Might be a malware problem

Jump to latest Follow Reply
Status
Not open for further replies.
Sort by date Sort by reaction score
Sdh

Sdh

ECF Guru
ECF Veteran
Aug 31, 2010
10,509
17,194
U.S.
zoiDman said:
IE8 on XP SP3
Click to expand...

I was using the same set up when I got nailed on face book. I belonged to a group called vapors forum and clicked on someone's link...it was a showing of a new mod...I could not resist. The minute I clicked on I knew something was wrong. The windows restore virus popped in and stupid me clicked on it to repair. (Don't do it!) Anyway at the time my antivirus software did not pick it up.

Therefore I thought It was a problem on my computer...I have a custom built one. I thought it was dying or ?

I now have numerous antivirus programs on computer. I am safeguarding myself and deleted my FB account. To much stimulation anyway. I am running the firefox and all is well. Another thing I have noticed since I have had the virus attack. I seen some merchants less secure than others. For example gourmet vapor has only a 128 bit while most others run at 256bit on their SSL. I was going to order some nic fluid but changed my mind purely on this factor. (I love the nicotine base.)

Is their anyone that we can report this virus to...I mean since we have the IP address can one report it to someone who can investigate. I am not referring to this forum but someone else...I would think the government would have some type of protocol/fcc related to this type of hijack...

Sorry about the rambling.
 
zoiDman

zoiDman

My -0^10 = Nothing at All*
Supporting Member
ECF Veteran
Apr 16, 2010
41,618
1
84,741
So-Cal
If I am on the Net and something weird happens like a strange Pop-up or some a firewall warning, the First thing I do is disable my net connection. It might not alleviate the problem but it can many times minimize the damage.

The thing that is frustration about this to me is that I don’t have a facebook account or have any desire to go to facebook. Is there a way a person on the ECF can Opt-Out of Facebook links?
 
incantius

incantius

Ultra Member
ECF Veteran
Mar 28, 2011
1,871
1,016
tennessee
Sdh said:
I was using the same set up when I got nailed on face book. I belonged to a group called vapors forum and clicked on someone's link...it was a showing of a new mod...I could not resist. The minute I clicked on I knew something was wrong. The windows restore virus popped in and stupid me clicked on it to repair. (Don't do it!) Anyway at the time my antivirus software did not pick it up.

Therefore I thought It was a problem on my computer...I have a custom built one. I thought it was dying or ?

I now have numerous antivirus programs on computer. I am safeguarding myself and deleted my FB account. To much stimulation anyway. I am running the firefox and all is well. Another thing I have noticed since I have had the virus attack. I seen some merchants less secure than others. For example gourmet vapor has only a 128 bit while most others run at 256bit on their SSL. I was going to order some nic fluid but changed my mind purely on this factor. (I love the nicotine base.)

Is their anyone that we can report this virus to...I mean since we have the IP address can one report it to someone who can investigate. I am not referring to this forum but someone else...I would think the government would have some type of protocol/fcc related to this type of hijack...

Sorry about the rambling.
Click to expand...
FWIW running multiple anti-virus programs at once is a bad idea...they tend to slow down your PC & they also can conflict with each other. pick your best one & use it. However if you mean an anti-virus + anti-malware ok...but anti-virus + anti-virus = unnecessary pain and you're not as secure as you think you are...
 
Sdh

Sdh

ECF Guru
ECF Veteran
Aug 31, 2010
10,509
17,194
U.S.
incantius said:
FWIW running multiple anti-virus programs at once is a bad idea...they tend to slow down your PC & they also can conflict with each other. pick your best one & use it. However if you mean an anti-virus + anti-malware ok...but anti-virus + anti-virus = unnecessary pain and you're not as secure as you think you are...
Click to expand...

Oh clarification...anti-virus plus anti-malware....just checked my programs....
 
Sdh

Sdh

ECF Guru
ECF Veteran
Aug 31, 2010
10,509
17,194
U.S.
uba egar320 said:
Not sure. But when I saw the message posted on ECF, it made sense to me. It's the only place I could think of that both PC's had been on in the same day (I think!).
Click to expand...

You can get a free program that will wipe it out for now. Malwarebytes anti-malware. Just google...I don't link anymore due to being afraid of potential viruses attached. (I know paranoid.)
 
incantius

incantius

Ultra Member
ECF Veteran
Mar 28, 2011
1,871
1,016
tennessee
there are quite a few variants of the virus that seems to be plaguing people from the descriptions. and unfortunately some of them require manual removal (via registry hacks, etc.) some of the variants will "hide" or sometimes even "disable" your real anti-virus. the worst variant includes a browser hijacker so you can't just click a link an download anything to help you. for those you would need to get the actual URL for the file to download and type it into your web browser address bar. if you have access to a PC that isn't infected you can download the installers and burn to CD/DVD and use for the infected one. if you're somewhat "tech savvy" i highly recommend grabbing UBCD and burning it. then you can boot up from that disk and do all of your cleanup without it even loading windows (which is also the best thing for checking rootkits, etc.) you can get the UBCD from here UBCD for Windows i keep a copy handy for this type of thing. even if you can't kill the virus you can still get your most important data from the hard drive with minimal fuss.
 
