AntivirusXP

The place to post questions and share helpful technical information or with other Beethoven.com community members about listening to Beethoven Radio.

Moderator: Nicole Marie

AntivirusXP

Postby analog » Thu Aug 28, 2008 11:39 am

Out of the blue a popup window appeared offering free antivirus program, of course I clicked close but it started scrolling through filenames as if running a scan. Oh nuts looks like a virus... I turned off power, restarted and ran my ISP's antivirus scan (Computer Associates EZtrust). Of course it reported no infections found, as it always does.

I remembered the name - antivirusXP and a google turned up scary stuff, apparently it's some rogue spyware program .. so my neurotic worry kicks in - what is going on? How'd it get by popup blocker, realtime antivirus software, etc etc? Is it still there?


Anyone else had trouble with that one?
Cogito ergo doleo.
analog
2nd Chair
 
Posts: 1573
Joined: Tue Jun 17, 2003 12:01 am
Location: arkansas ozarks

Re: AntivirusXP

Postby Shapley » Thu Aug 28, 2008 11:51 am

I had one pop-up last week, but I don't recall the name. Apparently it was too new a version for my anti-virus software to recognize it.

It didn't offer a 'close' icon, so I used the Ctrl-Alt-Del combo to access the task manager and end the task before It could activite. I've become leary of clicking anywhere on the rogue pop-ups, so I always use end task to clear them.
Quod scripsi, scripsi.
Shapley
Patron
 
Posts: 15196
Joined: Wed Nov 13, 2002 1:01 am
Location: Cape Girardeau, MO

Re: AntivirusXP

Postby analog » Thu Aug 28, 2008 12:44 pm

good thought - thanks.

ctl-alt-delete (three finger Microsoft salute) used to be a reflex - i guess windows xp has spoiled me because it bombs so much less often...

some day somebody will invent a way to identify these hackers and spammers and make their addresses public info.... i won't shed tears over whatever violence is visited upon them.....
Cogito ergo doleo.
analog
2nd Chair
 
Posts: 1573
Joined: Tue Jun 17, 2003 12:01 am
Location: arkansas ozarks

Re: AntivirusXP

Postby Selma in Sandy Eggo » Thu Aug 28, 2008 1:31 pm

I usually right-click on the little square in the taskbar at the screen bottom, and then select "close". I, too, don't trust the red X on the popup. Booby traps lurk there...

I do ritually curse the people who hack, send spyware ads, and otherwise annoy me. Such a formal curse can go on for several minutes and wish ill unto several generations. It's an art form.
>^..^<
Selma in Sandy Eggo
1st Chair
 
Posts: 6273
Joined: Thu Dec 12, 2002 1:01 am
Location: San Diego

Re: AntivirusXP

Postby OperaTenor » Thu Aug 28, 2008 2:31 pm

I got a Mac....

Just sayin'....
"To help mend the world is true religion."
- William Penn

http://www.one.org
OperaTenor
Patron
 
Posts: 10457
Joined: Wed Dec 11, 2002 1:01 am
Location: Paradise with Piq & Altoid, southern California

Re: AntivirusXP

Postby jamiebk » Thu Aug 28, 2008 2:42 pm

Selma in Sandy Eggo wrote:I usually right-click on the little square in the taskbar at the screen bottom, and then select "close". I, too, don't trust the red X on the popup. Booby traps lurk there...

I do ritually curse the people who hack, send spyware ads, and otherwise annoy me. Such a formal curse can go on for several minutes and wish ill unto several generations. It's an art form.


What she said.....
Jamie

"Leave it better than you found it"
jamiebk
1st Chair
 
Posts: 4284
Joined: Fri Nov 11, 2005 1:01 am
Location: SF Bay Area - Wine Country

Re: AntivirusXP

Postby Shapley » Thu Aug 28, 2008 2:56 pm

OperaTenor wrote:I got a Mac....


Then you must be mourning the loss of Steve Jobs....


...Oh! Wait! He isn't actually dead.
Quod scripsi, scripsi.
Shapley
Patron
 
Posts: 15196
Joined: Wed Nov 13, 2002 1:01 am
Location: Cape Girardeau, MO

Re: AntivirusXP

Postby analog » Sun Dec 07, 2008 10:14 am

stumbled across this page while researching a virus my scanner found...

http://www.hackers.nl/2008/how-to-intru ... etworks-2/

while it's over my head i gather it is a 'how to sneak in' with Flash.

Anyone know if they're speaking of Flash Player? Perhaps i'll uninstall that?

