Hermit-Crab Racing), Strange Encounters with Aliens, How to Buy a Computer, How to Cook an Owl, and Most Other Subjects

Or "More Information Than You Require" for short. This is the sequel to the book:

An Almanac of Complete World Knowledge Compiled with Instructive Annotation and Arranged in Useful Order by myself, John Hodgman, a Professional Writer, in The Areas of My Expertise, which Include: Matters Historical, Matters Literary, Matters Cryptozoological, Hobo Matters, Food, Drink & Cheese (a Kind of Food), Squirrels & Lobsters & Eels, Haircuts, Utopia, What Will Happen in the Future, and Most Other Subjects

Or "The Areas of My Expertise" for short.

He has also been a Mac user since 1984, so says Wiki.

Did he write the material for the commercials?

I am on a borrowed computer right now. I took mine into the shop. I was getting Google redirects so I think it still has something the malware remover missed.

I'm still having major problems like Pam. I can't get to the malware sites, so if anybody can email small working patches to (navy harbor dog at yahoo dot com), I would appreciate it. You might have to change the file name - and tell me what to change it back to.
I'm laid off, and can't afford one red cent towards anything computer related. What a drag. My OS info is on the first page of this thread.

Thanks. Bigb23

BigB- you might have to find a pro willing to help you somewhere. Maybe you can barter with them or something on the cost.




I can't get to the malware sites


This could be the worm/virus blocking you. I couldn't even look up the McAfee threat level yesterday. It sounds like this thing is tough to beat without extreme measures, so that's why I caved and took mine in.

From a website I found:

Open a “Command Prompt” window and type “net stop dnscache” (without the quotes) and hit Enter. If the command works correctly, you should see “The DNS Client service was stopped successfully”. If it fails, try opening the command prompt as an Administrator (generally needed in Vista) by right-mouse-clicking the “Command Prompt” link, and selecting “Run as Administrator”. Once you successfully stop the dnscache service, you should be able to download and run Symantec’s Conficker removal tool (http://www.symantec.com/security_response/writeup.jsp?docid=2009-011316-0247-99).

Log the time and costs spent over time (months)....the Apple will pay for itself several times over in short order.

Quote: "Log the time and costs spent over time (months)..."

Then weigh that against the majority of us who rarely and never have any issues, plus the inconvenience of all the software that won't run, and will never run on a Mac or Linux and the PC wins every time.

I have very little trouble with my PC's. I have several, XP and Vista. Some aren't rebooted for weeks.

Pam, BigB try "Super anti-spyware". Dumb name, great free app for getting rid of bots etc.

http://www.superantispyware.com/

If you can't get there, let me know, I can upload the set up folder to wikiupload.

In the words of Maddox, one thing that PC users can do that Mac users can't is shut the fuck up. I couldn't be a Mac user because I'm not a whiny and snobby ........., which seems to be a requirement for using one.

I've listened to people whining, crying and bitching about Vista since it came out. I've been using for a year and a half and as long as you have a system that is powerful enough to run it and are not a complete moron, it's perfectly fine.

Lastly, I've had a home computer for ten year now and have one virus warning, which was caught by AVG before it got in. If you have a firewall, AVG Free, and Spybot, keep them all up to date, and are not an idiot, you should have minimal problems.

I apologize in advance to everyone who is offended by this post, which should be everyone, but keep in mind that my apology is only half-hearted.

All the mainstream Numerical control manufacturers are running Microsoft frontends on all their controls. Not Mac, not Linux. And they can use anything they want. Reason being, Windows blows both of them out of the water for performance and reliability in that environment. Mac users brag about reliability, the only reason, those systems aren't being attacked like MS products are. When they do come under attack, there isn't going to be mass user community involvement to combat it like there is and has been with Windows. And the more market share they attain, the more appealing they look to hackers.

You couldn't give me a Mac system. I tried to use one at Kinko's once, what a piece of shit.

Wow, Ched-Bob and Sstash finally agree on something.

I knew he'd eventually come over to the winning side :)

In the words of Maddox, one thing that PC users can do that Mac users can't is shut the fuck up. I couldn't be a Mac user because I'm not a whiny and snobby ........., which seems to be a requirement for using one.

I've listened to people whining, crying and bitching about Vista since it came out. I've been using for a year and a half and as long as you have a system that is powerful enough to run it and are not a complete moron, it's perfectly fine.

Lastly, I've had a home computer for ten year now and have one virus warning, which was caught by AVG before it got in. If you have a firewall, AVG Free, and Spybot, keep them all up to date, and are not an idiot, you should have minimal problems.

I apologize in advance to everyone who is offended by this post, which should be everyone, but keep in mind that my apology is only half-hearted.

Thank you! :)

Sigh...damning (PCs) with faint praise is the best that can be mustered I see. ONLY one virus warning? And Vista works well AS LONG AS what qualifications are in place?

I've always been a Windows user, so I haven't had to come over to the winning side from somewhere else. I've always been here.

If Macs are so great and work flawlessly, why is there a site called macfixitforums.com ?
Here's a great read on Macs and their users. It's been posted before, but it's always worth a second look...

http://www.thebestpageintheuniverse.net/c.cgi?u=macs_cant

That site is for those that can't solve interface issues intuitively (as this is how Mac's are designed). I have never used support of any kind for an absence of need to do so.

That site is for those that can't solve interface issues intuitively (as this is how Mac's are designed). I have never used support of any kind for an absence of need to do so.

Does your Mac have an antivirus program on it? Do you use a firewall? Do you have a router?

I've always been a Windows user, so I haven't had to come over to the winning side from somewhere else. I've always been here.

If Macs are so great and work flawlessly, why is there a site called macfixitforums.com ?
Here's a great read on Macs and their users. It's been posted before, but it's always worth a second look...

http://www.thebestpageintheuniverse.net/c.cgi?u=macs_cant


Thank you for posting that link. I too have always been a PC person, and am sick of hearing how great Mac is. If it's so great, why are there so many more PCs in use worldwide?

Yes for router, yes for a simple, free, and unintrusive firewall, no for antivirus software.

Why are there more PCs? They are much cheaper (in every sense of the word).

Yes for router, yes for a simple, free, and unintrusive firewall, no for antivirus software.

Why are there more PCs? They are much cheaper (in every sense of the word).

How can you tell if you don't have a virus? Read this article to see your vunerabilities.

http://www.msnbc.msn.com/id/12537279/

If a tree falls in the forrest...as the saying goes.

Oh no! I've contracted the EICAR (http://en.wikipedia.org/wiki/EICAR_test_file) virus! I'm doomed! ;)

If a tree falls in the forrest...as the saying goes.

I'll bet he's got antivirus on his computer...
http://michaelscomments.files.wordpress.com/2008/11/forrest-gump-p11.jpg?w=350&h=526

How much do you bet?

Frankly, I never cared much for either PCs or Macs. But that's just me. I was raised on big iron (http://en.wikipedia.org/wiki/Big_iron) -- things like CDC Cyber 6600s (http://en.wikipedia.org/wiki/CDC_6600) and such. My all-time favorite was the VAX (http://en.wikipedia.org/wiki/VAX)/VMS (http://en.wikipedia.org/wiki/OpenVMS) system.

I have a lot of gripes about the industry but I'd say the top one is that the computer has been commoditized into a consumer electronic device. That changed its primary purpose from being a tool for solving important problems to simply a means of making a lot of money from consumers. This gripe is the primary cause of several other major gripes that I won't discuss here.

Don't get me wrong. I think it's fantastic that the common man can enjoy the enormous benefits of cheap computers. It's just that corporate bean counters have been pressuring professionals to accept cheaper (granted, souped-up) PCs as replacements for much more versatile systems. It's like slapping a turbocharger onto a plinky toy piano and expecting it to sound like a Steinway. Compare the DCL (http://en.wikipedia.org/wiki/DCL_command_language) and MS-DOS (http://en.wikipedia.org/wiki/MS-DOS_commands) command languages to get an idea of the difference.

Hmm. "commoditized." Does that refer to turning something into a commodity or a commode?

Oh, well. It's a gripe thread so I griped. Shoot me.

Yea, I saw the picture of Forrest Gump, and saw that you pointed out a spelling error. I still wanted to know how much you would bet though.

Sorry, you are correct, the question is directed at Stosh.

Sorry, you are correct, the question is directed at Stosh.

Why should I bet? I think he's probably intellegent enough to recognize a threat to his computer, don't you? And he's probably a Mac user to boot. No, wait... probably Linux. He's not that stupid to pay that kind of money for a lifestyle choice.

And before you pull the reference to Apple in the movie, read this:


The makers of the 1994 movie "Forrest Gump" sought a plot device that would render its main character fabulously rich, they cast him as an early investor in what Forrest Gump described as "some kind of fruit company": Apple Computer. By dumb luck, the movie suggested, its guileless hero had amassed so many millions that he could finance a Gump Medical Center, build a Baptist church and allow the family of his fallen friend Bubba to live in luxury.

