Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: Virus "pwnd" me twice today

  1. #11
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    Quote Originally Posted by xCPPx View Post
    That's exactly the same thing that bugged me about explorer a long while ago. You doubleclick a device icon, expecting to open it and explore the contents, but instead the autorun gets executed. I know there is a workaround to disable the autorun completely as I remember fixing it on my own laptop. Give this article a read.

    My workaround was to switch to Linux Of all the bad things I say about Microsoft Windows though, I've gotta give it one thing: it gives a fantastic "out of the box" experience. Stuff just works straight away. I installed Linux a few months ago and I'm still trying to get it right (my DVD drive is still slow as shit). It's a shame how the whole "out of the box" experience can have such an impact on a person's opinion about an operating system. When I first tried Ubuntu maybe about a year ago, I quickly got sick of it; too much stuff needed tweaking (e.g. the font rendering was disgusting). I tried switching from MSWindows to Ubuntu more than once, but fell back to MSWindows each time.

    A few months ago, I really made the effort to switch to Linux, and now I'm using Ubuntu-with-Xfce as my main OS. I never boot into WinXP anymore (except for checking viruses ).

    I still haven't got my Linux setup quite right, but once I've got it figured out I'm 100% certain it will be superior to MSWindows. If I had a Linux guru living next door to me he'd probably have my laptop sorted in fifteen minutes...

    I should really make a to-do list of stuff I want to change on my Linux system, first thing I need to do is get my DVD drive working at more than 4 megabytes a second
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  2. #12
    Member
    Join Date
    Dec 2007
    Location
    The Netherlands
    Posts
    267

    Default

    Virusses are hidden in so many ways nowadays. The smartest I've encountered was a fake imagefile spreading through MSN, with this filename:

    "<MSN_Contact_Name> - www.fakeimagehost.com"

    Yep, a .com file extension. Tricky bastards....

  3. #13
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Give this article a read over, streaker did a great job writing this one up. There is also a good discussion throughout the thread.

    http://forums.remote-exploit.org/showthread.php?t=13110

  4. #14
    Junior Member
    Join Date
    Jul 2007
    Posts
    71

    Default

    Quote Originally Posted by Citruspers View Post
    Virusses are hidden in so many ways nowadays. The smartest I've encountered was a fake imagefile spreading through MSN, with this filename:

    "<MSN_Contact_Name> - www.fakeimagehost.com"

    Yep, a .com file extension. Tricky bastards....
    Hmm... never thought of that; Not that I spend a large amount of time studying them.

    Your comment makes it all the more funnier. I chuckled and sadly this made my day. (It was a slow day)

  5. #15
    Good friend of the forums
    Join Date
    Feb 2009
    Posts
    356

    Default

    that reminds me I should record a clean-up tutorial video and post it somewhere where more people will read / view it... not much material is available on that online, and everyone and their uncle's dog are doing clean-ups without knowing what they're doing...

  6. #16
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default

    Malwarebytes' Anti-Malware is a great tool I used to clean up my parents PC.
    I have to rename both the Install and update .exe files before they would run. Also have to rename the main .exe file to something random was it would run.

  7. #17
    Just burned his ISO
    Join Date
    Aug 2006
    Posts
    18

    Default

    I do not double click my drives (especially USB sticks) for a long time because of it. Now I use explorer/folders (can be found at left of the windows explorer). Anyway making a folder name "autorun.inf" [without quote] make you drives a bit secure. This type of virus/trojan overwrites the files but not the folder. Putting "autorun.inf" folder at the root of the USB stick will effectively reduce the chance of autoplay/autorun (even with the double click). It also works with other drives.

  8. #18
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by AdorCn View Post
    I do not double click my drives (especially USB sticks) for a long time because of it. Now I use explorer/folders (can be found at left of the windows explorer). Anyway making a folder name "autorun.inf" [without quote] make you drives a bit secure. This type of virus/trojan overwrites the files but not the folder. Putting "autorun.inf" folder at the root of the USB stick will effectively reduce the chance of autoplay/autorun (even with the double click). It also works with other drives.
    You cannot have a File and a Folder/directory named the same in the same directory. It will generate an error. So in theory your idea would work, just the way you stated it is incorrect.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  9. #19
    Just burned his ISO
    Join Date
    Aug 2006
    Posts
    18

    Default

    If you write file named "autorun.inf" then the virus/trojan just overwrite it (by force). But in case of folder/directory they have to remove it first (and it should be empty). Although making the file read only may do the same, I am not sure. Anyway thanks.

  10. #20
    Junior Member unix_r00ter's Avatar
    Join Date
    Feb 2007
    Posts
    64

    Default

    Quote Originally Posted by BOFH139 View Post
    Malwarebytes' Anti-Malware is a great tool I used to clean up my parents PC.
    I have to rename both the Install and update .exe files before they would run. Also have to rename the main .exe file to something random was it would run.


    Malwarebytes is a great bit of software.

Page 2 of 3 FirstFirst 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •