Page 1 of 2
bmix infection?
Posted:
Fri Apr 23, 2010 2:44 pmby Kramerguy
Just a heads up bmix - When I open the thread about courtney love, I get an infection notice from symantic, that it quarantines a threat- Happened 3x while viewing that thread. Stopped when I exited the thread.
Detection Method/Name: Bloodhound.PDF!gen
(Infected) Filename: 1CD06F44d01
Location: C\documents and settings\(profile)\Firefox(etc...)\profiles\tbhwe3d5.default\cache\
SUMMARY
Bloodhound.PDF!gen is a heuristic detection of potentially malicious files, which may exploit vulnerabilities in Adobe Reader in order to perform further malicious actions.
Posted:
Fri Apr 23, 2010 3:40 pmby CraigMaxim
???
Couldn't find any file like that in that original post.
Is it possibly linked to an image?
Anyone?
Posted:
Fri Apr 23, 2010 4:51 pmby gbheil
Thanks.
Time for an antiviral run.
Posted:
Fri Apr 23, 2010 6:05 pmby Chippy
Philby is down owing to something like this. (Perhaps not related?) He cannot connect to major web sites but his Email is intact for now.
This is what he is getting at present.
Code: Select all Internet Explorer cannot display the webpage
What you can try:
Diagnose Connection Problems
More information
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
That diagnosis button gives me the "Welcome to Network Diagnostics for Windows XP"
After it checks connectivity, It says
"Windows cannot connect to the internet using HTTP, HTTPS, or FTP. This is probably caused by the firewall settings on this computer.
"Check the firewall settings for the HTTP port(80), HTTPS port(443), and FTP port(21).
You might need to contact your internet services provider (ISP) or the manufacturer of your firewall software."
And when I click on that "More information" button, I get the following:
Internet Explorer cannot display the webpage
What you can try:
Diagnose Connection Problems
More information
This problem can be caused by a variety of issues, including:
Internet connectivity has been lost.
The website is temporarily unavailable.
The Domain Name Server (DNS) is not reachable.
The Domain Name Server (DNS) does not have a listing for the website's domain.
There might be a typing error in the address.
If this is an HTTPS (secure) address, click Tools, click Internet Options, click Advanced, and check to be sure the SSL and TLS protocols are enabled under the security section.
For offline users
You can still view subscribed feeds and some recently viewed webpages.
To view subscribed feeds
Click the Favorites Center button , click Feeds, and then click the feed you want to view.
To view recently visited webpages (might not work on all pages)
Click Tools , and then click Work Offline.
Click the Favorites Center button , click History, and then click the page you want to view.
I've tried several things but because he cannot get to any web site owing to this friggin virus it makes like hard. Safe Mode failed.
I hate windows. (Sort of for now).
Posted:
Fri Apr 23, 2010 7:01 pmby Kramerguy
it looks like scareware- a 'virus' that pops up and tells you that you have a virus, and tries to emulate that it's IE or windows trying to "diagnose' the issue. In these cases, it's a standard protocol to disable the internet connection(s) so the user cannot google any names and find out it's a product that installs itself and alerts you to buy a solution.
The dialog you put up looks suspect, which is why I think that.
Try this:
Go to interenet explorer, go to "tools", then select "internet options". In the "connections" tab, click on "LAN Settings" Make sure that the "proxy server" box is unchecked. Proxy servers are usually unnecessary and not used if you use a typical internet service like cable or DSL.
that's the most common way scare-ware disables most internet connections.
On a side note, most of these programs use port 80 to connect to their OWN websites, which is where you can usually connect to, in order to buy the "Fix".. it's a huge scam.. where's the FTC? Talk about agencies that are asleep at the switch...
Posted:
Fri Apr 23, 2010 9:46 pmby philbymon
Hey, thanks, Kramer!
It worked!
Special thanks also to Chippy. He worked to help me for 2 days, then told me of Kramer's fix!
It's good to know ppl that know!
Thank you again!
Posted:
Fri Apr 23, 2010 10:31 pmby Chippy
I saw what Kramer posted but he explained it far better than I could. (I like images or have the people there).
Fact is it isn't fixed. You are on Windows.
No date on this but please use it and scan your PC.
http://www.avast.com/free-antivirus-download
Failure to do this will make you a Linux user forever.
philbymon wrote:Hey, thanks, Kramer!
It worked!
Special thanks also to Chippy. He worked to help me for 2 days, then told me of Kramer's fix!
It's good to know ppl that know!
Thank you again!
Posted:
Fri Apr 23, 2010 10:43 pmby gbheil
Not had issues unresolvable since I hooked up with Avast.
This is the same thing that caused me to lose all my music and photos.
A virus pretending to be an anti virus to sell you an anti virus.
What a load of crap.
Posted:
Fri Apr 23, 2010 10:58 pmby philbymon
Thanks again, Chippy! I'm downloading it right now.
Posted:
Fri Apr 23, 2010 11:02 pmby CraigMaxim
philbymon wrote:Thanks again, Chippy! I'm downloading it right now.
Welcome Back Phil!
... I think.
LOL!!!
Posted:
Fri Apr 23, 2010 11:09 pmby philbymon
Um...thanks?
I dunno if I can handle the newer. "cuter" Craig! Wassup with all the emoticons?
Posted:
Sat Apr 24, 2010 12:32 amby Robin1
I think he has a new toy.....won't tell where he got them
Posted:
Sat Apr 24, 2010 1:08 amby Slacker G
Some of those are pretty sneaky. I get one that checks information in my Pay Pal account every time I go there. Every time I reformat a drive, I'm OK until the second visit to that forum,. Then it is back again. I found it while checking my Sygate logs. Two outgoing Paypal info every visit to that site. At least I know where it is located.
But I have never used PayPal even though I have an account.
Posted:
Sat Apr 24, 2010 4:58 amby Kramerguy
philbymon wrote:Hey, thanks, Kramer!
It worked!
Special thanks also to Chippy. He worked to help me for 2 days, then told me of Kramer's fix!
It's good to know ppl that know!
Thank you again!
Hey you are welcome. Keep in mind that only got your internet back, you still need to sweep that crap off the PC.
They use randomization (usually based on date/time so it's unique) to pick the file names and registry entries, so you need to find out what virus(or scareware) it is, and then google it for specific instructions on removing it - in most cases, you will need to delete the actual executable file and the registry entries.
What is really interesting is how they can bury these things into myspace / facebook, and even bandmix...
undetected.
Good luck phil/chippy - get rid of that crap before it disables your internet again!!
Posted:
Sat Apr 24, 2010 7:00 amby philbymon
Any suggestions on how to find & eradicate it?
This Avast thingie just set up on my present settings, which includes this thing.