In the real world, though, Apple would hardly make anyone's list of Wall Street's greatest hits, despite its considerable business accomplishments. Like Google today, Apple was a young but profitable company celebrated by the media when it made its stock market premiere in December 1980. But because much of its future potential was already factored into its initial offering price, few other than the company's founders and its venture capitalists can boast they got rich off Apple.

Had Forrest Gump bought Apple at the closing price on its first day as a publicly traded company and held it for five years, he would have lost more than 30 percent of his money, said Tim Loughran, a finance professor at the University of Notre Dame who studies initial public offerings.

Apple then rebounded, and the stock more than doubled by the time "Gump" was released, in mid-1994, but Forrest Gump would have done better in an index fund. Over time, Professor Loughran said, the company "has gotten absolutely creamed" by the Standard & Poor's benchmark of the top 500 companies.

"I always have to laugh at Forrest Gump because they never bothered to check the price," Professor Loughran said

I didn't ask why you should bet, since you stated you would bet, I simply asked how much.

Fair enough, Captain Literal.
The phrase then, should have read: Even he's got antivirus on his computer.
Which, of course will sooner or later catch up with you if you don't correct the situation. Technology and criminal behavior has a way of adapting, sadly.

Since I have CC ignored I don't know what he's saying, but if he's extolling the virtues of his MAC, you should listen to his advice. You should always take the technology advice from someone who, just a fews short months ago, had his password, private information, and fetish porn proclivities exposed for all to see because he used the same ID and password for everything. That's the type of person whose advice I would heed on technical matters.

I wasn't going to mention that. But it IS a valid point, Bob. Come to think of it, though, the vast majority of internet viruses come from sites such as those. They prey upon those searching for a specific thing, then once there upload their crap upon your system. Most sites can detect what OS you are using, then adapt the upload accordingly.

I can only imagine what is on CC's system.

You are referring not to the damage of a virus, but a human cancer that had to be excised. No antivirus software would do anything in that context.

BTW, BigB...how's that ignore feature working out for you? I think it may be malfunctioning.

You are referring not to the damage of a virus, but a human cancer that had to be excised. No antivirus software would do anything in that context.

A human cancer? I don't get it.

The malicious actions of a person choosing to commit a crime (identity theft)...malignant and the choice of an individual...hence "human cancer"

The malicious actions of a person choosing to commit a crime (identity theft)...malignant and the choice of an individual...hence "human cancer"

Whatever. It's your computer, do with it as you will. I'm just pointing out that you could be at risk from websites that you may frequent.

LOL. Ditto on the ignore. Yet here he is, trying to give people advice on something he's obviously clueless about. No surprise there. If only people would stop quoting him, I would never have to see the drivel.

Your'e right, I'm contributing to the problem.
Sorry to have inconvenienced the ignorees. Continue on.

Anyone know what has happened to BigB23?

Quote: "LOL. Ditto on the ignore."

Ever find it amusing that some keep referencing the folks they are supposedly ignoring? I don't need an ignore feature to ignore someone, was ignoring some people long before it was available. :)

I just got back online, it was either the rent or the phone bill last week, what a great country we inherited last Jan 20th. My computer is still infected and SLOW. Any help out there with the Conficker virus ? Check my last couple of posts.

I just got back online, it was either the rent or the phone bill last week, what a great country we inherited last Jan 20th. My computer is still infected and SLOW. Any help out there with the Conficker virus ? Check my last couple of posts.
Did you try the file 'KKiller' that I sent you back on 3/31?

Quote: "LOL. Ditto on the ignore."

Ever find it amusing that some keep referencing the folks they are supposedly ignoring? I don't need an ignore feature to ignore someone, was ignoring some people long before it was available. :)
Who do you mean by "some"?

Quote: "Who do you mean by "some"?"

Some, and they know who they are. :D

No comment, as that goes in the wrong direction and is in violation of the rules.

Jcole -

Yeah I tried the kaspersky killer with no effect. I'm still redirected off the forum to @@@www. onlinescanxpp.com@@@@/land/eurl/?code=49 (don't click!), and it took over my desktop too ! I also get a fake Microsoft phishing filter popup and warning security report. I've been advised to reformat and start from scratch. Oh well, the pictures I hav'nt backed up will mean nothing to anybody else, except Garwooders and Cryptozoologists !
It also denies my admin access, I'm going to need help on this one.

I would have done a better job on backing up to an external, if I had the money, if not for all the layoffs over the past four years.

Jcole -

Yeah I tried the kaspersky killer with no effect. I'm still redirected off the forum to @@@www. onlinescanxpp.com@@@@/land/eurl/?code=49 (don't click!), and it took over my desktop too ! I also get a fake Microsoft phishing filter popup and warning security report. I've been advised to reformat and start from scratch. Oh well, the pictures I hav'nt backed up will mean nothing to anybody else, except Garwooders and Cryptozoologists !
It also denies my admin access, I'm going to need help on this one.

I would have done a better job on backing up to an external, if I had the money, if not for all the layoffs over the past four years.
Do you have your Windows CD? If so, all you need to do is put it in the CD drive, reboot into the setup and follow the prompts. Make sure you tell it you want to do a clean install not a re-install, and format the drive using NTFS.
This is assuming it's Windows XP. If it's an earlier version, you may need boot floppies.
You don't need admin access to do a format/ clean install. It will set up a new admin account for you in the process

Bigs, that redirect is associated with this trojan:

http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=155834&ctst=1#none

Virus Profile: FakeAlert-CK
Description

This is a detection for a trojan that displays misleading fake alerts to entice the user into buying a product to "repair" malware problems.
Indication of Infection

Presence of the mentioned files and registry keys.
Methods of Infection

Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include IRC, peer-to-peer networks, newsgroup postings, etc.
Back to Top (http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=155834&ctst=1#) View Virus Characteristics (http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=155834&ctst=1#)



Virus Characteristics


Upon execution, the Trojan drops the following files:

%System%\frmwrk32.exe (detected as FakeAlert-CK)
%System%\uniq.tll
%System%\win32hlp.cnf
Note:
%System% is a variable location and refers to the windows system directory.
It creates autostart entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run
Framework Windows = "frmwrk32.exe"
It also added the following registries as part of its installation:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\ActiveDesktop
NoChangingWallpaper dword:00000001
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System
DisableTaskMgr dword:00000001
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer
NoSetActiveDesktop dword:00000001
NoActiveDesktopChanges dword:00000001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\ActiveDesktop
NoChangingWallpaper dword:00000001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\Explorer
NoSetActiveDesktop dword:00000001
NoActiveDesktopChanges dword:00000001
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General
Wallpaper "%SystemRoot%\system32\ahtn.htm"

In effect, the following system modifications were made:

task manager is disabled
wallpaper is changed and user can't modify it
active desktop is disabled
The Trojan displays the following as wallpaper.

http://vil.nai.com/images/155834b.GIF
The Trojan shows the following fake warning in bubble warning.
http://vil.nai.com/images/155834a.GIF


It downloaded files from the following URLs:

hxxp://trucount3001.com/cgi-bin/promo.pl?code=0000049 - saved as %System%\ntdll64.exe (detected as FakeAlert-CK)
hxxp://onlinescanxpp.com/warning.gif - saved as %System%\warning.gif
hxxp://onlinescanxpp.com/winlogon.htm - saved as %System%\ahtn.htm
It then executes ntdll64.exe.
This Trojan replaces the Windows System file "userinit.exe" found in %System% with a copy of ntdll64.exe. However it renames the original "userinit.exe" as "init32.exe" first.

NTDLL64.EXE drops the following files:

%temp%\mousehook.dll
%temp%\ntdll64.dll
It then injects to the some processes such as svchost.exe or iexplore.exe.
Both are detected as FakeAlert-CK.dll
MOUSEHOOK.DLL hooks mouse click. Thus any mouse click may open the following site: hxxp://onlinescanxpp.com/land/eurl/?code=49
http://vil.nai.com/images/155834c.GIF
Once user click on "Scan your system for viruses", it will connect to the following URL to download Rogue Antivirus Program AntivirusXP Pro and executes it:
hxxp://antivirus-xppro-2009.com/cgi-bin/download.pl?code=0000049

Once AntivirusXP is executes it creates a copy of itself in Program Files as AntivirusXP.exe and will show fake malware scan reports.
http://vil.nai.com/images/155834d.GIF
It pops up the following registration pane to let users to type in registry keys.

Rogue Antivirus Program AntivirusXP Pro is also detected as FakeAlert-CK.

As long as my drives aren't disabled. My USB's don't seem to work. May the death of a thousand cuts be delivered to the hackers on this !

I have my OS info earlier on this thread. I'm trying to get help with this, instead of trying it all by myself. And thanks Jcole for trying with the fix.

Are you able to download anything at all?

Thanks, Stosh, for the info.
This all seemed to start when I downloaded the ringtone from the Crank movie online. Or, it might have been embedded for awhile, who knows ? Well, everybody has to start with a clean slate now, computer or not. : (

Check your private message.BB

Stosh, I tried that superantispyware site, and it would not link. I don't like to screw around with the registry if I can help it. In this case, two heads are better than one. Since I've been on this forum today, I've been redirected to ten different sites so far. That mouse hook is insidious ! : (

Stosh, I tried that superantispyware site, and it would not link. I don't like to screw around with the registry if I can help it. In this case, two heads are better than one. Since I've been on this forum today, I've been redirected to ten different sites so far. That mouse hook is insidious ! : (

You HAVE to screw with the registry in order to remove it completely. And it's not that hard to do if you know where to look. The post I linked to here lists all the files associated with it. Also all of the registry changes.

What I can't believe is that this seemed to disable my AVG free downloads a month ago, but my CCleaner still works. I deleted some suspicious stuff on that. I started on Navy computers back in 1974, and I'm still trying to catch up to the fifth graders on programming. Drag !!!!!

These are a couple of good forums for malware problems. Maybe you can match yours to one that was solved.

http://www.theeldergeek.com/forum/index.php?showforum=22

http://www.bleepingcomputer.com/forums/

This is excellent also, if you can get there.

http://www.malwarebytes.org/mbam.php

BigB do you still have the Spybot on your computer? That takes out the trojan that you have now. Maybe somewhere in your donwload section you still have it there?

Depending on what he's got, it may not allow him to get to a lot of the malware sites out there. Some of these bugs also disallow you to run the installers on things like Spybot and if you can run it, you can't connect to get the latest definitions.
Also, remember that he's using dial up, so trying to download a lot of this stuff is next to impossible for him.

He had that program (spybot) on his computer once. If he downloaded and saved it it might be still there on his computer as an executable or a zip file. Better to attempt to clean with what he currently has, I suppose.

And what he has is above in the post I made with the examples from Mcafee. FakeAlert-CK leads right to that website he listed. Shame that they can do that to people.

Edit: Another thing that I just thought of. I'd try doing a scan with your regular AVG in safe mode. It might work.

It is a rotten shame that people do that to each other, I agree. I just wonder if he has more than just the one trojan. If he does, some of them will stop the installer for Spybot, Ad-aware and Malwarebytes from running, so even if he has the zip or exe for any of those, he may not be able to get it to install. All he can do is try, though.
I ran into a real stinker of a trojan not long ago on my son in laws machine and I tried everything I could think of, including Hiren's Boot CD and Acronis, and I could not clean it up. I spent 3 days on it, and ended up reformatting.

Quote: "It is a rotten shame that people do that to each other,"

I often wonder how many of these malwares are actually put out by the people that write the software to get rid of them. It seems like just one of them always has the perfect remedy for one pesky trojan for $29.95. Think about it, most of these are more of an annoyance than sinister in nature. In reality if it was written properly it could go through folders and look for all sorts of things and send them to the host. I don't know any one that has actually happened to. Just pop-ups and redirects. Why would someone go to all the trouble to write an app that gives false warnings and redirects you to a page that no one in their right mind would patronize? Fortunately, the governments are finally going after the folks writing that junk anyway.

New Scam alert : If you have a website and get an email from the "Chinese web registrar" that a US company is trying to register your domain name over there, it's BS. The email is personalized and looks very legit. The first thing that crossed my mind was: "someone in China is concerned about intellectual property?" They are stealing everything from us.

I just heard on the news that 51,000 people who claimed their unemployment weeks on Monday will get their direct deposit days late, because of a computer glitch. Wow, they wait until Thursday night to tell you. I can't access my online Credit Union statements to check, because of this fucking virus. ARGGGG - that means bounced checks on top of everything else. Thanks Michigan.

I had several malware programs running a few years ago, but they started conflicting with my AVG. And the remnants of Symentec screwed things up too, after trying to remove that crap.

This all stinks to high heaven when it comes to paid corporate anti-virus software. I can't use my DVD R/RW at all for any backup because of Microsoft error messeges. Some of it could be due to the neighbor who lives across the street from me and screwed this computer up somewhat, with his fixit bravado. I hope a reformat will give me an out of the box OS again, and I'll print what I can, from my Outlook address book. Will a reformat do the D: partition too ?

I'll see what I can do over a few days to correct the virus, but it sure does'nt look good now.

No, you have to reformat the D: partition separately. Your best bet may be to do that before the reinstall so that if there is any malware on D, it doesn't spread to a freshly reinstalled C:

Jcole - I hope all that info is in my 2nd edition XP bible. I've never reformatted before ! I'm printing and taking notes as I read this. Thanks.

What other safe OS's can I use after a reformat ?

Do you have a copy of Windows or Linux on disk? don't reformat or do anything unless you have some kind of OS on hand. If you format and don't have an OS, all you'll have is a blank hard drive.

Jcole - I have the e-machine system recovery CD/DVD that came with the computer when I bought it from Best Buy. But with the error messeges I get when trying to save stuff on my DVD/RW - well this is getting pretty scary ! Do I need any product keys to look for before I try any of this ? I found the Microsoft Office trial key and I'm wondering.

I also tried several system restores with no luck.

Well, I'll check up on here around 10 Pm. It's NBC Thursday !

You should be able to use your restore disk. I'm not sure how emachines works, but you should either have a sticker on the outside of your PC with a key on it, or there should be one on the disk itself. The Office trial key is not going to do you any good when it comes to installing Windows. The errors that you are getting with your CD drive shouldn't figure into things when it comes to a new install since you will be 'outside' of Windows, using a driver that's on the disk. That is, providing your CD drive is mechanically sound.
With a virus/malware a system restore is more than likely futile, because it's probably infected with the same malware the rest of your system has

I'm gonna try and send that to you, but I don't know if it will work. Look for the e-mail.

I'm gonna try and send that to you, but I don't know if it will work. Look for the e-mail.
Do you mean the key that he needs?

Do you mean the key that he needs?

No, a malware program that may or may not work in his case. He could just as easily blow off the system, but if he don't have install keys for his programs then all is probably lost, time to rebuild. Like Gannon does, I currently use Open Office for all my needs in an Office Suite.

OMG...is this what people using PCs deal with on a regular basis? In this context, Macs are way underpriced.

No, a malware program that may or may not work in his case. He could just as easily blow off the system, but if he don't have install keys for his programs then all is probably lost, time to rebuild. Like Gannon does, I currently use Open Office for all my needs in an Office Suite.
Yes, Open Office is pretty impressive. I told him not to do the reformat without a Op Sys and a key. I just didn't know what your were emailing.

You know, CC, we're trying to help the guy fix a problem. If you have some valuble input, we'll be glad to consider it, but if all you're going to do is kvetch, could you save it til later, please?

Yes, Open Office is pretty impressive. I told him not to do the reformat without a Op Sys and a key. I just didn't know what your were emailing.

I've actually worked on an e-machine that was riddled with viruses, and managed to cleanse it using various tools. Not using dial up unfortunately to download, though. Would have to be an imported CD. I think that if he shut down the system restore function and then attempted a cleanup through the safe mode using even his AVG software, it might pick it up. I think that there is also a repair functionality with the disk as well, so he can restore the OS to what it once was.

I happened to read somewhere today that the AVG had a flaw somewhere in the code that shut down the update feature. Wonder if that is the case with his.

It's worth a try if he can get into safe mode. The trojan that my SIL had eventually infected safe mode also. The saving grace, oddly enough, with him using dial-up is that it should be harder for the trojan to reach out and download its payload from any related websites. That was one of the things that my SIL experienced with his malware. Before he knew what was going on, the trojan had sent up code to the internet and brought in reinforcements.

It's worth a try if he can get into safe mode. The trojan that my SIL had eventually infected safe mode also. The saving grace, oddly enough, with him using dial-up is that it should be harder for the trojan to reach out and download its payload from any related websites. That was one of the things that my SIL experienced with his malware. Before he knew what was going on, the trojan had sent up code to the internet and brought in reinforcements.

The key would be the manual removal of the offending components. I don't think that it's that hard to make a list and just delete the offending components, starting with the dll files first, if it will let you. Maybe the renaming of the files changed should come first, takes a few minutes to actually find out if that works. Once you are there though, and you cripple the trojan's payload, going after the rest is a piece of cake.

Yeah, the problem is crippling it. If it keeps replicating as he works on it, it'll be tough. But, as I said, it's worth a try. He'll have to get into safe mode, though, to be able to rename some of those dll's

Yeah, the problem is crippling it. If it keeps replicating as he works on it, it'll be tough. But, as I said, it's worth a try. He'll have to get into safe mode, though, to be able to rename some of those dll's

He should be able to delete the dll's if her renames the files that were changed, I think.. His best bet would be to delete ntdll64.exe first, then userinit.exe then rename the file that is called init32.exe as userinit.exe. That will disrupt a bit of the command chain, hopefully enough to get the rest of it.

A friend brought me his laptop because of similar problems. It was so infected by malware, spyware, and trojans that when I first installed and ran new clean up software (AVG and Spybot), it found 50,000 malicious files. The problem was that he had about 50gb of media that he wanted to save. I got it cleaned out except for a couple of file that would recreate themselves after each boot. I would boot it in safe mode and then use the cmd line to manually delete each file and file directory. It would still come back no matter what I tried, so finally I just transfered all of his media to my computer through my network, made sure it was all cleaned, wiped his HD and reinstalled the OS, then used a flash drive to put his media back on. I did get a nice bottle of tequila out if it.

A friend brought me his laptop because of similar problems. It was so infected by malware, spyware, and trojans that when I first installed and ran new clean up software (AVG and Spybot), it found 50,000 malicious files. The problem was that he had about 50gb of media that he wanted to save. I got it cleaned out except for a couple of file that would recreate themselves after each boot. I would boot it in safe mode and then use the cmd line to manually delete each file and file directory. It would still come back no matter what I tried, so finally I just transfered all of his media to my computer through my network, made sure it was all cleaned, wiped his HD and reinstalled the OS, then used a flash drive to put his media back on. I did get a nice bottle of tequila out if it.
And I thought that having 50 distinct viruses was bad. 50,000? Let me guess, he liked file sharing right? The command line is always a great way to go, but with XP now it's not separated from the Windows environment enough to make a go of it in most cases, or so I've found anyway.

Thanks for the help guys, I'll try a safe mode scan with AVG, and I'll try to find other info online, if the redirects don't drive me crazy first. I disabled one virus with a dll rename last year, and I only have this one now that I'm aware of. I'll lose some of my home made movies and maybe 100 personal photos, and the rest is just the silly shit I've posted on here. The main stuff I use my computer for, is just reference material and community contacts.
My laptop totally crashed a few years ago, so I've dealt with it before. I'll just burn a malware hacker in effigy in my backyard to get over it. :D

Is Cc adding his valuable input as usual ?

And I thought that having 50 distinct viruses was bad. 50,000? Let me guess, he liked file sharing right? The command line is always a great way to go, but with XP now it's not separated from the Windows environment enough to make a go of it in most cases, or so I've found anyway.
The command line is basically a stub of XP, but in safe mode, you should be able to use it to delete. The system is only using essential files when it's in Safe Mode so it shouldn't have a lock on what he needs to delete

Actually, I am curious if this is something that people commonly encounter with PCs...serious question.

The command line is basically a stub of XP, but in safe mode, you should be able to use it to delete. The system is only using essential files when it's in Safe Mode so it shouldn't have a lock on what he needs to delete

It used to be it's own separate component. DOS shell anyone? Delete anything, including Windows files. Can't do that now. It's probably for the best I suppose.

And CC, no it's not that common really. How many years have you owned a computer? 2?

Actually, I am curious if this is something that people commonly encounter with PCs...serious question.
I wouldn't say it's a common occurance. It's most likely to happen if your anti-virus/anti-malware software doesn't get the proper updates and a virus/trojan gets a foothold. BigB uses dial up for the internet, and it's sometimes difficult to get all the updates in a timely manner when you are connecting that way. Usually if you keep things up to date, and try to stay off porn sites, file sharing sites, etc, you'll be fairly safe. I use a firewall, anti-virus and anti-malware and I'm connected 24/7 and I've never had a bad virus on any of my PCs or laptops.I run a 3 PC network with a router on a 10Mbps cable. I also run two laptops on wireless. It's a matter of being cautious to the best of your ability.

Jcole - Not to say I'm a saint, but I've been on tractor forums and was linked to attack sites. Last year I googled that country smoke house on M-53 up in Imlay and was directed to an attack site. I do the best I can on my budget. My dialup is so slow, I can't do file sharing, and even stay off of YouTube. Even Pam got hit !

Jcole - Not to say I'm a saint, but I've been on tractor forums and was linked to attack sites. Last year I googled that country smoke house on M-53 up in Imlay and was directed to an attack site. I do the best I can on my budget. My dialup is so slow, I can't do file sharing, and even stay off of YouTube. Even Pam got hit !
I'm not bad mouthing you, Big. I know you're on dial up and it's hard to stay updated that way. My son in law has picked up a couple nasty ones on porn sites, though, which is interesting, considering I'm his tech support.

So why doesn't this happen on Macs? And why can't Microsoft/Windows learn from the relative absence of problems of this sort on Macs?

Even Pam got hit !

Still not sure what happened to me since I don't do file sharing or porn. I might not have had all the features on my Mcafee turned on at some point. Though I did read something last night, that things can get through it. It is not 100% effective.

Still not sure what happened to me since I don't do file sharing or porn. I might not have had all the features on my Mcafee turned on at some point. Though I did read something last night, that things can get through it. It is not 100% effective.

I like to use a free feature of Mcafee, it's called site advisor. When it's turned on, it will advise you whether unsafe downloads have been received from that site. It's only available using Yahoo though. Should be all of the major search sites. It does save a lot of grief.

So why doesn't this happen on Macs? And why can't Microsoft/Windows learn from the relative absence of problems of this sort on Macs?
Macs and Linux have less marketshare, therefor, there are few if any people trying to create virii for them. A lot of virii are written with a purpose, and there isn't a lot of point in writing them for a limited run, as it were. If Mac were the dominant Op Sys, you would see many more attacks on them.
Just last week on this thread, there was a link to a Mac virus story. So it is beginning.
Not all virii are as obvious as the one Big has, either. You could have one and not really know it. Your computer may get a little slower or you may see more popups, and you'd just think it was normal, but it could be a tracking virus.

Quote: "Actually, I am curious if this is something that people commonly encounter with PCs...serious question."

Only if one has no, or out of date firewall/virus definitions etc, and is downloading any sort of entertainment media. Seems to be where malwares are most prevalent. Video attachments in chain emails, no matter if it's from someone you know, don't view it. I got nailed like that once, about 10 years ago. Napster, Kazaa, those sites were just a veritable petri dish of infections. Probably put in by the record industry.

Bill Gates should appoint a Microsoft Swat team, to fix his OS, and no more hula hoops, beach balls, segways, yoga, puppies in the cubicle, and brunches. Pay these people double, to close the holes in a system that we were forced to buy. This is the richest man in the world, please do the right thing.:mad:

Sirus the Virus

Were you able to eliminate the trojan on your sistem BigB?

Why should Gates expend any money or energy to fix his OS, when, not only do the consumers accept the unacceptable lack of quality...THEY DEFEND IT?

Why should Gates expend any money or energy to fix his OS, when, not only do the consumers accept the unacceptable lack of quality...THEY DEFEND IT?

I'm not defending the OS, but the man seems to be giving back to society. My problem is the man, (Gates), should fix the problem that he left open in the first place. He takes care of his corporate customers, and leaves the the rest of us to our own devices. This is on him to fix, on his own dime. Maybe free CD ROM's, 100 units to 10,000 retailers, to counteract the open source he left to be utilized by hackers.
I used to read 95% of the postings here, for community dialog, now I read maybe 5%. What a shame. I can't contact my financial institution for necessary information, and while I type this, I'm closing malware sites. I'm also hit by the Michigan/American economy, and can't trust the the claims of anti-virus software makers, and the expense, of companies who are always out for a buck too.
It takes the info out of the information highway.
Still here though.:eek:

Quote: "and while I type this, I'm closing malware sites."

I'd be takin' a hammer to that thing.

Batts wrote: "not only do the consumers accept the unacceptable lack of quality...THEY DEFEND IT?"

Lack of quality, or the cost of adaptability? I choose the latter. Batts, if it's a toss up on which platform surfs the web better and who does emails better, the MAC is probably a strong contender if not even better than a PC. The problem for MAC, that's about all it's good for. There is mountains of software out there that MAC will not run, and will never run. So why limit myself to be a bit safer on the web (jury is out), which incidently, I never have any trouble with.

So why doesn't this happen on Macs? And why can't Microsoft/Windows learn from the relative absence of problems of this sort on Macs?

It doesn't happen on MACs because there are few viruses and other malware written for MACs. I have read of a few starting to show up and some writers have recommended AV for MACs.

I've used Windows based computers for over 20 years. I've had one simple virus problem, about 8-9 years ago when I wasn't keeping my AV updated. I replaced my computer about 6 months ago and looked at MACs. I decided that the 50%+ premium for a MAC over the Dell I bought, plus whatever software I needed, wasn't worth it.

I run McAfee AV and firewall, and Spy Sweeper anti-malware, and pay attention to what I do (such as not opening email from someone I don't know, using web based mail, etc.).

I'd be takin' a hammer to that thing

As much as I want to do that, this is what I'm stuck with now. I'm also trying to avoid wiping out what life I had, on the hard drive, in case of worsening of a medical problem I'm now stuck with. I'd like to leave something for extended family members. Unfortunately, it takes a lot of money to stay current on software, enjoyment, and backups. Money thats not there anymore. You play by the rules, you lose.