You can compile this code by doing:
thex00@hdnl:/secret/GordonProject$ mtasc -swf myWorm.swf -main backdoor.as

Add that code to another flash movie:
thex00@hdnl:/secret/GordonProject$ swfcombine -o demo.swf -T myWorm.swf myBanner.swf

Now how about some local network scanning to ice the cake? The socket handling in ActionScript 3, allows you to scan TCP ports (Flash is not designed for usage with UDP), through the SecurityErrorEvent object. This special object in flash is an exception, like you have in Java,
that is ‘thrown’. The flaw in this design however that it is thrown immediately when a connection failed (closed ported), so if the Movie isn’t allowed AND doesn’t get a SecurityErrorEvent within seconds the port is likely to be open.

Here is an example of how such a scanner would look like:

/* (* ScannerSkeleton.as *) ActionScript 3 */

protected var host:String;
protected var port:Number;
protected var sock:Socket;

public class Main
{
public function Main():void
{
conn = new LocalConnection();
conn.allowDomain(’*');
sock = new Socket();
sock.addEventListener(SecurityErrorEvent.SECURITY_ERROR, onSecurityError);
sock.connect(host, port)
}
}

Not so great is the spawning of child processes inside the flashmovie, which can cause the movie to hang the browser or even worse, the Operating System. Because Flash allows you to scan inside the network, you should try to find the router, which by default uses the Telnet protocol but these days comes with a web interface. As I’ve mentioned
before, it is perfectly possible to reconfigure the router from within Flash, or even worse… Enable UPnP!

Finally, some of the conditions that you need to meet when hacking with Flash. The advantage is that Flash data is stored locally, the challenge is that you got by default only 100Kb per host to work with (a lot less than that actually, its more like 4-5Kb that you can really use for your abusive motivations)… but it rarely gets deleted
and doesn’t have an expiration date, so not like cookies.

Why hack with Flash? Because you can! Hope you enjoyed it.


a.
Cogito ergo doleo.
analog
2nd Chair
 
Posts: 1573
Joined: Tue Jun 17, 2003 12:01 am
Location: arkansas ozarks

Re: AntivirusXP

Postby jamiebk » Sun Dec 07, 2008 1:01 pm

Selma in Sandy Eggo wrote:I usually right-click on the little square in the taskbar at the screen bottom, and then select "close". I, too, don't trust the red X on the popup. Booby traps lurk there...


This is what our IT people at my work have instructed us to do.
Jamie

"Leave it better than you found it"
jamiebk
1st Chair
 
Posts: 4284
Joined: Fri Nov 11, 2005 1:01 am
Location: SF Bay Area - Wine Country

Re: AntivirusXP

Postby analog » Tue Dec 09, 2008 7:55 pm

jamiebk wrote:
Selma in Sandy Eggo wrote:I usually right-click on the little square in the taskbar at the screen bottom, and then select "close". I, too, don't trust the red X on the popup. Booby traps lurk there...


This is what our IT people at my work have instructed us to do.


yes, thanks to both you and selma for that tip i find it works a good bit of the time.

As to the Flash virus a recent update from Adobe claims to have fixed it.....

adblock seems able to detect those popups and i've learned to make a filter for the entire advertiser's domain. i'm plodding along...

you know - i think a suitable payback for 'spam and popper-up advertisers' would be...
... place them in irons, and a virtual reality headset blaring an endless loop of Billy Mays singing "Jingle Bells Rock".

a. Image
Cogito ergo doleo.
analog
2nd Chair
 
Posts: 1573
Joined: Tue Jun 17, 2003 12:01 am
Location: arkansas ozarks

Re: AntivirusXP

Postby jamiebk » Tue Dec 09, 2008 10:28 pm

How about some Perry Como to go with that? :rofl:
Jamie

"Leave it better than you found it"
jamiebk
1st Chair
 
Posts: 4284
Joined: Fri Nov 11, 2005 1:01 am
Location: SF Bay Area - Wine Country

Re: AntivirusXP

Postby alkalinelife421 » Sat Mar 07, 2009 7:28 am

fyi - antivirus programs only do so much. you also *if you have a pc* want to download an anti-spyware program - i liked ad-aware by lavasoft when i had a pc. it's free and finds a lot of spyware junk and deletes it for you! hope this helps.
when not at my job at a alkaline supplements store, i luv to play music & want a baby grand someday!
alkalinelife421
Section Player
 
Posts: 2
Joined: Sat Mar 07, 2009 7:23 am

Re: AntivirusXP

Postby Giant Communist Robot » Sat Mar 07, 2009 10:39 am

Spybot has a free version also.
Thinking is overrated
Giant Communist Robot
1st Chair
 
Posts: 3236
Joined: Tue Sep 28, 2004 12:01 am
Location: Waiau, Hawaii


Return to Helping Hand

Who is online

Users browsing this forum: No registered users

cron