Results 1 to 8 of 8

Thread: Nasty Malware

  1. #1
    3 Star Lounger baumgrenze's Avatar
    Join Date
    Feb 2001
    Location
    California, USA
    Posts
    262
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Nasty Malware

    My machine is in a state where all it can paste is

    http://windowsxp-privacy.net/?id=01502200020

    Yesterday I opened a hit in a health search and came on a page that wanted to run an online antivirus program. I declined. Avast announced that it had trapped a virus.

    This morning when I try to copy and paste I am stymied.

    I guess this it the 'new level' of malware introduction. It comes with just a visit to the website.

    If ever there were a legitimate target for a DOS, the perpetrators of this mess is one. They probably move around a lot.

    I tried an update at Lavasoft and it aborted. Perhaps this as an additional symptom?

    Anyone else run into this?

    Thanks
    Baumgrenze
    Hier sind wir tief eingewurzelt.

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Nasty Malware

    You've probably been infected with AntiVirus2008 or one of its variants, one of the most unpleasant bits of malware around. Even declining to install is enough to become infected <img src=/S/burnup.gif border=0 alt=burnup width=31 height=31>

    Malwarebytes has a good reputation in fighting it; there's a fully functional free version.

  3. #3
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Nasty Malware

    Please follow Hans' link to see where you stand!

    But I also wanted to ask if you have ever heard of SpywareBlaster? If not, whenever you get finished clearing up your current problem, you should consider installing it. I've had it running in the background ever since I first heard about it here in The Lounge. I don't know if it helps with some of this more vicious malware of late, but I can only, with crossed fingers, say that I haven't had any problems and I don't think the program gets enough credit for what it does to help keep us all clean! I'm so comfortable with it, that I have paid them for the automatic update function in both my XP and Vista installations.

  4. #4
    3 Star Lounger baumgrenze's Avatar
    Join Date
    Feb 2001
    Location
    California, USA
    Posts
    262
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Re: Nasty Malware

    Edited by HansV to break some extremely long lines that caused horizontal scrolling

    Thank you Hans and Big Al,

    I ran a full Avast antivirus scan and found nothing.

    I ran a deep archive scan in Ad-Aware and found 30 tracking cookies and 4 mru's and removed them

    While it was running I downloaded RogueRemover. I ran it when the Ad-Aware was finished. It said it found nothing. I rebooted. Now I have my clipboard back

    I confess to being thoroughly confused. Avast said it stopped the malware as it was being introduced to my machine.

    In:

    C:Program FilesAlwil SoftwareAvast4DATAlogwarning.log says:

    9/30/2008 9:58:42 PM 1222837122 SYSTEM 1744 Sign of "VBS:Malware-gen" has been found in "http://antispywaremaster.com/data/index.php?53520b590905020900425c0816590042163 a420840530150076613433a5c5d3d5356065642040 d0d585951180b5e455009000c5413550d52010c40570 f040244575e5f55420e153b0c5c520e5f06560f553a00550c0 3033c0 00152015c1c0023020256523b533e565705" file.

    I also established this much via my History file

    Yesterday I visited:

    http://www.medhelp.org/posts/show/321763

    at 9:58:14 PM PDT and at 9:58:28 I found I'd also visited:

    http://antispywaremaster.com/data/?sub=umb...li=&3=& mt_info=6580_10913_28419:6146_0_22706& rdr=2&tmn=null&440e535751&gai=mfcmephiticus_smua13 5& mt_info=6580_10913_28419:6146_0_22706

    I think I needed to reboot (I shut down each night, old habit) to lose the clipboard.

    I had not heard of SpywareBlaster. Given some bad experiences with some of the ostensible freeware out there on my last machine, I’m glad to have a firm recommendation to download this one. I’ll install it next.

    Secunia PSI (RC3) tells me that Microsoft Outlook 2000 9.0.0.6627 is insecure and that Sun Java JRE 1.6.x / 6.x (Requires uninstall) 6.0.40.12 is also unsecure.

    I do not use the Outlook program. I tried Add Remove Programs but it is buried in MS Office 2000 SBE. I tried the ‘Change’ option and selected the update button. I was told everything is up-to-date, but Secunia still doesn’t like it. I’m at a tipping point over switching to Open Office. I have it installed and have tried a few things. I like the way they work. The documentation talks about ‘styles’ which reminds me of the 1980’s when I was a Word Perfect fan. I never did understand it then. Perhaps it is time to learn.

    At:

    http://www.java.com/en/download/installed....n=1.6.0_07& vendor=Sun+Microsystems+Inc.&os=Windows+XP&os_vers ion=5.1

    I found this when I ran their “Verify Installation and Version” online test:

    Verified Java Version
    Congratulations!
    You have the recommended Java installed (Version 6 Update 7).

    If you want to download Java for another computer or Operating System, see all Java downloads here.

    Perhaps I need to report this to Secunia?

    Thanks again
    Baumgrenze
    Hier sind wir tief eingewurzelt.

  5. #5
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Nasty Malware

    Installing a new version of Java does not automatically uninstall older versions, so probably you have JRE Version 6 Update 7 but also one or more older versions. You can uninstall those in the Add or Remove Programs control panel. Secunia should then stop complaining about Secunia.

    If you don't use Outlook, you can ignore Secunia's warning about Outlook 2000.

  6. #6
    3 Star Lounger baumgrenze's Avatar
    Join Date
    Feb 2001
    Location
    California, USA
    Posts
    262
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Re: Nasty Malware

    Thank you Hans for pointing out what Secunia actually told me. I found 2 instances of Java in Add/Remove Programs and the nag went away when I removed the older one (update 4.)

    The more I see of Open Office the more I like it!

    If I use Add/Remove to clear out Office 2000, will that remove Outlook? Is it just Outlook Express that is part of IE?

    Thanks again for your patient teaching.
    Baumgrenze
    Hier sind wir tief eingewurzelt.

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Nasty Malware

    If you completely remove Office 2000, then yes, you will also remove Outlook 2000. I believe the installer will let you choose the components you want, though, so you might be able to keep Outlook.

  8. #8
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Nasty Malware

    Outlook 2000 is part of Office 2000, Outlook Express is part of Windows.
    So, as Jefferson pointed out, uninstalling Office 2000 will also uninstall Outlook 2000. You can also select the option to Change the installation, then Add/Remove Components, and just remove Outlook 2000.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •