Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Amateur mistake leads to PC infection

floyde

floyde

macrumors 6502a
Original poster
Apr 7, 2005
808
1
Monterrey, México
Shame on me... I have a degree on Computer Systems Engineering but I still fell for that stupid trick. So I get a message from a friend on facebook with the word "wow" and a link to a video. So I click on the link and the link says that it needs the latest version of flash. For some stupid reason I didn't find it odd that it started downloading the "latest version" of flash by itself.

So I clicked on the setup file and realized the extent of my stupidity :(. Now I get a shutdown message at random times :mad:. I'm running a virus scan with norton but it hasn't removed that virus yet. Has anyone heard of this one? Any way to remove it?
 

Attachments

  • virus.JPG
    virus.JPG
    23.7 KB · Views: 123
Abstract

Abstract

macrumors Penryn
Dec 27, 2002
24,889
921
Location Location Location
Yes it does, but then again, I don't have a degree in Computer Systems Engineering. :p It doesn't make you immune, but I'd certainly feel a bit embarrassed to tell anybody what happened.
 
D

DYER

macrumors 6502
Oct 4, 2008
371
36
London, UK
floyde said:
Shame on me... I have a degree on Computer Systems Engineering but I still fell for that stupid trick. So I get a message from a friend on facebook with the word "wow" and a link to a video. So I click on the link and the link says that it needs the latest version of flash. For some stupid reason I didn't find it odd that it started downloading the "latest version" of flash by itself.

So I clicked on the setup file and realized the extent of my stupidity :(. Now I get a shutdown message at random times :mad:. I'm running a virus scan with norton but it hasn't removed that virus yet. Has anyone heard of this one? Any way to remove it?
Click to expand...

tbh seem like u cant do a system restore ie if u havent shut down or gone into hibernation in that session do a hard shutdown then boot in safemode and system restore to last restore point but i think it may be worth reinstalling xp - lets face it xp needs re installing periodically anyway
 
sangosimo

sangosimo

Guest
Sep 11, 2008
705
0
virus scans don't work well for removing trojans. It has probably attached itself to a system file. Format your computer. If you were using vista uac would give you a warning and let you know that this program is not signed by adobe.
 
N

No1451

macrumors 6502
Oct 20, 2008
474
0
Ottawa, ON
This is where I usually hit my PC with the reinstall-of-death. Then I hope that none of the files on my Drobo are affected(goodbye 2tb of data).

Unless you have files that you absolutely need, I'd recommend a reinstall, if absolutely necessary to save files, it might be a bit more difficult.


/rant
I would love to round up the jackasses who write these things and have their fingers removed so they can't make crap like this anymore, I dream of a world where writing viruses/trojans/botnets is punished harshly.
 
W

waffle911

macrumors regular
Dec 22, 2007
149
0
⇧⌥K = 
To prevent something like this from happening, I highly recommend Online Armor (free version). There isn't any malware as far as I'm aware that can get through it when it's properly configured. Also, spybot: search and destroy. Both are absolutely essential security tools for PC. Norton, not so much. Hogs system resources, near impossible to uninstall, and not as effective as it could be. But sometimes you really do need an anti-virus, and not just a firewall and anti-spyware. But Norton's not the way to go, IMHO.

Don't forget Ccleaner to fix registry issues and clear the system cache, and to easily uninstall programs and stop certain startup processes.
 
floyde

floyde

macrumors 6502a
Original poster
Apr 7, 2005
808
1
Monterrey, México
Abstract said:
Yes it does, but then again, I don't have a degree in Computer Systems Engineering. :p It doesn't make you immune, but I'd certainly feel a bit embarrassed to tell anybody what happened.
Click to expand...

I'm keeping it low profile at the office for now :eek::p

duncyboy said:
Could this be the same one?
Click to expand...

That's the one, except that this is the upgraded version. That one's bolivar 28, mine's 40. At least I think that I was able to stop the auto-shutdown by killing that process on the task manager. Norton is taking forever...

Anyway, this is my work's PC, so I only have whatever software they bought licenses for. That leaves out all the fancy anti-spy stuff, unfortunately. From what I've been reading, the virus isn't that hard to eliminate, so hopefully I wont have to format the damn thing. It's a good thing that I only use my trusty Mac for online transactions and credit card stuff.
 
Consultant

Consultant

macrumors G5
Jun 27, 2007
13,314
36
Um, don't visit facebook from work? Don't install anything automatically? Use SAFARI or firefox instead of MS internet virus transmitter/explorer.