Majestic

Majestic

Super Member
ECF Veteran
Verified Member
Apr 11, 2009
956
269
N.E. Wisconsin
jj2 said:
<snip>.......This still being a problem is a problem though. I sometimes use my son's laptop and it only has IE on it so I hope someone finally finds the problem.
Click to expand...

Just use IE without add-ons. That will give you the basic browser which is all that you need for the forum here. It's icon is under System Tools on the All Programs menu.
 
Last edited:
zoiDman

zoiDman

My -0^10 = Nothing at All*
Supporting Member
ECF Veteran
Apr 16, 2010
41,618
1
84,741
So-Cal
5/16/2011 10:21 AM,High,An intrusion attempt by 64.72.105.3 was blocked.
Web Attack: Blackhole Toolkit Website 6,"64.72.105.3, 80",64.72.105.3/Home/index.php,
64.72.105.3,"TCP, www-http"

A mod could check the transaction logs for this time and date and see if anything looks fishy. I was logged onto the ECF when this happened.
 
AttyPops

AttyPops

Vaping Master
ECF Veteran
Jul 8, 2010
8,708
134,344
Hc Svnt Dracones - USA EST
Thanks Alex.

Funny thing.... hope this isn't too off track......

I just installed Java yesterday to use a hardware vendor's utility that required it (on a Windows 7 box). I used the utility, then UNINSTALLED JAVA. I did happen to notice that there is a very recent update for it. And... micorsoft has JVM's too outside of the Oracle Java. To to echo the above UPDATE EVERYTHING!!!! Your Java should probably be set to auto-update, unless you really know what you are doing. BTW IDK if the updates block the exploit... whatever it is.

I don't happen to need Java, so I don't run it. There are a few sites that require it, but meh.
 
Alex

Alex

Code Monkey
ECF Veteran
Apr 6, 2010
298
18
37
California
I have Java installed, I even write Java apps...

The main thing is shutting it off and not letting the browser have access to it when it is not needed.

You can disable addons in all browsers:

IE (Switch off of it insteaad xD) Internet Explorer add-ons: frequently asked questions
Firefox -> Addons, click Extenstions Tab
Chrome -> about:plugins

Java is owned by Oracle a gigantic company but security updates are nearly a weekly thing with them... (same with Microsoft)

Edit:

I'm going to be doing proactive monitoring of ECF to detect further threats while I am re-engineering the way ECF is ran.
 
classwife

classwife

Admin
Admin
Supporting Member
ECF Veteran
Verified Member
May 9, 2010
98,563
161,084
68
Wesley Chapel, Florida
Big (hugs) Alex !!

flyswatter.jpg


For squashing those nasty bugs !
 
Maxwell_Edison

Maxwell_Edison

Ultra Member
ECF Veteran
Apr 5, 2009
1,655
237
Ohio
beatlesnumber9.com
I posted in the V4L sub-forum asking if ECF was infected. I got two high risk intrusions just today, and it all started about 2 weeks ago. Somehow tiburonfirst saw the post and I ended up patching Java, but I might just leave it disabled. Norton blocked intrusions from 64.72.105.3 about 3 hours ago:

1. Web Attack: Malicious Toolkit Website 9
and
2. Web attack: Malicious Java Activity 5
 
Status
Not open for further replies.

Similar threads

rolygate
  • Locked
Update on possible malware issue
Replies
7
Views
1K
Site Feedback and Help
progg
P
Pissy
  • Locked
My folding@home quit?
Replies
5
Views
1K
Team ECF Folding Forum
Judge Dredd
Judge Dredd
J
  • Locked
PROGRAMMERS! Software and databases...
Replies
27
Views
2K
DIY E-Liquid
BostonSean
BostonSean
John Phoenix
  • Locked
Want protection? Get Sandboxed ! Make yourself Bulletproof !
Replies
20
Views
5K
Computer Security
wizard10000
wizard10000
Eric Spofford
  • Locked
viruses if u think u have 1 and whut u can do
Replies
49
Views
8K
Computer Security
NeoGills
N

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Top Bottom
Jump to latest Follow Reply
Jump to latest Follow Reply
Forums
Products
Vaping.com
Star Suppliers
Blogs
Menu