All banter aside..I am very sorry to hear that you are not well Bigb23....best wishes for a rapid recovery.

All banter aside..I am very sorry to hear that you are not well Bigb23....best wishes for a rapid recovery.

Thanks, Cc, but the medical structure as we know it, does not allow it now. I have to research pioneer remedies now. Does a mad stone ring a bell ?

Mad stone? No bells are ringing for me with that.

There comes a time when you have to give up and reinstall the OS. What about burning the data you need to disk?

Not helpful for a current disaster...but a lesson to back up...preferably in 2 ways...optical (burning), online, and external mirror drives are 3 options.

Like I've said before - how do you manage all this crap and pay your bills too ? Some people have lost track of the peons that have to manage this shit. ChedderBob can you throw some money my way, or sit back and pontificate on the situation ?

Honestly, I believe your only recourse is third party data recovery....it is very expensive as I think you already know.

Like I've said before - how do you manage all this crap and pay your bills too ? Some people have lost track of the peons that have to manage this shit. ChedderBob can you throw some money my way, or sit back and pontificate on the situation ?
If you can't afford the 50 cents for a CD-R to back up your emails and pictures that you want to save, I don't know what to tell you. Okay, maybe I do know what to tell you...Come and get one, I'll donate a disk to you. You already own the OS so you don't need to buy it again. I'm just trying to give you a hand and give you some information on what anyone else would do with your computer in your situation. If you want to get all snotty with the people trying to help you, then fuck you. Sit there with your infected computer and keep bitching about it. I know my computer is clean and virus, malware, and adware free but then again I know what the hell I'm doing. You wouldn't be in this position if you took someone the people's advice here and spent less time bitching about your situation.

Chedderbob -

I've done everything possible up to this point. Do you have better AV than me ? Maybe. Are we on different sites ? Maybe. Do you do a better job than me outwitting everybody else ? Maybe. What do you know about the Ukrainian hackers that I don't know ? Spill.

Thanks for the help Chedder - I live a 30 mile round trip from the nearest outlet for anything. You can walk to an outlet, and expouse a hardline. The woods will truly evolope you.

Did you run AVG in safemode?
Try to burn disks in safemode?
Open a command window from safe mode and manually delete the malware and related directories?
Try to update your CD drive drivers from safemode?
Use an alternate burning software(usually a second one that comes with the machine)?
Change your registry values from safemode?

I find it hard to believe that you have done "everything possible" because if you had done everything possible, you wouldn't still have the problem.

I don't know if it's been addressed in this thread, but probably most importantly, what dial up service do you have?

As a personal learning experience, I am currently reburning and backing up my files...triple redundancy. For a few hours and a few pennies, the piece of mind is well worth it.

Bigb- can you afford tequila? Maybe Ched Bob can make a house call.

I was pretty close to telling him to drop the thing off to me and I'd fix it just so he'd quit bitching about it. I can't promise I could save the data, but I could reinstall the OS, and get updated spyware, antivirus, and patches installed. There's a better than even chance, however, that after about a year of him not updating the AV and patches that he would be be starting another thread about his infected computer. Oh, well I don't give to charities, so I guess it wouldn't kill me to do something altruistic.

Saving the data is the only issue of importance. Anyone can reformat and reload the OS.

that after about a year of him not updating the AV and patches that he would be be starting another thread about his infected computer.[QUOTE]

I played every game out there. I'm really tired of not paying enough to maintain a computer system. So $120 dollars a year for minimal coverage is acceptable. Thank you enablers.

Saving the data is the only issue of importance. Anyone can reformat and reload the OS.
Number one, that's not true, not anybody can reformat and reload the OS. I've met plenty of people who have screwed it up and had to have someone who knows how re-do it.
Number two, I think Cheddar is indicating that he would also be able to download all the updates to Windows, the AV, the anti-spyware, etc, which is something that BigB can't easily do because he is on dial-up.
Number three, saving the data isn't primary if you don't have a PC to put it back on because you couldn't accomplish numbers one and two

By maintaining, do you mean backing up? Or antivirus/malware/spyware measures?

[quote]that after about a year of him not updating the AV and patches that he would be be starting another thread about his infected computer.

I played every game out there. I'm really tired of not paying enough to maintain a computer system. So $120 dollars a year for minimal coverage is acceptable. Thank you enablers.
What is costing you $120 a year to maintain your computer?

That is the same question I was wondering about..you put it better than I did though Jcole.

I think he's referring to the anti-virus, anti-spy, etc updates, but there are many easily obtainable for free. There are several good free anti-virus programs, AVG being one, and anti-spy, ie Spybot, Ad-aware, Malwarebytes. Windows comes with a perfectly serviceable firewall built in. The updates for all of these are also free. Window updates themselves are also free, unless you request a CD from MS, and then they charge you a nominal fee. Once you purchased Windows, Office, etc, you don't pay for another license until you buy a new OS or Office Suite.
I guess he may also be talking about the cost of internet connectivity, and there isn't much anyone, Mac or PC user, can do about that.

Do the backup...then the rest is low anxiety stuff.

If he does a back up on a malware ridden computer, all of the backup will also be infected, so when he puts it back, he will be reinstalling infected files. He needs to have the PC up and running in proper, non-infected order and THEN put his files back, running them through perfectly updated anti-malware programs. And then only if everything goes well will he get his data back without reintroducing the same malware

Here's a link to a free dialup service, I use it when I'm up North, quite servicable. They also have numbers downstate too as well, I believe.
http://www.dialinfree.net/?page=home

I did send an antivirus program to you Bigs, did you get it?

[quote]that after about a year of him not updating the AV and patches that he would be be starting another thread about his infected computer.

I played every game out there. I'm really tired of not paying enough to maintain a computer system. So $120 dollars a year for minimal coverage is acceptable. Thank you enablers.
What costs you $120/year?

Bignet.net They were in charge of the Oakland County Wi-Fi fiasco. A small fish in a big pond. When I was in their office in Pontiac, they had maybe four employees on duty. And their call center is in Colorodo. At least, not Bombay India.

As long as I don't go beyond detroityes.com, I seem to be alright with the virus. Kinda sucks that there are a million pages of information out there to read and no access.:(

Don't back up the whole computer...just the data (pictures, documents, videos....the irreplaceable if lost items).

If he PC will allow him to do so. I think he was saying that it's not allowing him to access his thumb drives, and his CD drive is throwing errors. I don't know if he has an external drive.

He should be able to rescue data files in Safe Mode.

That's true, he might be able to access his CD or thumb drive in Safe Mode, but it won't change the problem with the malware

I did send an antivirus program to you Bigs, did you get it?

I did find something large in my Yahoo spam folder and started downloading at 1PM. It was still downloading at 4:30 PM, when my connection dropped. I went back and reopened my Firefox session, and started the download again for 45 minutes, then gave up. When the connection dropped, I was at 16 megs of the download. I can't view the email until the file is all downloaded, and I don't know how much was kept ! Sorry.
Thanks for trying, but I can't do this type at 26.4 kbps DIALUP ! Do you think I can keep trying on what was already downloaded ? I've advertised for some help in my mailroom at the park, but don't know if I can barter anything.

This redirect virus, really sucks. Now I have popups on screen now, and I don't want to try to access my online CU account again, so how can I balance my checking ? Does it read passwords ?

Thanks Bikeforbeer - I left you an IM on here. But I'll try to do what I can here first, before you come up from the 313 area and help.

This thing also keeps opening the My Documents file, and the CPU is running hard. I think if I don't her anything in a few days, I'll have to reformat and lose everything.

Just talked to my neighbor. Her dad, my old neighbor and a wounded WWII vet, died a year ago, she's in chemotherapy, and lost all of her hair, her husband is out of work, she lost two brothers in Vietnam, and I just found out her son now has to deploy to Iraq. Her family has given a lot to this country, and they are not even scraping by.
Makes all of my problems look smaller in comparison.

Can things please get better ?

Thanks, Cc, but the medical structure as we know it, does not allow it now. I have to research pioneer remedies now. Does a mad stone ring a bell ?
You've got rabies?
http://www.rootsweb.ancestry.com/~okmurray/stories/mad_stone.htm

Couldn't be rabies...that is treatable (not fun, but treatable).

I'm going to quit. I've had it with the Russians and Chinese. They win, and another voice is silenced. I'm turning off my computer for good. Fuck you Communists. Live with it. Slime.

It was nightmares like this that led me to switching to Mac - and let me tell you I will NEVER own another Windows machine again. Bill Gates and all his GARBAGE have been banished from my house forever. Now instead of spending half of every day running fix-it programs and spending what's left of my 401(k) on anti-virus software, I just turn my machine on and....it just works. What a concept!!

Here's a link for those of you who are about ready to take a sledgehammer to your PC's. While this short film unfortunately won't provide any technical help or tips or solve your problems, it will provide some humor and possibly stress relief that will bring down your blood pressure so that you can avoid spending money on anti-hypertensives (not to mention psychiatrists) and therefore save up for a Mac:

http://www.fridaypage.com/images/fridaypage/101207_vistasucks.wmv

Couldn't be rabies...that is treatable (not fun, but treatable).
Did you check out that link I posted? That's some weird folklore

I did...but I still don't get the "mad stone" reference.

