where does the xp security virus come from?
in [Viruses]
|
Prev: antivir za win98
Next: Ping: David Kaye
From: FromTheRafters on 9 May 2010 19:10 "Jenn" <nope(a)noway.atnohow.anyday> wrote in message news:hs6tsp$tsc$1(a)news.eternal-september.org... [...] > I thought I got out of the malvertizement before it got me... Is > there a way to avoid such things? Not really, it is the way the web works (both for the advertising and the redirects). These things rely on exploiting human nature or software vulnerabilities. If you could only keep all software fully up-to-date at all times and fully close the 0-day effect, then you could avoid *bad* websites having any effect on you automatically. Then it is just a matter of recognizing the social engineering displayed by the *bad* website as such and prevent its having success by enlisting your cooperation (your computer is so riddled with malware that there's hardly room for the desktop, we can help you if you download and execute this nifty program...then ...if you want your computer back...$$$). If you've got scripting enabled while surfing, and a messagbox looking gizmo appears saying your computer is infected, you can't even trust the "X" in the corner. You must use the task manager to end the session, or go through the fake scan. I usually just ignore the things and let them collect in the tray. They go away when I end the browsing session anyway. If you are the curious type, you can use the task manager to "maximize" the box and then read the IP address from the address bar. You can copy/paste that address if you go offline and invoke the fake scan (the box retains focus otherwise).
From: Jenn on 9 May 2010 23:56 "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message news:hs7fdj$762$1(a)news.eternal-september.org... > "Jenn" <nope(a)noway.atnohow.anyday> wrote in message > news:hs6tsp$tsc$1(a)news.eternal-september.org... > > [...] > >> I thought I got out of the malvertizement before it got me... Is there a >> way to avoid such things? > > Not really, it is the way the web works (both for the advertising and the > redirects). These things rely on exploiting human nature or software > vulnerabilities. If you could only keep all software fully up-to-date at > all times and fully close the 0-day effect, then you could avoid *bad* > websites having any effect on you automatically. Then it is just a matter > of recognizing the social engineering displayed by the *bad* website as > such and prevent its having success by enlisting your cooperation (your > computer is so riddled with malware that there's hardly room for the > desktop, we can help you if you download and execute this nifty > program...then ...if you want your computer back...$$$). > > If you've got scripting enabled while surfing, and a messagbox looking > gizmo appears saying your computer is infected, you can't even trust the > "X" in the corner. You must use the task manager to end the session, or go > through the fake scan. I usually just ignore the things and let them > collect in the tray. They go away when I end the browsing session anyway. > > If you are the curious type, you can use the task manager to "maximize" > the box and then read the IP address from the address bar. You can > copy/paste that address if you go offline and invoke the fake scan (the > box retains focus otherwise). ... so you're saying to just do control-alt-delete to get to the task manager and end the browser session... when the browser is closed you can get to your malware prog to run it? -- Jenn (from Oklahoma)
From: FromTheRafters on 10 May 2010 06:44 "Jenn" <nope(a)noway.atnohow.anyday> wrote in message news:hs804r$s95$1(a)news.eternal-september.org... > > "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message > news:hs7fdj$762$1(a)news.eternal-september.org... >> "Jenn" <nope(a)noway.atnohow.anyday> wrote in message >> news:hs6tsp$tsc$1(a)news.eternal-september.org... >> >> [...] >> >>> I thought I got out of the malvertizement before it got me... Is >>> there a way to avoid such things? >> >> Not really, it is the way the web works (both for the advertising and >> the redirects). These things rely on exploiting human nature or >> software vulnerabilities. If you could only keep all software fully >> up-to-date at all times and fully close the 0-day effect, then you >> could avoid *bad* websites having any effect on you automatically. >> Then it is just a matter of recognizing the social engineering >> displayed by the *bad* website as such and prevent its having success >> by enlisting your cooperation (your computer is so riddled with >> malware that there's hardly room for the desktop, we can help you if >> you download and execute this nifty program...then ...if you want >> your computer back...$$$). >> >> If you've got scripting enabled while surfing, and a messagbox >> looking gizmo appears saying your computer is infected, you can't >> even trust the "X" in the corner. You must use the task manager to >> end the session, or go through the fake scan. I usually just ignore >> the things and let them collect in the tray. They go away when I end >> the browsing session anyway. >> >> If you are the curious type, you can use the task manager to >> "maximize" the box and then read the IP address from the address bar. >> You can copy/paste that address if you go offline and invoke the fake >> scan (the box retains focus otherwise). > > > .. so you're saying to just do control-alt-delete to get to the task > manager and end the browser session... when the browser is closed you > can get to your malware prog to run it? In most cases, ending the session is the way to avoid *that* malware altogether. If you try to close the box by any other method you are taken to the exploit site and exposed to the actual malware. If you have already experienced the 'fake scan' then it is too late to end the session to avoid the exposure.
From: Dustin Cook on 10 May 2010 23:00 ASCII <me2(a)privacy.net> wrote in news:4be7fbdf.606390(a)EDCBIC: > FromTheRafters wrote: >>If you have >>already experienced the 'fake scan' then it is too late to end the >>session to avoid the exposure. > > 'Exposure' that's totally inert if your system isn't vulnerable. > It's almost amusing the lengths some folk will go to, > to avoid hardening their system. > FWIW: I have invoked the fake (js applet) scan yet still nothing > happens, unless my woes are so severe that even RaiD's application > can't detect any. > Ascii, My app hasn't had a database update in nearly 2 years. I hope your not relying on BugHunter alone. :) -- "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge this boulder right down a cliff." - Goblin Warrior
From: FromTheRafters on 11 May 2010 14:39
"Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message news:Xns9D74EB60FC369HHI2948AJD832(a)69.16.185.247... > Ascii, My app hasn't had a database update in nearly 2 years. I hope > your > not relying on BugHunter alone. :) He probably never gets anything for it to look at anyway. |