View Full Version : Nasty, nasty people.
11th Jul 2012, 04:05
Do not attempt to run these links.
Got these from an old (non-technical) friend tonight. There was no personal text which is unlike her. G-mail put up a huge red warning.
It had several listed friends CP'd who are very vulnerable due to age and non-tekkiness.
11th Jul 2012, 07:54
well, either his e-mail account has been hacked or his PC has been zombied. Impossible to know without more details of the kind of e-mail account and how he accesses it.
Either way, he needs to get help to clean things up.
11th Jul 2012, 14:05
A reminder to all to be EXTREMELY careful about clicking on links - even here on PPRuNe!
11th Jul 2012, 15:39
Saab, I've noticed more and more on sites of late, "Be aware of clicking on links" is this the new 'Not our fault pall ?
11th Jul 2012, 16:29
I've just read a genuine e from her, and fortunately her son is visiting, and set about cleaning her machine. It was a quick message, but implied there was something there.
I hope G-mail's big red flag thing saved me this end. Off to run an update and scan.
12th Jul 2012, 06:30
A bit questionable to put up such links if I may say so Loose Rivets. :ugh:
Even if you have doctored the text, you don't want to encourage people to visit them.
12th Jul 2012, 16:03
Mmmm, okay, OP amended with warning. But isn't this supposed to be the professional computer section.
"I'll think I'll take that (break) out and see what happens."
Without the full link - protected as it is - you experts would not have all the data you may need at hand. Having said this, I suppose they're generated randomly, so won't give much away.
12th Jul 2012, 17:38
OK, I'm a sucker. I'll bite
Using Firefox heavily locked down the first one gets blocked by Googles DNS server - I get a red warning screen warning of malware
The second link isn't blocked that way, but Avast tells me the web page is trying to install a trojan which it calls HTML:Refresher-A[Trj]
I just looked that up on Virustotal
Someone submitted a sample of that a couple of weeks ago and only four virus engines picked it up
What does that prove? That most AV programs may not have stopped it. You need secondary software as well, but the mot important thing ? DON'T CICK ON LINKS!!!!
15th Jul 2012, 08:30
Without clicking on any links or visiting 'dodgy'sites, I suddenly noticed MSE had turned off. Wouldn't turn on, and nor would the Windows firewall. Turned out it was infected with Zero Access. Got rid using MBAM followed by a check with TM Housecall, but wonder how it got there (I'm the only one to use the computer).
15th Jul 2012, 08:51
Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode | Naked Security (http://nakedsecurity.sophos.com/2012/06/06/zeroaccess-rootkit-usermode/)
"This new version of ZeroAccess is being aggressively distributed through the normal mechanisms - drive by downloads, fake keygens, fake game downloads....."
15th Jul 2012, 11:06
So much for MSE being the only AV/firewall program needed then.
15th Jul 2012, 12:41
No, I know people who have had expensive, paid for software who still get caught.
15th Jul 2012, 15:09
Security essentials isn't really enough on its own
It needs padding out with something else
e.g. Threatfire or Panda Cloud - these two seem to have the least system resources overhead
I've tried using ClamWin and its forks as a secondary program, but the performance hit is too high
However, of the free ones my first choice is still Avast, with browserprotect.org blocking hijacks
15th Jul 2012, 16:11
My comment was meant very tongue in cheek Milo. :cool:
15th Jul 2012, 16:16
sorry....not with it this afternoon ....to much post prandial alcohol methinks