Lol the spammers are making you do catchpa for them to scam more people.
 
Rodimus Prime

Rodimus Prime

macrumors G4
Oct 9, 2006
10,136
4
Consultant said:
Um, don't visit facebook from work? Don't install anything automatically? Use SAFARI or firefox instead of MS internet virus transmitter/explorer.

Lol the spammers are making you do catchpa for them to scam more people.
Click to expand...

sorry but the safari/firefox or hell OSX would not protect you from a trojin horse. This type of "virus" uses human stupidity to infect a system.

There is not really anything Microsoft or apple could do to protect against human stupidity.
 
sangosimo

sangosimo

Guest
Sep 11, 2008
705
0
silverlight is soo much better than flash and it is the reason that osx can use netflix live streaming.
 
Consultant

Consultant

macrumors G5
Jun 27, 2007
13,314
36
Rodimus Prime said:
sorry but the safari/firefox or hell OSX would not protect you from a trojin horse. This type of "virus" uses human stupidity to infect a system.

There is not really anything Microsoft or apple could do to protect against human stupidity.
Click to expand...

Safari prevents suspicious files from automatically opening and installing itself, instead it informs the user that an application has been downloaded.

Seems like it's every month that a new critical exploit for Microsoft IE is announced. For example:
http://news.bbc.co.uk/2/hi/technology/7784908.stm

-------

Don't do Norton.

Install AVG
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10320142.html
 
mkrishnan

mkrishnan

Moderator emeritus
Jan 9, 2004
29,776
15
Grand Rapids, MI, USA
Consultant said:
Safari prevents suspicious files from automatically opening and installing itself, instead it informs the user that an application has been downloaded.
Click to expand...

Once again...

floyde said:
So I clicked on the setup file
Click to expand...

Anyways, once again also, check out a tool focused on malware, like AdAware, Windows Defender, or the like. Can't make a more specific recommendation, sorry, as the last time I dealt with Windows malware was in the 90s.
 
Y

yatman

macrumors member
Oct 11, 2005
45
0
Ditto

I feel for you man.

I know better too and fell for something similiar. I got this supposed youtube video link from a friend and the email even referred to his nickname which only his friends know (I guess not anymore). I was then asked to update my version of flash which then proceeded to install this application that basically hosed my IE browser, Firefox, Safari and chrome. It blocked me from going to MSN.com and it took me to this "anti-virus/spyware" detection utility website. When I googled that website, the results were blocked by this infection.

Had to redo my PC to get rid of it. Good thing I keep all my data on an external drive. Just lost time reinstalling windows, getting latest drivers, installing all the windows updates and my apps.

Thing that sucks is I had AVG free and Windows defender running. I guess you get what you pay for. Looks like i'll be investing in a Norton, McAfee, or something.

Oh - and Consultant - I was using Firefox when this happened. So it wasn't IE that caused this!! Man, you just gotta love mac and anti-microsoft people.
 
Melrose

Melrose

Suspended
Dec 12, 2007
7,806
399
sangosimo said:
silverlight is soo much better than flash and it is the reason that osx can use netflix live streaming.
Click to expand...

95% less features and 80% more space. Yeah. Much better. Silverlight is M$'s attempt to bring a redundant plugin to market in the opes that ten years from now, if they keep throwing money at it, it will turn a profit and compete with Flash. I Don't see developers using it large-scale for quite a while now.

I'll stick with Flash until Silverlight manages to grab a healthy chunk of the market.
 
floyde

floyde

macrumors 6502a
Original poster
Apr 7, 2005
808
1
Monterrey, México
mkrishnan said:
Have you already tried an anti-malware tool like AdAware or Windows Defender?
Click to expand...

I fixed it with Malwarebytes. I'll do a clean install at the end of the year though, just to make sure there's no spy stuff lying around.

steviem said:
Is this a virtual machine or a Boot Camp windows install?
Click to expand...

It's my work's Thinkpad PC.

Consultant said:
Safari prevents suspicious files from automatically opening and installing itself, instead it informs the user that an application has been downloaded.

Seems like it's every month that a new critical exploit for Microsoft IE is announced. For example:
http://news.bbc.co.uk/2/hi/technology/7784908.stm
Click to expand...

Yeah Explorer is the least secure browser of all, but in this case it was me who willingly clicked on the setup file :eek:
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom