Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Spoof anti-virus software
New Posts  All Forums:Forum Nav:

Spoof anti-virus software - Page 5

post #41 of 92
I have two solutions, probably neither of which your customers would like.

Install linux with SElinux running.
Make an admin account in windows and give them no permissions to do anything.

The fact that these are repeat customers tells me nothing you do for them will ever prevent them from coming back infected.
Deimos
(13 items)
 
Pluto
(18 items)
 
 
CPUMotherboardGraphicsRAM
AMD 1090T Biostar TA890FXE Nvidia GTX 470 Corsair Vengence 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 MZ-7PC128D/AM Western Digital Black Western Digital Green Western Digital Blue 
CoolingOSOSMonitor
Dtek v2 Water Windows 7 Pro Fedora 16 LG4250 42" LCD TV 
KeyboardPowerCaseMouse
Microsoft Ergo Silverstone ST-1000P Cooler Master Cosmos 1000 Logitech G500 
Mouse PadAudio
X-Trac Ripper Asus D1 
  hide details  
Reply
Deimos
(13 items)
 
Pluto
(18 items)
 
 
CPUMotherboardGraphicsRAM
AMD 1090T Biostar TA890FXE Nvidia GTX 470 Corsair Vengence 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 MZ-7PC128D/AM Western Digital Black Western Digital Green Western Digital Blue 
CoolingOSOSMonitor
Dtek v2 Water Windows 7 Pro Fedora 16 LG4250 42" LCD TV 
KeyboardPowerCaseMouse
Microsoft Ergo Silverstone ST-1000P Cooler Master Cosmos 1000 Logitech G500 
Mouse PadAudio
X-Trac Ripper Asus D1 
  hide details  
Reply
post #42 of 92
Quote:
Originally Posted by corky dorkelson View Post
I have seen some NASTY variants of system tool lately. The latest was on a machine that was primarily used for Facebook. It got right past Security Essentials and locked down EVERYTHING. It had control of Internet, Updates, AV, Task Manager, and it wouldn't even let me install a mouse. I ended up removing the virus but the registry was trashed, and many OS files were corrupted. Had to wipe it. Machine was Vista64 Pro BTW.

I think alot of these are coming from Facebook. I have seen a few machines with similar usage patterns, and they are all leading me there.
Yeah, only thing I can think of is people installing and running those stupid applications that Facebook has.

I'm telling you those applications will be the death of Facebook.
post #43 of 92
Quote:
Originally Posted by E-Peen View Post
I'm telling you those applications will be the death of Facebook.
I am in 100% agreement with you. Spam, advertising, and viruses are flooding that site with the quickness. I think the reason people left Myspace were for those very same reasons.
Bob's Your Uncle
(14 items)
 
  
CPUMotherboardGraphicsRAM
4790K MSI Z97 Krait SLI Edition Asus R9 290 DCII 16gb Corsair Vengeance Pro 2400mhz 
Hard DriveCoolingOSMonitor
250gb and 120gb Samsung 840 Cryorig H7 Push/Pull Win7  ViewSonic VX2457-MHD + Planar 2210W 
KeyboardPowerCaseMouse
Microsoft Sidewinder X4 Corsair TX650W Deepcool Dukase Logitech G500 
Mouse PadAudio
Steelseries QCK Mass Native Instruments Komplete Audio 6 
  hide details  
Reply
Bob's Your Uncle
(14 items)
 
  
CPUMotherboardGraphicsRAM
4790K MSI Z97 Krait SLI Edition Asus R9 290 DCII 16gb Corsair Vengeance Pro 2400mhz 
Hard DriveCoolingOSMonitor
250gb and 120gb Samsung 840 Cryorig H7 Push/Pull Win7  ViewSonic VX2457-MHD + Planar 2210W 
KeyboardPowerCaseMouse
Microsoft Sidewinder X4 Corsair TX650W Deepcool Dukase Logitech G500 
Mouse PadAudio
Steelseries QCK Mass Native Instruments Komplete Audio 6 
  hide details  
Reply
post #44 of 92
Thread Starter 
Both firefox 4 and chrome (stock, no plugins) allow this webpage to run and the file to be downloaded, then SE stops it after it's downloaded.
Big Black Box
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core2Duo E6550 Asus P5K-E EVGA GTX 260 4GB DDR2 800 
Hard DriveOptical DriveOSMonitor
2x 320gb SATA in raid 0 and 2x 1tb WD Black DVD-RW x3 Windows 7 Ultimate x64 Samsung SyncMaster 940bw 19 inch 
KeyboardPowerCaseMouse
Logitech G15 BFG Tech. 650 watt SLI NZXT Logitech G9x 
Mouse Pad
Allsop gamer pad 
  hide details  
Reply
Big Black Box
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core2Duo E6550 Asus P5K-E EVGA GTX 260 4GB DDR2 800 
Hard DriveOptical DriveOSMonitor
2x 320gb SATA in raid 0 and 2x 1tb WD Black DVD-RW x3 Windows 7 Ultimate x64 Samsung SyncMaster 940bw 19 inch 
KeyboardPowerCaseMouse
Logitech G15 BFG Tech. 650 watt SLI NZXT Logitech G9x 
Mouse Pad
Allsop gamer pad 
  hide details  
Reply
post #45 of 92
Quote:
Originally Posted by trojan92 View Post
some people simply don't know enough, they click on advertises and allow pop ups, and I'm sure if they do download illegal content, somewhere in the description it will say "to install, simply turn off your AV, we can assure you this isn't a virus, your AV will just detect it as one"
This.

Quote:
Originally Posted by trojan92 View Post
stupidity [AND IGNORANCE] increases the chance of infection, keep away from suspicious sites, don't click adds, don't download from "warez" sites, illegal downloads are usually unsafe.
Fixed - My mother is 75, with an IQ of 149, won several math's and accounting awards (2nd in the UK out of over 5000 applicants).
She is not stupid... but is not computer-savvy
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 Asus Lappy GeForce GT520M 4096 
Hard DriveOptical DriveOSMonitor
500GB LG W7=64 ult + Slackware13.1_64 + MineOS HP w2207h 
KeyboardCaseMouse
logitech G11 Fugly, lol logitech mx518 
  hide details  
Reply
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 Asus Lappy GeForce GT520M 4096 
Hard DriveOptical DriveOSMonitor
500GB LG W7=64 ult + Slackware13.1_64 + MineOS HP w2207h 
KeyboardCaseMouse
logitech G11 Fugly, lol logitech mx518 
  hide details  
Reply
post #46 of 92
I see this same stuff get in on our PCs at my work. We use TrendMicro for AV (not my choice) and stuff gets through from time to time. I just cleaned one up yesterday.

The thing most people don't realize is that the Fake-AVs are not virus's themselves. They are spyware. They want you to 'buy' their product with your CC info. Most antivirus programs (esp. free ones) don't look for anything but viruses. Add Malwarebytes, an anti-spyware program, to the mix and now you have some solid protection. I would highly encourage your repeat offenders to invest in the Pro version of Malwarebytes. And tell them to not click everything in their junk mail folder...

Viruses usually take over the whole system, either through elevated privileges or flaws in security, and run in an automated fashion. Spyware usually is confined to the users space (unless you run everything as admin) and relies on user interaction to achieve it's desired effect.
GALACTUS
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 1.312 VID Gigabyte EP45-UD3P ATI 7850 1GB 2x2GB G.Skill DDR1000 
Hard DriveOptical DriveOSMonitor
2x WD Black 640GB RAID 0 DVD Burner Windows 7 x64 Dell E228WFP 
KeyboardPowerCaseMouse
Saitek Eclipse Corsair HX520 Antec Nine Hundred Logitech G9x 
Mouse Pad
None 
  hide details  
Reply
GALACTUS
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 1.312 VID Gigabyte EP45-UD3P ATI 7850 1GB 2x2GB G.Skill DDR1000 
Hard DriveOptical DriveOSMonitor
2x WD Black 640GB RAID 0 DVD Burner Windows 7 x64 Dell E228WFP 
KeyboardPowerCaseMouse
Saitek Eclipse Corsair HX520 Antec Nine Hundred Logitech G9x 
Mouse Pad
None 
  hide details  
Reply
post #47 of 92
Quote:
Originally Posted by newphase View Post

Fixed - My mother is 75, with an IQ of 149, won several math's and accounting awards (2nd in the UK out of over 5000 applicants).
She is not stupid... but is not computer-savvy
This is true, you don't just buy a computer and you'll automatically be given the knowledge about spyware, malware, etc. I guarantee you everyone that is computer savvy/works in the computer security field has dealt with dozens of personal viruses, and that's where they got their interest and experience from

My mom is in the same boat. She's in her 50s, won math awards, valedictorian, etc... But she cannot use a mouse for her life. Some people are just not computer savvy.
post #48 of 92
Thread Starter 
Quote:
Originally Posted by thenutty1 View Post
I see this same stuff get in on our PCs at my work. We use TrendMicro for AV (not my choice) and stuff gets through from time to time. I just cleaned one up yesterday.

The thing most people don't realize is that the Fake-AVs are not virus's themselves. They are spyware. They want you to 'buy' their product with your CC info. Most antivirus programs (esp. free ones) don't look for anything but viruses. Add Malwarebytes, an anti-spyware program, to the mix and now you have some solid protection. I would highly encourage your repeat offenders to invest in the Pro version of Malwarebytes. And tell them to not click everything in their junk mail folder...

Viruses usually take over the whole system, either through elevated privileges or flaws in security, and run in an automated fashion. Spyware usually is confined to the users space (unless you run everything as admin) and relies on user interaction to achieve it's desired effect.
a lot of these fake Av's are infecting the MBR, and disabling key system functions such as regedit, task manager etc. i consider that to be virus activity.

also not saying everyone who has a problem is an idiot my experience is the educated ppl usually know what they did or what happened and realize it was a mistake. the ppl who keep coming back because they keep going to the same 2 websites or keep trying to open the same email attachment over and over again never putting two and two together.
Big Black Box
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core2Duo E6550 Asus P5K-E EVGA GTX 260 4GB DDR2 800 
Hard DriveOptical DriveOSMonitor
2x 320gb SATA in raid 0 and 2x 1tb WD Black DVD-RW x3 Windows 7 Ultimate x64 Samsung SyncMaster 940bw 19 inch 
KeyboardPowerCaseMouse
Logitech G15 BFG Tech. 650 watt SLI NZXT Logitech G9x 
Mouse Pad
Allsop gamer pad 
  hide details  
Reply
Big Black Box
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core2Duo E6550 Asus P5K-E EVGA GTX 260 4GB DDR2 800 
Hard DriveOptical DriveOSMonitor
2x 320gb SATA in raid 0 and 2x 1tb WD Black DVD-RW x3 Windows 7 Ultimate x64 Samsung SyncMaster 940bw 19 inch 
KeyboardPowerCaseMouse
Logitech G15 BFG Tech. 650 watt SLI NZXT Logitech G9x 
Mouse Pad
Allsop gamer pad 
  hide details  
Reply
post #49 of 92
I have to agree with the OP that virus is annoying since I've cleaned friends PC's and some ppl's PCs that have made me earn some cash. Even though I've been able to clean most PCs there has been one that completely disabled everything in the OS and wouldn't let me log in into safe mode. It was annoying.

It would be nice if there was an Official Virus Removal thread under Security.
SC2 Phantom
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 2500k @ 4.5Ghz  Asus P8P67 Pro Saphire 7950 3GB 8GB G.SKILL Ripjaws X Series 
Hard DriveOptical DriveOSMonitor
Temp slow hdd None Win7 Pro 64bit Asus 24 VE248H  
KeyboardPowerCaseMouse
Alien XFX 850 Silver 80 Plus NZXT Phantom Black Razer Darthbender 
Mouse Pad
Thermaltake LED 
  hide details  
Reply
SC2 Phantom
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 2500k @ 4.5Ghz  Asus P8P67 Pro Saphire 7950 3GB 8GB G.SKILL Ripjaws X Series 
Hard DriveOptical DriveOSMonitor
Temp slow hdd None Win7 Pro 64bit Asus 24 VE248H  
KeyboardPowerCaseMouse
Alien XFX 850 Silver 80 Plus NZXT Phantom Black Razer Darthbender 
Mouse Pad
Thermaltake LED 
  hide details  
Reply
post #50 of 92
Quote:
Originally Posted by sodalink View Post

it would be nice if there was an official virus removal thread under security.
agree!
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Spoof anti-virus software