PDA

View Full Version : Very SERIOUS warning for gun shops and owners


jemaddux
12-18-2006, 7:40 PM
I don't know if anyone noticed or not but I haven't been really replying to much, well its because I haven't really had a computer or email.

I got an email asking me to check a website to see if this firearm was legal. I clicked on the link and it brought me to a website that transfered a virus to my computer. Now I keep getting window pop up after window pop up jaming everthing up. I tried finding the email that I got and it was deleted so I can't help you out on who is came from. If you get an email just pay attention and see if its someone you know or not. This email didn't have a name in the body of the email, it just asked me to take a look at the site to see if it was legal.:mad:

So if I don't respond to a few of you this is why. I am not getting emails right now and I am trying to recover everything.

SemiAutoSam
12-18-2006, 7:51 PM
Yikes sorry to hear this James. Time to reinstall your OS ? and or what virus prg are you running ?

xenophobe
12-18-2006, 7:55 PM
All the programs I list below, with the exception of Registry Doctor are FREE

Do you know what to do?

Download and run AVG antivirus, Spybot S&D, then Adaware...

http://free.grisoft.com
http://www.spybot.info
http://lavasoft.de

If it tells you that you have a worm, trojan or virus, and fixes the problem, you're done. If the problem isn't handled by these programs, or if it comes back after the next reboot, search google to find the removal instructions...

IF those don't find or fix the problem...

Advanced malware scanning:

EDIT: At this point, run a registry diagnostic/repair program. I've found Registry Doctor to be by far the best. If you don't have one or don't want to pay for one, then you can skip this step...

Do a cleanup:
http://www.stevengould.org/software/cleanup/index.html cleanup!

Run Hijack this and check for discrepancies:
http://www.spywareinfo.com/~merijn/programs.php#hijackthis

Run Rootkit Revealer (which was recently purchased by microsoft... ugh :( ):
http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx

And between the Hijack this log and the rootkit revealer, you should be able to find any hidden malware and figure out what it is.... stuff at this level can be difficult to determine, even though you can see that something is there, finding out what it is and how to remove it can be very difficult.

At this point, it would be a good idea to back up your main system drive and then defragment your drives.

Hope that helps.

metalhead357
12-18-2006, 8:04 PM
What Xeno said- but I like Avast.

Also DISCONNECT from the net until you get the thing taken care of....no chance of a leech sucking info out onto the net with your info.

WHAT WAS THE E-Heading??????????(header info)

Kestryll
12-18-2006, 8:11 PM
Sorry to hear that James, virus writers should be flogged.

This one is a bit pertinent to us all so we'll give it a few days at the top.

jemaddux
12-18-2006, 9:43 PM
Sorry to hear that James, virus writers should be flogged.

This one is a bit pertinent to us all so we'll give it a few days at the top.


Thanks everyone. This is just TOTAL BS. My wife and I have been working on this for days. I have way to much information on the computer to just redo everything. I got a few emails before asking about prices on scopes out of Singapore and this is also bringing up a company "Driveclear Inc" which is also out of Singapore. This is going to take a while to get everything up and going on this computer again. I think what I need to do is get one computer for business and another for screwing around with both having a back up of each other:mad: . I would love to meet someone that does this stuff.

xenophobe
12-19-2006, 2:10 AM
Thanks everyone. This is just TOTAL BS. My wife and I have been working on this for days. I have way to much information on the computer to just redo everything. I got a few emails before asking about prices on scopes out of Singapore and this is also bringing up a company "Driveclear Inc" which is also out of Singapore. This is going to take a while to get everything up and going on this computer again. I think what I need to do is get one computer for business and another for screwing around with both having a back up of each other:mad: . I would love to meet someone that does this stuff.

Burn all essential documents to a DVD or CD and then follow the steps I outlined above.

It shouldn't take more than two hours to download and run everything. Run the virus scan and advertisement/malicious software scanners first. 95% or more of stuff will be caught with the combination of the three that I mention. Any of them should be able to tell if you are infected, though may not be able to clean some of the more pesky malware.

If the malware is detected and removed and comes back after the next reboot, or nothing is detected and you still have noticeable problems, go onto my second set of instructions.

Clean your system with CleanUp! and then run HijackThis! CleanUp will remove a bunch of junk that HijackThis! might notice making it easier to read the Hijack log. Run Rootkit Revealer. Whatever you have WILL be detected at this point, but may not be directly identifiable.

There are other tools available to detect programs, and some of them work just fine. Use your own judgement. I've listed what are generally considered the best products, and best of all they're free. I do have a repair CD that I've created, but many of the applications I haven't mentioned are purely for checking diagnostic and modifying systemic functions, and won't really help do much, but could easily make your system unstable, so I won't mention them.

BTW, Norton, McAfee and a bunch of other 'bundled' system tools are relatively worthless when it comes to more advanced malicious software.

If you need help feel free to PM me at any time and I'll get back to you ASAP.



After you've cleaned your system of malware, I would highly suggest purchasing a drive imaging program like Norton Ghost, Acronis True Image or some other backup software, use or buy a second internal drive to use as the host for the backup (and any other essential files on your main system C: drive) and an external drive. Have it set to do an automatic full system (c) drive backup once a week. Every month or so back that copy to an external.

Yes, I follow all my advice to the letter and provide support to others. I've an AS in Systems Administration, even though most of my training is WAY out of date, I do know how to keep a mission critical system sterile and running.

metalhead357
12-20-2006, 11:48 PM
Isn't anyone else the least bit suspicious as to where this came from:

"I got an email asking me to check a website to see if this firearm was legal."

I get all kinds of spam, but none asking me these kind of questions (but lots of questions about my manhood...)

This seems like a targeted attack to me. And no, I don't have a tin-foil hat. Never even seen real tin-foil, but I did play with lead foil in 7th grade science when we made batteries.....:eek:

Thats why I was asking specifically about the header~ they may have spoofed the ip but then again they may not have and we could get an idea of whether its from overseas, here at home and any other tags that might prevent this from happening again.

But ya' know....I think I'd be up to 4588439344358 BILLION dollars by now if I helped all those long lost relatives and thier money transfer problems in Nigeria:rolleyes:

VeryCoolCat
12-22-2006, 1:15 PM
Well first I'm going to ask why you were not using firefox when accessing your email... and the virus probably was a jpeg based virus with a .vbs script instead of standard jpg.

Probably named AK15.JPG.VBS

This seems like it was a directed attack on you... not for gain but for fun. You probably pissed off a customer...

Well... consider downloading the program STARTER

http://members.lycos.co.uk/codestuff/

It is a very simple program thats a step higher than hijack this and will help you MANUALLY remove viruses, spyware, adware, etc.

Though you need to have way above average computer knowledge.


I don't know know if gramaton could work this... as hes a unix admin... this program requires extensive knowledge of windows systems and practically every program based on windows.

Tzvia
12-23-2006, 6:06 PM
There is one thing anybody with a Windows XP/2000 computer can do that stops a lot of viruses like this. When you click on something that executes vb script, for example, it runs under your user account. Now if that user account (what you are logging on to the computer with) has admin rights on the computer, that vb script/virus/trojan/whatever has admin rights on your computer. It can download, execute, install, alter the registry, delete, or whatever it wants because it is 'you' and you are admin. Never surf the web or read emails with an admin account. Create a regular user account with read and execute (but without write access to your drives) and use that.

I use a regular user account all the time. I never log in with an admin account. If I need to save something, I do so to 'My Documents' or to special directories I setup where that user account has write/modify access. Even for games, I give my user account modify rights to the INI/CFG files (so I can change game settings), and the savegame file/directory only. The rest of the drive (including system files) only has read or read/execute. Yes it took time to set up my drives and directories, but I have never had a virus or anything else, even though I have been online a long time. (I had a Compuserve account back in '89, before the public 'internet').

jmlivingston
12-23-2006, 7:23 PM
I think what I need to do is get one computer for business and another for screwing around with both having a back up of each other:mad: .

Rather than purchasing another PC for this, you might consider using a VMware player or Microsoft Virtual PC. These two programs let you simulate a second computer in software, totally isolated from all the "real" software and data on your PC. It's kinda cool stuff actually, but a bit more sophisticated tech stuff than the typical home user is used too. If you're up to the challenge it might be worth pursuing.

John

azn_wrx
12-24-2006, 3:18 PM
You could go the cheap route and either assemble a computer yourself or see if anyone is willing to assemble one for you. It's really basic electronic knowledge. It only gets complex if you decide to try and get more performance out of your system set up. Good luck with trying to get back to normal

xenophobe
12-24-2006, 3:46 PM
Well... consider downloading the program STARTER

http://members.lycos.co.uk/codestuff/

It is a very simple program thats a step higher than hijack this and will help you MANUALLY remove viruses, spyware, adware, etc.

That is a nice utility, but it's not really a step higher than hijack this. Hijack this is a diagnostic utility, this is a startup manager viewer. Starter is just a user friendly program that basically replicates what services.msc + task manager already do.

Safer Networking (who makes Spybot S&D) has a program called RunAlyzer that does a much better job of reading the registry for startup and run items than Starter...

http://www.safer-networking.org/en/runalyzer/index.html

grammaton76
12-25-2006, 1:16 AM
My advice is... run a Linux (or, for that matter, a Mac) strictly for email and web browsing.

Doing so will practically guarantee that whatever virii come your way, won't be operable on your system. If your system can't/won't RUN vbscript, then clearly it can't be infected by it. :)

Do your simple web stuff on a simple, web system... all your dedicated FFL-related software (and, uh, games) can be kept on a seperate box that doesn't ever receive email, and never sees a clicked link.

TheDM
12-28-2006, 3:42 AM
Okay, so we all buy weapons for fun and the unknown eventual outcome of civilization. Keep in mind I don't work for any vendor, I've just been working in IT forever. If your armed against man for safety, you should also be armed against kids that write viri.

Most of the suggestions presented are very valid, Programs such as Spybot, Spyware blaster, Use Firefox instead of IE, are all good. As well as performing daily functions as a user rather than a local administrator But configuring them correctly to be the most safe is not something you can just do without knowing what your doing.

To "Arm yourself" you should run a business grade firewall, something like this:
http://www.checkpoint.com/products/safe@office/index_wired.html

At the very minium, one of the cheapy Linksys Firewall/router's, which isn't much of a firewall at all, and wouldn't have protected you in the situation that occured, but locking down your Browser settings may have.

My advice, is to listen to pretty much all the advise, with one more extension of PC Security weapons. We've all been taught by someone, the best way to shoot, hire a competent IT Security guy for a few hours and let him instruct you on your options for the risks that you have experienced. And then, listen to him. Alot of folks think this level of professionalism in their IT infrastructure is an uncessary expense, and unecessarily expensive. But think of the cash value of having your computer up for business, every hour it's down, you can loose money, every archived contact, document, email, accounting records, can all do the thing that costs the most, loose past customers, and keep you from finding new ones.

Bottom line, take your business network as seriously as you do shooting, hire a professional, spend a little cash on security, the computer is a tool, just like a weapon is a tool, it must be properly cleaned, configured, and all the goodies setup properly and education provided to make it the most useful version of that tool that you can aquire.

This is the goal, how one reaches it, is not as simple, because in my opinion, 70% of all IT staff are for the most part, incompetent, because companies are cheap, they would rather hire 5 kids at 25k a year who want to do it, than one seriously experienced individual and a junior, who together, will knock your socks off, because they don't comprehend the value in the long run.

But I digress.

maxicon
12-29-2006, 8:57 PM
All the programs I list below, with the exception of Registry Doctor are FREE

Do you know what to do?

Download and run AVG antivirus, Spybot S&D, then Adaware...

http://free.grisoft.com
http://www.spybot.info
http://lavasoft.de


I'll second these recommendations. I do a lot of support for friends, and I put these on everyone's PC, and run them on all my own as well. MS Defender is worth installing as well - it's a free download from microsoft.

I'd also strongly second Xeno's later recommendation for backup software, and highly recommend Acronis True Image, which you can get from www.newegg.com for $25 shipped. That and a $100 250GB USB drive will allow you to back up everything quickly, easily, and automatically, allowing you to return a crashed HD to normal operation within an hour of replacing it.

True Image is a must-have if you have anything on your PC that you'd hate to lose forever - family photos, emails, schoolwork, whatever. I use it all the time, and it's saved me countless hours in support over the last few years and pulled the fat out of the fire more times than I can tell.

It pays for itself the first time you need it.

tenpercentfirearms
12-30-2006, 7:47 AM
BACK UP DAILY!

I currently back up my work operations onto another work laptop and also my own laptop. Then I come home and back up my own laptop to my desktop and then back up my desktop to my wife's desktop. So basically my work operations are on 5 separate computers in two to three different locations. If any one of them gets a horrible virus and I have to start clean, I have no qualms about it and it won't cost me but maybe a few hours of transfering data back over.

DedEye
01-07-2007, 11:40 PM
I would love to meet someone that does this stuff.

Hi :waves: How you doing? :D

Sorry to hear about your computer trouble, but as for your quoted statement, I happen to do computer consulting and system building/repair. A friend and I are actually starting a business here in Santa Barbara doing it, and I'd been doing it for a couple years back home before coming here for school.

Long story short, I can help you if you want. PM me and we can try and set something up and I can give you as much advise as you need.

five.five-six
01-07-2007, 11:46 PM
Isn't anyone else the least bit suspicious as to where this came from:

"I got an email asking me to check a website to see if this firearm was legal."



I have my suspicions and here is a hint:
















http://img221.imageshack.us/img221/4918/bradybunchjv6.jpg

zefflyn
01-09-2007, 7:35 PM
I got an email asking me to check a website to see if this firearm was legal. I clicked on the link and it brought me to a website that transfered a virus to my computer. Now I keep getting window pop up after window pop up jaming everthing up. I tried finding the email that I got and it was deleted so I can't help you out on who is came from. If you get an email just pay attention and see if its someone you know or not.

Remember - you're most likely to get e-mail from spammers and people you know. The virus could have e-mailed itself out to everyone YOU know before trashing your system, and then all your acquaintances would receive the same link you did, and trustingly click it.

highspeed11
01-11-2007, 9:45 PM
I have my suspicions and here is a hint:
















http://img221.imageshack.us/img221/4918/bradybunchjv6.jpg
Okay, that made me laugh. :D