Search the Community
Showing results for tags 'malware'.
-
This turned out to be a very strange one. tumri.net is an old piece of crapware, but it appears to have a newer twist. A client has the latest version of AOL. He has used AOL for the 20 +/- yrs and never had anything bad installed through AOL so he never was interested in using anything else. Recently though, his bank told him that AOL was not secure enough, and that he should try using Firefox or Google Chrome if he wants to use online banking. He also last night was looking at emails from folks he gets emails from frequently and ended up getting constant popups from tumri.net plus a ton of local to him places. I blocked the site within every browser, but had to block it via host file (127.0.0.1 tumri.net) for it to work in AOL. But that was was only partially successful; prevent the content, but the popups themselves continued every 5 seconds as before in AOL. It did not do that in any other browsers. That is the backdrop of today's mess. I tried various tools: Malwarebytes Antimalware, aswMBR.exe, JRT, the client's ESET NOD32 scanner, Kaspersky's TDSSKiller, Combofix, CCleaner, Oldtimer's OTF for deeper cleaning. I read all the logs and there was nothing that any of them found that would cause the problem. aswMBR, Malwarebytes, ESET's NOD32, and TDSSKiller found absolutely nothing. I checked the processes and nothing looked amiss. What it finally came down to was uninstalling AOL completely and downloading it fresh and reinstalling it. That took care of it. And he was very happy in the end. Between this problem today, and what his bank said, he is now willing to move to another browser where we could install Adblock Plus with Malware Domains enabled in Adblock Plus, and WOT. He used web based AOL email before when traveling so it worked out well. He has a lot of work to do to get all his hundreds of Favorites moved over to the other browser but hopefully he will be happy enough with his alternative browser to keep himself safer. I think it came from an email, possibly from Yahoo. It is also possible that we had it fixed, until he opened the email from yahoo again each time. There's no way to be sure on that. Except to open it again in the newly installed AOL and neither of us are going to try that. The yahoo email doesn't do anything in the new browser with that domain blocked six ways to Sunday, and he is very happy about that. I think there is a very good chance that it modified some dll for AOL's network sock because Combofix actually removed it's networking and it had to be re-installed after Combofix reboot but apparently either it re-installed after the email was reopened or it really needed a full uninstall and re-install of AOL to fix it.
-
Linux Wiper Embedded in S. Korean Malware Attacks?
V.T. Eric Layton posted a topic in Bruno's All Things Linux
Symantec finds Linux wiper malware used in S. Korean attacks- 4 replies
-
- 1
-
- linux wiper
- malware
-
(and 1 more)
Tagged with:
-
ask leo article What's in it for the creators of malware?
V.T. Eric Layton posted a topic in Security & Networking
Here's an interesting article from Ask Leo today... http://ask-leo.com/whats_in_it_for_the_creators_of_malware.html?awt_l=9kKfx&awt_m=J5e3tymPeZdfbL -
malware Uh, oh - New Iranian malware will wipe your data
Guest posted a topic in Security & Networking
New Iranian malware will wipe your data. PANIC? - Computerworld Thanks, Richi Jennings for the heads up! -
Emails with Malware URLs - Fran's Computer Services Blog Much more in the Fran's Computer Services blog posting.
-
I pulled this UGLY thing off a client's Win 7 system today. It got right past a fully updated McAfee with no trouble at all. My suspicion is that it was picked up from a bad torrent download. I noticed that this woman's children had numerous offshore illegal music and video download site shortcuts on the desktop. I'll be advising her about this tomorrow. After a manual cleaning using Porteus from a thumb drive and then a final cleaning (once I was able to boot into Windows again) using Malwarebytes and Ccleaner, the system seems to be relatively crud free and stable once again. No data was lost. She got lucky. However, I will be warning her that in total she had 11 pieces of malware and 3 separate trojans on this system, including the key-logging capable reveton virus. I almost feel sorry for folks like this. I should start charging money for this, huh?
- 5 replies
-
- reveton
- fbi warning
-
(and 2 more)
Tagged with:
-
Mac Malware Targeting Unpatched Office Running on OS X – eWeekM
Guest posted a topic in All Things Mac
Mac Malware Targeting Unpatched Office Running on OS X – eWeek As noted in the Fran's Computer Services blog posting: Virus Bulletin has a Glossary entry for shellcode noted above:- 1 reply
-
- microsoft officemac os x
- vulnerabilities
-
(and 3 more)
Tagged with:
-
A friend whose system I had just revived/refurbished a few weeks ago, came by yesterday with his tower in the back seat of his car. He was complaining about how the anti-virus program I put on his system kept nagging him to purchase a premium version. Hmm... I only installed MS Security Essentials on his system and it does NOT nag. Turns out my friend must have been surfing some naughty sites somewhere because he was the victim of a drive-by installation of Windows Premium Guard, which doesn't guard against anything, actually. It's a trojan that infects your system with loads of nasties. It disables your real anti-virus, disallows task manager access, and locks down regedit use. Nasty booger here, folks. I had to use this tutorial from bleepingcomputer.com to clean the system up --> http://www.bleepingc...s-premium-guard Once I did all this, I ran Ccleaner, an MSE scan, and installed FF w/ noscipt/adblock for him. I checked that all was updated properly and I left malwarebytes (trial version) on his system just in case I needed it again. I just revived/refurbished his mom's system not two weeks ago. He's claiming it's all bogged down and not starting up properly already. I'll check mom's system one more time. If it's all corrupted again, I'm giving these folks the option of switching to a Linux distro of some flavor or take their systems to Best Buy for service next time.
- 15 replies
-
- malware
- malewarebytes
-
(and 2 more)
Tagged with:
-
dnschanger Don't Lose the Internet in July! FBI Repeats DNSChanger Warnin
Guest posted a topic in Security & Networking
Don't Lose the Internet in July! FBI Repeats DNSChanger Warning - PCMag By Damon Poeter More in the article- 5 replies
-
- fbi
- internet access
-
(and 1 more)
Tagged with:
-
New, sneakier Flashback malware infects Macs Computerworld More at the 2 page article at Computerworld above. I did a follow up article about this on my FransComputerServices Blog here with some alternatives to heavy handed antivirus programs with real time scanning. At least at this time with Macs.
-
Virus Threats to the GNU/Linux Operating System
V.T. Eric Layton posted a topic in Security & Networking
For years and years now I've been hearing and reading conflicting information regarding viruses and malware threats to the GNU/Linux operating system. I often run across hardcore MS Windows proponents who say that there are threats out there. I see Linux fans saying there are NOT threats of any kind. I see BIG BIZ AV companies that are trying to scare GNU/Linux users into buying their products by exaggerating the threats that are out there. What is the truth? Here are a couple of not-so-definitive articles, but based in fact, I believe: https://en.wikipedia.org/wiki/Linux_Viruses http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/ Does anyone know of any truly definitive source for information regarding this topic? Thanks, ~Eric -
Lessons for IT, Apple in Flashback brouhaha - Computerworld It's clear that OS X is now a target of malware purveyors By Ryan Faas April 16, 2012 06:54 AM ET Excellent and well rounded article by Ryan Faas. He doesn't pull any punches which is I think a good thing. This type of article is very important if Apple is to grow up in this malware infested world we live in. They need to be open, honest, and quick to respond. ALWAYS! This is the type of scrutiny Microsoft had to endure when it was being foolish about malware in the beginning as well.
-
Virus Threats to the GNU/Linux Operating System
V.T. Eric Layton posted a topic in Bruno's All Things Linux
Please read and comment on this topic on the original thread located HERE. Thank you! ~Eric Link fixed. It was supposed to point to the thread in Security & Networking. Thanks, Roger.