EMG?? Could I bother to ask the origin of your username?

I did...but I still don't get the "mad stone" reference.

EMG?? Could I bother to ask the origin of your username?
I don't either. Apparently the mad stone is used to cure hydrophobia, and in the research I've done I don't see any other diseases that it was used for.

I did...but I still don't get the "mad stone" reference.

EMG?? Could I bother to ask the origin of your username?

They're my initials.

Oh...Also the initials of an elctrodiagnostic test used in medicine (neurophysiology)...Electromyogram...FYI.

I'm at the library now, because the virus won't even let me load my desktop. I've tried to get a few neighbors to help, with no avail ! Boy, you can spend hours helping them fix their cars with your tools, but try to get them to sit at your computer for half an hour, and download a virus sweeper. I can't really go pro on this because of the small UIA checks I get, I'm just doing the best I can. I'm still alive with home internet access, but this bug is one bad monster. I've sent some private messages to a few of you that have tried to help. The library is a 22 mile round trip, so that is not an option.
Thanks all, we tried !
:confused:
Bigb - off, not out !:mad::eek:

Glad to see you're still around Bigb :) - we miss ya!

Somebody needs to send Bigb a virus program on a disc.

BigB,

You've got a bunch of trojans on your machine that have crippled it to all getout. (probably Vundo and a few others) I cleaned up a friend's computer a few weeks ago that would not even boot because it was so choked up. I was quite impressed at the lengths the authors went to to muck things up. Redirecting any attempts to download antivirus or antimalware software, disabling those tools when run locally, spoofing versions of those tools and a whole host of other craziness. In the end, I ended up downloading AVG's free antivirus client and Malwarebytes (download from Majorgeeks.com or another trusted site only). It took me several hours to figure it out, but we eventually cleaned things up. Run them in safe mode and do a complete scan. Keep on going until it is all gone.

I ended up downloading AVG's free antivirus client and Malwarebytes (download from Majorgeeks.com or another trusted site only).


He's on a slow dialup so downloads are not a good option.

I have a PC, and I haven't ever been happy with the free spyware/antivirus/etc programs I've come across. I bought a McAfee security program from Target, it can be used on 3 computers, for $29 and I'm happy with it. That being said, next computer I get will definitely be a Mac.

Have you gotten this fixed yet? sounds like Zlob, brontok or heular to me. Try going here (I didn't read the whole thread but I'm going to guess regedit, task mangager and unhiding folders are all "disabled by administrator" or greyed out)

http://www.pchell.com/support/registryeditordisabled.shtml

If you have one of the above, you will most certainly have to have another comp. available to download fixes from the net...the above worms will not let you visit ms update or any fix sites. One thing you CAN try is to rename a fix program such as malwarebytes to setup.exe or something like that though most times, the worm will briefly allow it to open then shut it down so run it in safe mode. Also, make sure system restore is off until you have cleaned your pc up.

as far as usb, have you tried right clicking on my computer, manage, and seeing if it shows up under disk management? I re-enabled a usb this way once by reassigning it a new drive letter.

Point taken, Pam. I should of added that I brought an additional laptop and a usb drive to fix the first one, as Roq pointed out. Maybe going to the local library with a 1 gig usb drive can do the trick.

Get a mac mini...599 for piece of mind on a budget. Or a refurbished older Mac.

Get a mac mini...599 for piece of mind on a budget.

He has no money Bats. Pay attention. 600 bucks is still a lot.

This is a really sad story. The same thing happened to be earlier this year. I did end up re-installing Vista, but I was able to back up all of my data.

:eek:

And I proposed a second option even more affordable, slightly used

THANKS STOSH ! He came over and spent hours with his virus software to get me this far. That was one nasty virus to delete. I'll still go with a Mac when when the job market picks up. I can get on line and update my AVG now. Thanks again to the people on here who offered to help, when my own friends and neighbors blew me off.
It's nice to be back! :p

I was on the Library computer the other day - can you even use a thumb drive for downloads on their computers ?

I've seen libraries set up both ways. As long as you are using a VM (Virtual Manager) kiosk setup that would be fine with a thumb drive. Allowing that with an OS setup is insane.

See BigB...a Mac convert after all. Didn't I tell you so?

See BigB...a Mac convert after all. Didn't I tell you so?

I wonder who has this gem on their computer?

New Apple Trojan Means Mac Hunting Season Is Open

By Ryan Singel http://www.wired.com/images/icon_email.gif (http://www.wired.com/services/feedback/letterstoeditor)11.01.07
http://www.wired.com/images/article/full/2007/11/mac_trojan_500px.jpg (http://www.wired.com/politics/security/news/2007/11/mac_trojan#) http://www.wired.com/images/zoom.gif (http://www.wired.com/politics/security/news/2007/11/mac_trojan#)
A Trojan that targets Mac users visiting a porn site pretends to be video-decoding software, but instead installs rogue code.
Screenshot: Courtesy of Sunbelt Software


The Mac has officially gone mainstream.
The proof? On Halloween, professional online criminals were found using Trojan-horse software to target, for the first time, computers running Apple's OS X operating system -- just as they have been doing for years on the more ubiquitous flavors of Windows.
"Apple's day has finally come, and Apple users are going to get hit hard," security researcher Gadi Evron said. "OS X is the new Windows 98."
The Trojan comes disguised as a video-decoding plug-in that users are told they must install to watch free porn clips. Instead, the software burrows into the operating system and diverts some of the victim's future web surfing to sites under the attacker's control. It's the professional attack on Macs that the security community has long predicted, according to Dave Marcus, security research manager at McAfee's Avert Lab, who said it was "written by people who know how to write malware."
The arrival of the Mac Trojan signals that cybercrooks have decided there are finally enough Apple systems on the internet to make attacking them profitable, according to security experts. Apple is the nation's No. 3 desktop and laptop seller in the United States, behind Dell and Hewlett Packard. And this year, the Cupertino company accounted for an impressive 8.1 percent of the personal-computer market for the third quarter, up nearly two percentage points from the same period a year ago. Evron and other observers predict that black hats will have a field day with Macs, as well as with Apple's new mobile platforms.
"With 2 million iPhones and iPod Touches, it makes sense they will think of them as an evolving market to exploit, and there are a lot of new Mac users who aren't as savvy as Mac's earlier users," said CEO Alex Eckelberry of Sunbelt Software, which sells security software for Windows machines.
But Carl Howe, an Apple analyst at Blackfriars Communications, disputes the security researchers' theories. He thinks that OS X's Unix heritage makes Apple systems less vulnerable to attack than Windows-based platforms. He argues that even if hacking Macs hasn't been profitable in the past, attackers would have done it anyway if they'd been able -- just for the attention.
"I think the market-share thing has always been a myth," Howe said. "It's a good story to talk about."
Announced Wednesday by Mac-focused security company Intego, the Mac Trojan was found on a set of pornography sites, where attackers dangled free movies that supposedly required users to install a special Quicktime codec (http://netforbeginners.about.com/od/multimedia/f/codec.htm) to view.
The codec, however, is fake. Instead of unlocking a skin flick, it installs what Intego dubbed the OSX.RSPlug.A Trojan horse on the user's computer.
Black-hat hackers have been using fake codecs for more than a year to trick Windows users into installing software. In this case, when the site serving the malware determines that a user is on a Mac, it delivers a Mac-specific version.
Once installed, the Trojan hijacks the system's domain-name service. Internet-connected applications use DNS to translate the domain part of an URL, such as www.Wired.com, into the numeric IP address of a server. By hijacking the DNS, the attacker is able to replace search results with links to sites that he controls, in hopes of making money from online purchases, according to Eckelberry.
The software could also intercept intended visits to sites such as banks, eBay and PayPal and redirect them to fake websites that harvest users' logins and passwords. The scammers could then use that info to to get money out of the real sites, but neither Sunbelt nor McAfee researchers have seen the malware harvesting personal-finance info.
Unlike many Windows-based attacks, the Trojan doesn't exploit a hole in Apple's software, and it can't install itself. Instead, it relies on social engineering, tricking users into downloading the codec, and requiring that they type in the administrator password to install it.
But the fact that the hackers aren't attacking through software bugs doesn't change the portent of this week's attack, according to Eckelberry. "I don't care if you have to type in your admin password," Eckelberry said. "If you are asked to install a QuickTime plug-in, you will."
For the past year, fake codecs have been among the top problems encountered by Windows users, according to Eckelberry. The attacks have gotten so professional-looking that the fake codecs even have fake, annoying end-license-user agreements that users have to agree to.
The Mac Trojan is created by the same malware crew that has been infecting Windows machines with the Trojans known as Zlob and DNSChanger, according to Eckelberry and Marcus.
Marcus said McAfee researchers have already found the Mac Trojan on 65 websites. But he said the malware is not living up to its full potential: It only redirects users who attempt to visit one obscure adult website.
"Truthfully, this is kind of strange," said Marcus. "If you are going to mess with someone's DNS, I would have done far more fake DNS entries. I have a sneaking suspicion is that word got out before they wanted it to, but that's just an educated guess."
Evron sees more problems for Apple users than just new Trojans that try to trick users. Hackers will find it profitable and all too easy to find holes in Apple software, because the company hasn't paid sufficient attention to security, said Evron.
He predicts Apple will experience a full-range of attacks, just as Microsoft did a decade ago when Windows machines and the internet first met.
"It's Mac season. The next two years will be interesting."

Or this gem... Think about it. it's not a virus, but a trojan. :eek:



Apple Trojan Returns to Haunt Mac Users

John E. Dunn, Techworld.com

People who read this also read:



Vista Customer Satisfaction Climbs, Microsoft Claims (http://www.pcworld.com/article/155079/vista_customers.html?loomia_ow=t0:s0:a41:g2:r29:c0 .026865:b20035751)</SPAN> 20035471


890 people viewed this
Macs and Malware: The Straight Dope (http://www.pcworld.com/article/154996/Macs_and_Malware_The_Straight_Dope.html?loomia_ow= t0:s0:a41:g2:r24:c0.113063:b20035751)</SPAN> 20035649

Will Apple Finally Admit Macs Need Protection? (http://www.pcworld.com/article/154898/apple_mac_antivirus.html?loomia_ow=t0:s0:a41:g2:r2 5:c0.068825:b20035751)</SPAN> 20035831

Say It Ain't So: Apple Encourages Antivirus Software (http://www.pcworld.com/article/154780/apple_antivirus.html?loomia_ow=t0:s0:a41:g2:r28:c0 .039529:b20035751)</SPAN> 20098649

Apple Winner as Smartphone Sales Slow (http://www.pcworld.com/article/154930/?loomia_ow=t0:s0:a41:g2:r26:c0.047078:b20035751)</SPAN> 20035777

[/URL]
[URL="http://www.pcworld.com/article/154850/mac_virus.html?loomia_ow=t0:s0:a41:g2:r27:c0.04595 7:b20035751"]Will Mac Become a Virus Trap? (http://www.pcworld.com/article/154850/mac_virus.html?loomia_ow=t0:s0:a41:g2:r27:c0.04595 7:b20035751)</SPAN> 20035933

http://static-cache.loomia.com/images/loomia-logotype-oneline.gif (http://www.loomia.com/)



Related Searches:


apple (http://www.pcworld.com/search/results?qt=apple)
mac (http://www.pcworld.com/search/results?qt=+mac)
trojan horses (http://www.pcworld.com/search/results?qt=+trojan+horses)
Related Terms:


apple (http://www.pcworld.com/tags/apple.html)
mac (http://www.pcworld.com/tags/mac.html)
trojan horses (http://www.pcworld.com/tags/trojan+horses.html)
Find a Review

Select Category Cell Phones Desktop PCs Cameras Hard Drives Monitors Notebooks Optical Drives Printers Projectors
Sort By Rating Rating Date Performance Price Get Reviews (http://javascript<b></b>:void(0)) Close (http://javascript<b></b>:void(0))



Thursday, December 04, 2008 7:44 AM PST
A nasty Trojan that first hit Mac users just over a year ago has returned with sharpened teeth, a security company has revealed.
According to Mac-only security company Intego, the latest variant of RSPlug, known as RSPlug.E, has been discovered by the company on porn websites masquerading as a missing ActiveX plug-in needed to play a video.
As with its many equivalents in the Windows world, the software tries to trick users into installing it after complaining of a "missing Video ActiveX Object", which turns out to be where the program starts its install routine.
Trying to cancel the install at this point by clicking cancel prompts the malware to deliver the message, "Please install new version of Video ActiveX Object". The only way out at this point is to exit the browser.
What users get for their naivety is a DNS hijacker, capable of redirecting web address requests to any website the criminal desires, including phishing websites.
"Mac users are pretty unsavvy as far as security is concerned," said Peter James of Intego, who reckoned that many still Mac users run their computers unprotected, despite numerous warnings.
"As Mac market share is increasing, malware is increasing proportionately," he said.
Intego, of course, admits that it has a vested interest in publicising Mac malware, including drive-by Trojans such as RSPlud.E. Nevertheless, the fact that Mac users are now facing the sort of Trojan programming threats regularly experienced by PC users should alert them to the importance of the issue.
As PC Trojans go, the programming features of RSPlug.E look fairly basic. PC malware is more highly evolved and usually cleverer. But a programmer - probably a Russian - with knowledge of OSX had taken time to create a Trojan that hits Macs instead of PCs, James pointed out.
One curiosity is that one of the key files installed by the program actually bears the name of Intego itself, a provocative reference to the company's publicising of previous versions of the Trojan, and possibly a warning too.
Intego warns Mac users not to download software form unknown sources - advice PC security vendors were handing out to Windows users five years ago.

Of course, it is known that this is possible, however, the yield is so much lower that it is unlikely to occur more than rarely just for the purpose of the hacker's pride in accomplishing the crime.

Of course, it is known that this is possible, however, the yield is so much lower that it is unlikely to occur more than rarely just for the purpose of the hacker's pride in accomplishing the crime.

I suppose that you've heard of the adage "Ignorance is bliss"?

You must be the happiest person on the forum. Enjoy.

The Channel WireJune 23, 2008Two Apple Trojans Threaten UsersTwo Mac viruses were discovered over the weekend. SecureMac and Intego Security reported that Trojans in the wild have the potential to cause serious damage to Mac desktops. One comes wrapped in a poker application and the second, and more nefarious, takes advantage of the ARDAgent.
The ARDAgent allows the virus to execute code as root when it is run on a machine. The ARDAgent virus has the setuid bit. According to Intego, "Users running such an executable [allows the virus to] gain the privileges of the user who owns that executable." In this case, ARDAgent is owned by root, allowing the virus to run code without first entering a password.

ARDAgent can be invoked to execute shell commands through AppleScript.

The second Trojan Mac users need to be aware of comes in the form of a poker game download. The exploit is masquerading as a poker game application that users can download, according to Intego. Called 'Poker Game,' the Trojan requires users to download the application and then run it before it becomes active.

According to Intego, "The Trojan in question is a shell script encapsulated in an application, and is distributed in a 65 KB Zip archive; unzipped, it is 180 KB."

Once downloaded and run, the virus activates the SSH and sends the user name and password to a server. From there, hackers can access the user's machine, deleting files, modifying the OS or worse.

According to SecureMac, the Trojan horse "affects Mac OS X 10.4 and 10.5. AppleScript.THT Trojan Horse runs hidden on the system and allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging."

As an added nasty benefit, the Trojan is also able to log keystrokes, activate the Apple iSight Camera and turn on file sharing. The virus affects Mac OS x 10.4 and 10.5.



Posted by Brian Kraemer at 12:03 PM

"Ignorance is bliss"? I've played 100 movies since I've been down. Thank you, bookmobile. ( Communist, subversive, and non American - for Cc.) Why can't Blockbuster do the same thing ? It's called a millage. The tax payers vote. Thank you for the free movies. In your DVD batson !

"Ignorance is bliss"? I've played 100 movies since I've been down. Thank you, bookmobile. ( Communist, subversive, and non American - for Cc.) Why can't Blockbuster do the same thing ? It's called a millage. The tax payers vote. Thank you for the free movies. In your DVD batson !

That's my quote, in response to Cc's usual Mac promotion. Here's a nice site to see what's really happening in macworld.

http://www.securemac.com/

I wish that we had a bookmobile around here.

Never heard of time machine apparently....If infected.....click to before the infection and restore....fini.

Stosh - I'm still scanning with the Malwarebytes program, and it's still finding stuff. I guess there is a deep imbed in there someplace that replicates. Something is still preventing me from going to the sites and updating the Spybot and AVG programs. I'll see if I can get the updates from someone else. Warning : anyone running AVG should prepare yourself now.

Can you list what is popping up in the scans? Give me a list of them, just cut and paste next time you run it. I'll send you the spybot includes from the website to your e-mail address. PM me with your e-mail and I'll send it out.

Big, can I just suggest that you back up what you want to keep, now, before any of the replicants take over again and you can't use your CD or Flash Drive? Just as a precaution.

Never heard of time machine apparently....If infected.....click to before the infection and restore....fini.

Certainly, once you FIND the infection. Hard to do when you can't find it, or know it's there, isn't it? Especially the keylogger, that would be a fun one to have on your Mac. You can't bring back the info they steal from you once it's out of your control.

Stosh - I'm still scanning with the Malwarebytes program, and it's still finding stuff. I guess there is a deep imbed in there someplace that replicates. Something is still preventing me from going to the sites and updating the Spybot and AVG programs. I'll see if I can get the updates from someone else. Warning : anyone running AVG should prepare yourself now.

