Question anyone else getting a virus warning while visiting the site today?

n0x23 said:
Good luck, I hope it works out. :thumbsup

If it is a virus and you have trouble running your preexisting AV in Safe Mode, just add an AV to the BartPE disk when you burn it and run it off there.
Click to expand...

Hey Nox,

I have a problem, BartPE is launched but I have a windows saying :

Network support is not started yet.

Do you want to start network support now ?

Yes No
Click to expand...

The problem is that when I hit the Y or N key, it doesnt work so I'm stuck with the windows. My keyboard works because when I start my comp I can do F12 to go to the boot menu. But doesnt look to work with BartPE.

Any idea ? :cry


[edit]

Ok... Maybe I found the problem on the support forum. 2 guys had the same problem and they built BartPE with Vista 64, they burnt it again with a Windows XP 32 machine this time and that worked. I used a Vista machine to burn mine as I dont have any other computer with XP installed, at least at home ! PLus it's a Dell computer and it looks like there're more issues with Dell comp ! Argh :s
 
Last edited:
is there a chance this could happen again in the future? my browser and firewall didnt catch this thing a all before it was able to install..
 
Kylash327 said:
is there a chance this could happen again in the future? my browser and firewall didnt catch this thing a all before it was able to install..
Click to expand...

There is always the chance of such things happening to virtually any site. We try to keep our software regularly updated to defend against such attacks, but there are people in the world with nothing better to do than try to harm other or exploit others. They will continue to try to find ways in to sites like this and we (or more appropriately, the people who develop the software we use) will continue to try to stop them. As long as the internet exists, the possibility of this happening again will exist.

However, we are taking some additional steps to hopefully make the possibility of a future attack even less likely.
 
Network support is not started yet.

Do you want to start network support now ?

Yes No The problem is that when I hit the Y or N key, it doesnt work so I'm stuck with the windows. My keyboard works because when I start my comp I can do F12 to go to the boot menu. But doesnt look to work with BartPE.

Any idea ? :cry
Click to expand...

I have a Dell and use XP, but I didn't run into what you're describing.

When it tells you to hit the Y or N key, are you in MS-DOS, or are you running off the Bart disk?
 
Kylash327 said:
is there a chance this could happen again in the future?
Click to expand...

Any site at anytime, sadly unavoidable... Most exploits like this that allow rogue code to be injected into a site are known by the 'hackers' for weeks if not months before they are released to the public or discovered and patched by software companies... Even with perfectly up to date software today someone could likely discover a new hole tomorrow (or already knows one) and can execute the exploit against a site and there isn't anything you can do to prevent it...

Think of it this way, can you protect your house and property 24/7 from burglaries or damage? You can certainly try but realistically there is no way to avoid those determined to do the deed... You can take precautions and make it harder but in reality you likely can't stop them 100% of the time...

my browser and firewall didnt catch this thing a all before it was able to install..
Click to expand...

Sadly that is probably because you authorized it to install unannounced to you...

I never saw the actual exploit but if it's the one Art said it was Total Security aka Total Antivirus aka Antivirus 2009 aka about 20 other names...

What this exploit usually does is pop-up a FAKE screen pretending to be Windows built in antivirus software, it does a FAKE scan of your system, but the trick is in the buttons, what is that saying about beauty is only skin deep? Same applies here, no matter what button you press to cancel the pop-up and close the fake scanner their appearance and function is only skin deep ALL the buttons are actually "Yes Please Install" underneath...

Once you gave it permission to install the rest is history, it will again pretend to be an anitvirus and pretend to be doing you good, and then it asked for payment to fix your problem... Send the extortion money to the sadly 'legit' company and it gives you back your computer or in some twisted logic fixes the virus that is holding your computer hostage ironically the virus doing harm being itself...

Also again without knowing exactly what malware was installed it might have been a lapse of you updating your software on your computer... If your copy of Windows or say your Java engine was not up to date, it could very well use a 2nd exploit that you have failed to patch to install itself...

And last but not least this program is not a virus, it's malware that results in a nuisance not really a 'threat' thus many antivirus and firewall programs will simply ignore it as it doesn't fall withing their criteria of dangerous anymore then say one of the 1001 Toolbar add-ons people install everyday...
 
Yea, that malware is a B!#CH! :angry

I think it was mentioned before in this thread, but the fix is easy.

Start in Safe Mode and run you Anti-mal/virus (I had the best luck with Malwarebytes), and it should take care of it no problem.

If you don't have Malwarebytes, or something equivalent to it and the ad/malware won't let you access the internet, go to another PC, burn the .exe onto a disk, upload it onto yours in Safe Mode and run it from there.
 
I could be wrong, but I'm pretty sure it's not just a PC issue.
This malware isn't an exploit, it's a wolf in sheep's clothing.

As exoray, explained, it doesn't matter where you click it, even to close it, you are in fact giving it permission to install.

The only way to get rid of it, without installing it, is by closing it using WTM (Ctrl+Alt+Delete).
 
Well, unless I'm mistaken, what I've read on Apples' website, the operating system I'm using protects against exactly this kind of attack. I'm having no apparent issues. Any other Mac users out there want to share.
Cheers,
Kevin
 
n0x23 said:
The only way to get rid of it, without installing it, is by closing it using WTM (Ctrl+Alt+Delete).
Click to expand...

If it's the top Window Alt+F4 works...

This why I love my Mac.
Click to expand...

We could go around and around but I'll only asked one question, why do you think Apple wasted all that time integrating and coding a built in Malware scanner for your Mac and OS X, if it wasn't susceptible to attack? The answer should shed some light...

Back on topic, again going back to what Art said, if this originated from an SQL inject exploit then likely the original exploit was cross platform for any machine running that version of SQL on any server with said script that was exploited... That include Macs, although Macs and web server is kind of an oxymoron... The payload that was delivered once the server was exploited happened to be Windows Malware this time, but that is hardly a given...
 
Last edited:
nivektunk said:
Well, unless I'm mistaken, what I've read on Apples' website, the operating system I'm using protects against exactly this kind of attack.
Click to expand...

Steve and his marketing machine say a lot, doesn't make it fact... Just saying...

And a properly maintained and configured Windows machine would have likely breezed through this exploit as well, mine did as did many others... It's a combination of factors and variables that needed to be met, your Mac as well as many Windows, *nix and mobile OS systems didn't meet that criteria, but that doesn't mean next time you will be so lucky if you pretend it can't happen to you just because Apple says so...
 
exoray said:
Any site at anytime, sadly unavoidable... Most exploits like this that allow rogue code to be injected into a site are known by the 'hackers' for weeks if not months before they are released to the public or discovered and patched by software companies... Even with perfectly up to date software today someone could likely discover a new hole tomorrow (or already knows one) and can execute the exploit against a site and there isn't anything you can do to prevent it...

Think of it this way, can you protect your house and property 24/7 from burglaries or damage? You can certainly try but realistically there is no way to avoid those determined to do the deed... You can take precautions and make it harder but in reality you likely can't stop them 100% of the time...



Sadly that is probably because you authorized it to install unannounced to you...

I never saw the actual exploit but if it's the one Art said it was Total Security aka Total Antivirus aka Antivirus 2009 aka about 20 other names...

What this exploit usually does is pop-up a FAKE screen pretending to be Windows built in antivirus software, it does a FAKE scan of your system, but the trick is in the buttons, what is that saying about beauty is only skin deep? Same applies here, no matter what button you press to cancel the pop-up and close the fake scanner their appearance and function is only skin deep ALL the buttons are actually "Yes Please Install" underneath...

Once you gave it permission to install the rest is history, it will again pretend to be an anitvirus and pretend to be doing you good, and then it asked for payment to fix your problem... Send the extortion money to the sadly 'legit' company and it gives you back your computer or in some twisted logic fixes the virus that is holding your computer hostage ironically the virus doing harm being itself...

Also again without knowing exactly what malware was installed it might have been a lapse of you updating your software on your computer... If your copy of Windows or say your Java engine was not up to date, it could very well use a 2nd exploit that you have failed to patch to install itself...

And last but not least this program is not a virus, it's malware that results in a nuisance not really a 'threat' thus many antivirus and firewall programs will simply ignore it as it doesn't fall withing their criteria of dangerous anymore then say one of the 1001 Toolbar add-ons people install everyday...
Click to expand...
Flynn, I have probably removed this thing from work PCs about four or five times. Grant you, each time is easier, but it is still a pain. It completely hoses up host files as well. One knucklehead had it so bad that every time she would open up ANYTHING, it would infect that as well.
 
For those who have lost their drives, I had the same thing happen but your data probably isn't really gone. The partition table has probably become corrupted or even missing causing the system to see the drive as having unallocated space. At least this was the case for me. On the 23rd, I scanned everything, took care of the issues, restarted multiple times. No issues. Turned off for the night, the next day both my drives were showing unknown format when I tried to boot up. I scanned the drive with Gparted, which is a bootable partition editor. it showed my secondary as still having data but my boot as being unallocated. Ran Testdisk, which is included, and it scanned the drive and rewrites the partition. Five minutes and it was booting up as normal and all my data was still intact.

I have no idea if this was related to the attacks. Possibly my drive is starting to fail even though it is the newest drive. Now that I've been able to backup everything, I'm going to reformat it and see how it runs. It currently is showing no bad sectors and no impending failures.

Thanks to all the staff who fixed the issue here. Amazing how much I missed dropping by over just one day.
 
Qui-Gonzalez said:
Flynn, I have probably removed this thing from work PCs about four or five times. Grant you, each time is easier, but it is still a pain. It completely hoses up host files as well. One knucklehead had it so bad that every time she would open up ANYTHING, it would infect that as well.
Click to expand...

Never said it was good for the system, it's a horrible nuisance, and creates havok but that doesn't make it a virus...

Do you think I'm endorsing it or something? If so hell no, just explaining the reality of it, Malware and viruses are two distinct things, don't expect your anti-virus or firewall to catch malware, as it's beyond their scope to scan for is what I was saying... If you want to catch malware run a malware scanner, but on the flip side don't expect your malware scanner to catch a virus... The right tool for the right job...

If this malware is an issue on your work network then may I suggest the full version of Malwarebytes running side by side with your chosen antivirus? That way both bases are covered...
 
Last edited:
nivektunk said:
Well, unless I'm mistaken, what I've read on Apples' website, the operating system I'm using protects against exactly this kind of attack. I'm having no apparent issues. Any other Mac users out there want to share.
Cheers,
Kevin
Click to expand...

I'm on a Mac and had no issues either....other than getting the red block screen. I didn't even have any "updates" asked to be installed or anything. Gotta love the Mac. :thumbsup
 
exoray said:
Never said it was good for the system, it's a horrible nuisance, and creates havok but that doesn't make it a virus...

Do you think I'm endorsing it or something? If so hell no, just explaining the reality of it, Malware and viruses are two distinct things, don't expect your anti-virus or firewall to catch malware, as it's beyond their scope to scan for is what I was saying... If you want to catch malware run a malware scanner, but on the flip side don't expect your malware scanner to catch a virus... The right tool for the right job...

If this malware is an issue on your work network then may I suggest the full version of Malwarebytes running side by side with your chosen antivirus? That way both bases are covered...
Click to expand...

:thumbsup

What exoray said. Malware and viruses are two completely different beasts and you need the correct tool (as in software) to prevent each from getting into your system as well as to clean up those that do get past your safeguards.
 
n0x23 said:
Oh, okay. Thank you. :thumbsup

So is my understanding that...

"This malware isn't an exploit, it's a wolf in sheep's clothing."

...correct?
Click to expand...

Generally speaking, malware is an exploit. In simple terms, it's software that takes advantage of holes or flaws in other software or operating systems and is intended to do damage....which can be a very broad term in itself.

Here, damage could be using your machine to spread malware to other machines (act as part of a botnet); using your machine to host illegal files for others to access; steal your private information and relay it to others or even destroy files on your computer.
 
This thread is more than 13 years old.

Your message may be considered spam for the following reasons:

  1. This thread hasn't been active in some time. A new post in this thread might not contribute constructively to this discussion after so long.
If you wish to reply despite these issues, check the box below before replying.
Be aware that malicious compliance may result in more severe penalties.

Similar threads

Art Andrews
Site Updates
Replies
5
Views
1,091
NostromoCrew
NostromoCrew
Mouse Vader
Question Getting logged out
Replies
2
Views
522
Mouse Vader
Mouse Vader
gunnerk19
Question Keep getting logged out...
Replies
3
Views
773
xl97
xl97
ArcSpectator
Question In order to sell an item(prop, etc), what exactly is required in this site do so?
Replies
5
Views
1,086
Jintosh
Jintosh
BorgHive
Wow rpf turned into massive ad site
2
Replies
38
Views
3,696
justinrowan
J
Back
Top