• We are now running on a new, and hopefully much-improved, server. In addition we are also on new forum software. Any move entails a lot of technical details and I suspect we will encounter a few issues as the new server goes live. Please be patient with us. It will be worth it! :) Please help by posting all issues here.
  • The forum will be down for about an hour this weekend for maintenance. I apologize for the inconvenience.
  • If you are having trouble seeing the forum then you may need to clear your browser's DNS cache. Click here for instructions on how to do that
  • Please review the Forum Rules frequently as we are constantly trying to improve the forum for our members and visitors.

anyone else keep getting a virus from the forum?

H

Herr Heckler Koch

Guest
Of more immediate and direct concern as people try to find less expensive web access, does Carrier IQ snoop the TCP/IP stream of a tethered computer? I've asked but both parties demurred for being parties to litigation against Carrier IQ.
 
Last edited:
SovereignAxe

SovereignAxe

Regular Member
Joined
Jul 29, 2011
Messages
791
Location
Elizabethton, TN
thieltech said:
okay thanks for the help guys , ill try fire fox out then ? does anyone have anything bad to say about microsoft security essentials ? thats what im currently useing .... just trying to figure out if i should change to something else , if there's something better ? and free is best lol
Click to expand...

I recommend Google Chrome over FireFox. FireFox still hasn't fixed their memory leak issues (if you keep the browser open long enough your RAM usage will skyrocket. and it's been going on for years without a fix), and Chrome is the fastest browser I've ever used.
 
M

McX

Guest
i still use NetScape9, it's old, but travels light, and if it becomes infected, or loaded down, it collapses, and closes, saving the computer.
 
rcawdor57

rcawdor57

Campaign Veteran
Joined
May 18, 2009
Messages
1,643
Location
Wisconsin, USA
I Have No Memory Issues Using Firefox....

SovereignAxe said:
I recommend Google Chrome over FireFox. FireFox still hasn't fixed their memory leak issues (if you keep the browser open long enough your RAM usage will skyrocket. and it's been going on for years without a fix), and Chrome is the fastest browser I've ever used.
Click to expand...


My desktop computer is never turned off unless the UPS dies after an extended power failure. I use Firefox exclusively and have never had any issues with it. I have a few addons for security and use Avast Professional Internet Security which works well. The longest my system has been running with a Firefox window open is over six months, the shortest is at least a few weeks (before rebooting manually after a Windows update). I have never had any memory issues.
 
2a4all

2a4all

Regular Member
Joined
Jul 1, 2008
Messages
1,846
Location
Newport News, Virginia, USA
Add me to list of the infected.

I've checked around, and this (XP Security 2012) is appears to be a fairly nastymalware/ rootkit virus whose only real fix is to reformat the hard drive and reload the OS. Neither McAfee nor Norton currently offer an effective defense. I've had extensive discussions with my ISP and with the Geek Squad. This virus was apparently written by an individual based in Pakistan with extensive professional progamming experience, whose motive is simply that s/he could do it. My sources tell me that they get a fair number of calls for help about this thing from people who have responded to its attempts to bully the user into purchasing anti-virus software.

It apparently uses the ad banners of 3rd party web sites to establish an entry point without the need to actually click on the banner.

It does run as a JAVA app, with a process name (in Task Manager) which always has a 3 letter.exe file name. However, it recurrs with different names. (Be careful, as there are some legitimate processes with 3 letter names running.) It seems to reside in the user file space (on XP systems).

It seems to be able to infect independenly of the browser in use.

I chose to upgrade my system to a new one because I don't have time right now to overhaul the infected one. Perhaps after the holidays, I may get time to investigate further.

Not good news, but perhaps helpful.

Perhaps the monitors could make this a sticky post under a more appropriate heading?
 
Last edited:
Resdon111

Resdon111

Regular Member
Joined
Jan 27, 2011
Messages
48
Location
Sussex, WI
Nutczak said:
I am seeing "Windows 7 Antispyware 2012" it was a real SOB to kill and remove, so be careful.

The first thing it does is shuts down Microsoft security essentials, it starts is a prompt to update a java program, SO DO NOT UPDATE JAVA, you're allowing the virus by doing that.

PM me if you need more help removing this crap./
Click to expand...

That thing has been going around like crazy lately. Three of my friends and myself all got it in the past few weeks. Mine didn't come in through Java, it came in through a fake windows security update.
 
N

Nutczak

Regular Member
Joined
Dec 2, 2008
Messages
2,165
Location
The Northwoods, lakeland area, Wisconsin, USA
Resdon111 said:
That thing has been going around like crazy lately. Three of my friends and myself all got it in the past few weeks. Mine didn't come in through Java, it came in through a fake windows security update.
Click to expand...

The security update is/was the virus delivering it's payload.

Malwarebytes is the only one I found that catches it, MS security essentials is hit or miss with this one, the scans come up clean, but occasionally it pops a warning.

Hey, even a blind pig finds an acorn once in a while!!
 
Sorcice

Sorcice

Regular Member
Joined
Nov 13, 2011
Messages
381
Location
Madison, WI
One. Don't believe everything you hear from a geek squad agent. There are very few decently qualified agents.
Two. IE is horrible use chrome or Firefox as mentioned above.
Three. Malwarebytes is free and quite good but it won't auto detect. I usually run a full scan every 2 weeks or so after updates however as nice as it is it's mainly for adware and malware. Not so much virus detection though it does find some things. Spybot is very easy to use and usually finds the same things as Malwarebytes. The difference is it actively finds things which is nice.
Four. Winblows restore points usually break more than they fix and they leave your registry kinda muddy. I keep all my files on an external and run any software on my main drive.
Five. If you really want to look at that much porn on the Internet don't be surprised when bad things happen to your system. Lol. please don't blame the forum for clicking an ad.

Lastly. If anyone needs help fixing their pc or cleaning it up PM me and we can set a meet. I live in Madison. All I need is cab fair. Services free to opencarry.org members.
 
C

carsontech

Activist Member
Joined
Apr 7, 2011
Messages
529
Location
Anderson, SC
Most of the time, the spyware and malware comes in via the ad systems. That's how most people are getting the fake spyware/virus scanners on there machines form legit sites. The sites use an ad service to generate money to support their servers, such as OCDO does, but the ad service doesn't always check the ads that have been given to them.

You don't have to click on an ad to get infected form the ad that has been downloaded when the browser downloads it to display on your computer. Usually the malware is executed via exploits with outdated software that is running on your computer. Play with Backtrack, and you'll see what I mean.

If you use ad blocker, you wont see the ads, and will have much less risk from getting the crap that is spread by the ads.

I use Chrome and Firefox with Ad Blocker Plus, Java disabled unless I right click and enable a specific java object, pop up blocker, etc.
 
Last edited:
thieltech

thieltech

Regular Member
Joined
Nov 23, 2011
Messages
92
Location
Beaver Dam
So this virus cant be found on the hard drive by hand and delete its contents ? Im guessing theres way more to it then that . even after i do a restore it comes back ................... CAN I SAVE ME PICS TO MY EXTERNAL HARD DRIVE OR AM I GONNA INFECT MY EXTERNAL HARD DRIVE THEN ? THEN I CAN INSTALL A NEW COPY OF WINDOWS ??


THIS IS A NIGHTMARE!!! lol And the crapie part is i just bought this dam computer a month ago !!!
 
Last edited:
thieltech

thieltech

Regular Member
Joined
Nov 23, 2011
Messages
92
Location
Beaver Dam
oliverclotheshoff said:
who is running win 7 that as gotten the virus????

all i see so far is it is affecting xp is this atrue statement???
Click to expand...

thats a negitive , im running windows seven , it just doesnt seem to effect mine to the point i cant run system restore ... so yes windows 7 to ...

and im also able to run my microsoft security essentials , but others arent able to ...not sure if they have xp maybe ?

i was also useing internet explore and java , and now im useing chrome and java disabled , every time i would go to java and click on it , the virus would pop up again , so possiably it was comeing from there ?
 
Last edited:
Baked on Grease

Baked on Grease

Regular Member
Joined
Jul 4, 2011
Messages
629
Location
Sterling, Va.
thieltech said:
So this virus cant be found on the hard drive by hand and delete its contents ? Im guessing theres way more to it then that . even after i do a restore it comes back ................... CAN I SAVE ME PICS TO MY EXTERNAL HARD DRIVE OR AM I GONNA INFECT MY EXTERNAL HARD DRIVE THEN ? THEN I CAN INSTALL A NEW COPY OF WINDOWS ??


THIS IS A NIGHTMARE!!! lol And the crapie part is i just bought this dam computer a month ago !!!
Click to expand...

Unfortunately, most of the viruses have multiple components. You can delete 99% of the affected files but that one file will trigger the entire virus again when you reboot the computer, and these files are buried deep and often have names that sound legit.

There are programs that are made to remove specific viruses that are hard to remove. That's the main reason to make sure your antivirus is up to date, so it has the latest detection AND removal procedures.

Picture files a should be fine to add to an external for safe keeping. I'd suggest highlighting the actual files and not the folder in case there is a hidden file there.

What I do is keep my OS on one drive with after market software and all other files on an extra. Get a bad virus? Wipe the OS drive and start fresh in an hour without losing a file.

Sent using tapatalk
 
Resdon111

Resdon111

Regular Member
Joined
Jan 27, 2011
Messages
48
Location
Sussex, WI
Billy D said:
I got the virus too, got rid of it in a few minutes via:
http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012

Dl and run the file:

FixNCR.reg (http://download.bleepingcomputer.com/reg/FixNCR.reg)

you may have to DL the file from another computer and xfer it via thumb drive.
Click to expand...

That fix didn't work for me. It relied on Malwarebytes which couldn't find the infection. I still had the virus but MalBytes said everything was A-OK. I had to go the GeekstoGo forum and get assistance from a malware guy. Good group of folks over there, they really help you out.

I recommend doing a run with the Kaspersky free scanner. It was the one that found the actual virus on my computer, but there were still some lasting effects that I wouldn't have been able to fix without the geekstogo help.
 
thieltech

thieltech

Regular Member
Joined
Nov 23, 2011
Messages
92
Location
Beaver Dam
Baked on Grease said:
Unfortunately, most of the viruses have multiple components. You can delete 99% of the affected files but that one file will trigger the entire virus again when you reboot the computer, and these files are buried deep and often have names that sound legit.

There are programs that are made to remove specific viruses that are hard to remove. That's the main reason to make sure your antivirus is up to date, so it has the latest detection AND removal procedures.

Picture files a should be fine to add to an external for safe keeping. I'd suggest highlighting the actual files and not the folder in case there is a hidden file there.

What I do is keep my OS on one drive with after market software and all other files on an extra. Get a bad virus? Wipe the OS drive and start fresh in an hour without losing a file.

Sent using tapatalk
Click to expand...

i gotta say i learned alot more from u guys about viruses and malware in the last 2 days ,then i have in a year .. the basics for me any way .. im not the most computer savy lol ........ i cant believe how fast google chrome is compared to internet explore ! right now i save all my files weekly to my external hard drive , think ill start putting them directly on there like you said .... much less worry then when i get a BUG !:mad:
 
VW_Factor

VW_Factor

Regular Member
Joined
Nov 1, 2010
Messages
1,092
Location
Leesburg, GA
Nutczak said:
I am seeing "Windows 7 Antispyware 2012" it was a real SOB to kill and remove, so be careful.

The first thing it does is shuts down Microsoft security essentials, it starts is a prompt to update a java program, SO DO NOT UPDATE JAVA, you're allowing the virus by doing that.

PM me if you need more help removing this crap./
Click to expand...

The virus isn't coming from these forums.

If you've been hit with this infection its from clicking on something you were not supposed too. Or you were using Internet Explorer with low security settings.
 
You must log in or register to reply here.
Top