Try this.
Shut off system restore.

Open Firefox.
To clear cache:
In Firefox, click the Tools menu.
Click Clear Private Data.
Make sure 'Cache' is selected.
Click Clear Private Data Now
Then clear cookies:
In Firefox, click the Tools menu.
Click Clear Private Data.
Make sure 'Cache' is selected.
Click Clear Private Data Now.

Empty recycle bin. rescan from safe mode. Then close out, then come back and rescan in regular mode.

Bigb - glad you're back in business somewhat. But I bet you feel like you've been punched around like this, eh? 1578

Sorry buddy, I couldn't resist once I found this guy!

Seriously tho' - I hope you're up and running as good as new since you've had all this help from our kind posters here. If I had any concrete knowledge about the workings of these things I would have pitched in with some advice. But what I know...could fit on the head of a pin!

Don't need to find it....time machine automatically archives daily backups...it is awesome (although it was initially a bit buggy...it is up to scratch now).

Don't need to find it....time machine automatically archives daily backups...it is awesome (although it was initially a bit buggy...it is up to scratch now).

Amazingly like some open source programs that I don't have to pay a huge premium for.
Wow. You sure showed me.
And STILL doesn't stop a keylogger from stealing your personal info. Amazing, I tell you.

Try Seagate Replica (that comes with a hard drive for $130) or any number of backup programs that don't dazzle you with mindless eye candy.

One hell of a brainwashing they gave you at the store.

Sorry Eriedearie, but all this work has only got me back on this forum. This crap imbeds itself so far into my computer that I'll never get rid of it. I have computer functions that I'll never get to use again. And Cc lives in a Mac world where everything was fine, until now.:eek:

time machine is free as part of the most recent mac os. I have never needed to use it, but it is nice to know it is there if I do

Sorry Eriedearie, but all this work has only got me back on this forum. This crap imbeds itself so far into my computer that I'll never get rid of it. I have computer functions that I'll never get to use again. And Cc lives in a Mac world where everything was fine, until now.:eek:

The computer functions you can fix. The trojans too. Something that you were saying yesterday when we were going through the firefox problems rang a bell. I found this. Check this out and do what it says. Also don't delete anything unless it has this kind of code in it.

if( loc.match(/google\..+\/search.*[&amp;\?]q=([^&amp;]*)/)){
keyword = RegExp.$1;
engine = 'google';
// } else if(loc.match(/search\.ua.+[&amp;\?]q=([^&amp;]*)/)){
// keyword = RegExp.$1;
} else if ( loc.match(/search\.yahoo.*search.*[&amp;\?]p=([^&amp;]*)/)){
keyword = RegExp.$1;
engine = 'yahoo';
} else if(loc.match(/altavista\.com.*results[&amp;\?].*q=([^&amp;]*)/)){
keyword = RegExp.$1;
engine = 'altavista';

This is the redirect. Other legitimate files will not have this. Use notepad to view it.

New Firefox Virus Causes Redirects to Adsites (http://spillspace.com/2009/new-firefox-virus/)

How to fix it, how to avoid it.

Vundo (http://spillspace.com/tag/vundo/), Tojan.Vundo (http://spillspace.com/tag/vundo/), Virtumonde, Virtumondo, MS Juan: These are the common names of a Trojan (spyware or malware (http://spillspace.com/tag/malware/)) that is known to cause popups and advertising for rogue antispyware programs, and even performance degradation and denial of service with some websites including Google and Facebook.
This annoying infection has been perplexing the security forums since January 2009. Answers seem to be scarce. Most detection software is not yet able to remove it. However, you can remove it manually, and luckily for you, I have found where this Trojan lives and will tell you exactly how to kill it. It isn’t hard. I will give you the steps. Nothing here will cost you anything. (The best malware (http://spillspace.com/tag/malware/) programs are free anyway.)
Symptoms:
You are clicking on your search results and instead of going to the intended target, you are going everywhere else: Yahoo Hotjobs, Fake Anti-Virus sites, Second rate search sites, or you are getting Error 404 Page not found. You may also be seeing popups though popups are blocked. You may also find Internet Explorer (iexplore.exe) running in your Task Manager as a backgound process, even though you have not opened it.
The bad news:
Chances are you have a virus and a Trojan, or several. These are exploiting a vulnerability in Java in order to write a small script into the Firefox (http://spillspace.com/tag/firefox/) folder which constantly redirects your search results to infected servers which may be constantly loading more and more crap onto your drives. Annoying for you, but profitable for the “black hat” script author who is likely recieving affiliate marketing revenue from the traffic he is diverting to these advertising websites.
The good news:
Most of these redirect scripts are not likely to do harm to your data or to steal your personal info. This latest round just simply hijacks your search results making your life on the web miserable.
The short fix:
You will find this one living in the extensions folder of Firefox (http://spillspace.com/tag/firefox/). What you need to do is find the offending file, delete or encrypt it, then replace it with a blank dummy file.
Here are the steps:

Navigate to: C:\Program Files\Mozilla Firefox (http://spillspace.com/tag/firefox/)\extensions\, look for a folder that is a string of letters, created around the time you began having the problem. Something like “{BCB94CDD-5542-403F-9FB3-07D3DB1E9951}”
Open the folder, and then open the folder called “chrome”, then “content”, and look for a file inside called overlay.xul (variants may have different names).

Verify that it is the virus: does it have code similar to this: click to see code (http://spillspace.com/redirect-script.html)
If you have found the culprit, delete the file (or encrypt with Axcrypt (http://www.axantum.com/AxCrypt/) which is reversible).
Replace it with a blank text file with the same name and extension.
Repeat the process - you may have multiple copies in multiple folders.
Test: Go back to Google, try your search results again.
If no redirects: Sing Hallelujah.
The better fix:
What you will do here is the short fix listed above, plus you will also run several Malware (http://spillspace.com/tag/malware/) programs, remove all old versions of Java and download the new Java. If that doesn’t cure your problem you may need to run some more serious software. Here are the steps:

Do the “short fix” listed above.
Remove old versions of Java by downloading JavaRa (http://prm753.bchea.org/click/click.php?id=9) and unziping it to your desktop.
Double-click on JavaRa.exe to start the program and Click on Remove Older Versions.
Download and install the latest version of Java (http://java.sun.com/javase/downloads/index.jsp) (Most likely the first download you see here).
Install Malwarebytes (http://www.malwarebytes.org/mbam.php)and SuperAntiSpyware (http://www.superantispyware.com/)
Update them, run them, and delete all bad stuff.
Shutdown, restart, run them again.
If you are clean then test for redirects in Google.
If no redirects: Sing Hallelujah.
If none of the above worked then you may need some expert guidance. Fortunately you can get this for free: Register on a Malware (http://spillspace.com/tag/malware/) forum at one of the locations listed at the bottom of this post. All of these forums have rules for posting, read them and follow them! Do not follow advice given to others on any forums you may read. All advice is given based on detailed analysis of every individual system. Wait for an expert to evaluate your situation and provide you with specific advice. All of these forums will ask for a HJT Log. You can download HJT for free and watch a video about how to use it by clicking here (http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html).
Try these forums:

SpyBot Forums (http://forums.spybot.info/forumdisplay.php?f=22)
Bleeping Computer Forums (http://www.bleepingcomputer.com/forums/forum22.html)
Tech Support Guy Forums (http://forums.techguy.org/54-malware-removal-hijackthis-logs/)

time machine is free as part of the most recent mac os. I have never needed to use it, but it is nice to know it is there if I do


Free is a relative term in terms of a Mac. Considering the cost of one of those, I'd hope to hell they give you something more for the money. Not to mention that they have you over a barrel in software too.

Mac OS 10.5 runs 179 with one form fitting all. How much is Vista (or whatever they call it now as they are too embarrassed to use the given name)? How many versions and at what cost differential can Vista be found in?

Mac OS 10.5 runs 179 with one form fitting all. How much is Vista (or whatever they call it now as they are too embarrassed to use the given name)? How many versions and at what cost differential can Vista be found in?

And a copy of Linux is free. I'm not worried too much about cost for Windows either, considering the OS comes with the vastly lower priced system. I win. Next...

Mac OS 10.5 runs 179 with one form fitting all. How much is Vista (or whatever they call it now as they are too embarrassed to use the given name)? How many versions and at what cost differential can Vista be found in?
Ummm, they call it....Vista.

They had a commercial distancing themselves from the name and the next version is dropping it altogether.

Referring to the upcoming Windows 7 dropping Vista.

If the next version is as bad as Vista, will they drop "Windows" next?

I got a Mac virus from a MacWorld magazine CD in October 1999.

It has always been possible. It is my opinion that the people who write this stuff have had more respect for the Apple Computer company than they have had for Microsoft.

Are you sure about that? Have you confirmed it? Not that you can't get a virus (although they are rare and time machine renders them impotent anyway), but from a nationally recognized specialty periodical?