This is a mobile optimized page that loads fast, if you want to load the real page, click this text.

Computer Virus Help!

Jump to new
Hackers exploiting Flash Player zero-day bug
Details skimpy, but in-the-wild attacks taking place, say researchers
Gregg Keizer (Computerworld) 28/05/2008 08:47:06


Attackers are exploiting an unpatched bug in Adobe System's popular Flash Player, security researchers warned Tuesday.

The bug, which is in the most up-to-date version of Flash, was reported by researchers at the SAN Institute's Internet Storm Center and by others from Symantec.

"Adobe Flash Player is prone to an unspecified remote code-execution vulnerability," Symantec said in a warning posted to its SecurityFocus site. "An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

"Symantec has observed that this issue is being actively exploited in the wild," the company added.

The last serious Flash vulnerability fixed by Adobe was patched last month. That bug was used in late March by a hacker to take down a laptop running Windows Vista and claim a US$5,000 prize in a contest sponsored by 3Com's TippingPoint security company.

According to Symantec, Flash Player 9.0.124.0 -- the version currently available for download from the Adobe site -- is vulnerable to attack. Flash is used by a huge number of Web sites, including YouTube, to display multimedia content.

Adobe officials were not immediately available for comment.
 
Safari flaw worse than first thought, Microsoft warns
Microsoft is warning that a recently reported Safari browser attack can be combined with another Windows flaw to run unauthorized code
Robert McMillan (IDG News Service) 02/06/2008 07:46:10


Microsoft is warning that a previously disclosed flaw in Apple's Safari browser could have dire consequences for Windows users.

The Safari bug, originally disclosed on May 15 by security researcher Nitesh Dhanjani, allows attackers to litter a victim's desktop with executable files, an attack known as "carpet bombing."

It turns out that if this flaw is exploited in combination with a second unpatched bug in Internet Explorer, attackers can run unauthorized software on a victim's computer, according to Aviv Raff, a security researcher. Raff says he originally reported the IE flaw to Microsoft more than a year ago, and then told them about how it could be combined with the carpet bombing bug just over a week ago.

IDG News Service tested Raff's demonstration attack code, which runs Windows Calculator on a victim's system. For the attack to work, a victim must first visit a maliciously crafted Web page with the Safari browser, which in turn will trigger the carpet bombing attack and exploit the IE flaw.

Both the Safari and IE bugs "are moderate vulnerabilities that, combined, produce a critical flaw, which allows remote code execution," Raff said in an instant message interview.

Microsoft is taking the issue seriously. It released a security advisory on the problem late Friday, a sign that it may be working on a patch for the IE flaw. The advisory says that the vulnerability has to do with the way Windows handles desktop executables and recommends that Windows users "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple."

The attack reportedly affects all versions of Windows XP and Vista, Microsoft said.

Apple may not be rushing out to patch this bug, however. Dhanjani says that Apple has told him that it is not treating the Safari bug as a security issue, a response that has generated criticism from the security community. Last week, for example, the consumer advocacy group Stopbadaware.org urged Apple to reconsider this stance.

According to Raff, unless Apple patches the bug, more attacks like the one he found in IE are likely to pop up. "This is not the only issue that can be combined with the Safari vulnerability," he said. "If Microsoft fixes this, Safari users will still be vulnerable."

Apple didn't immediately respond to a request for comment.
 
What some people do is just download every free anti-virus, spywares, adwares you can find and use all of them to scan your computer.

If all else fails, you can always reformat it.

I'm currently using Free AVG, Spybot (registered) and Ad-aware and never seem to have a problem. *touchwood*
 
Storm storms back with pr0n scam
8 million messages in 24 hours try to trick users into installing bot
Gregg Keizer (Network World) 23/06/2008 08:39:45

Security researchers Friday warned of a new, massive spam campaign that tries to convince users to install the long-running Storm bot Trojan on their PCs.

The new spam blitz is difficult to characterize, said researchers from MX Logic and F-Secure, because of the nearly 40 different subject heads used by the spammers. "We've seen subjects talking about everything from 'White House hit by lightning, catches fire' to 'Italy knocked out of Euro 2008' and 'Nokia unveils revolutionary new phone design'," said an F-Secure researcher in a post to his company's blog Friday.

F-Secure has posted a text-only listing{Subject headings of the subject headings its researchers have seen in the wild. Among the more outrageous: "Statue of Liberty struck by lightning, catches fire," "Obama quits presidential race," and "Man wakes up from 40 year coma."

No matter what the subject headings used, all the spam includes a link to a fake version of the pornographic YouTube-lookalike PornTube.com. According to McAfee researchers, the phony site is hosted on multiple compromised legitimate servers.

Once the user's browser reaches the spoofed site, a pop-up warns that an ActiveX control must be installed to watch the pr0n videos. The control is, not surprisingly, nothing of the kind, but is instead a variation of the Storm Trojan.

The size of the spam run is staggering, said MX Logic in an e-mail alert Friday morning. "The MX Logic Threat Operations Center reports that it has received over 8 million of these messages, accounting for over 85% of its worm traffic over the past 24 hours," said the warning.

Storm, an often-revised Trojan horse, is designed to hijack Windows PCs and add them to a collection of compromised computers, or botnet, which in turn is used by hackers and spammers to distribute more malware or scams. Earlier this year, researchers had said the Storm-based botnet was in decline, while Microsoft crowed that the malware search-and-destroy tool it distributes to Windows users each month had eradicated so many of the bots that its controllers threw in the towel.
 
l lost everything last week.
Was running NOD32, until 1 got through! 5 came at once and Nod only caught 4 of 'em.
Switched to Kaspersky now. Oh well, life must go on.
Got the message that restore points are very helpful as l hadn't done one since last year.
Bugger.
Anyone have any good backup programs?
 
DB008 said:
Got the message that restore points are very helpful as l hadn't done one since last year.
Click to expand...

Danny - might be a dumb question but Windows XP creates restore points on my PC each day automatically, why didn't this happen for you? I ask because in case I am missing something and don't want to have whant just happened to you happen to me!
 
guess l don't have restore points set up automatically.
 
Ok - thanks Danny. I have used the restore points in the past, lifesavers.....
 

I have to agree on that, restore points is by far one of the most usefull feature on windows xp up, save me a couple of times to from dodgy progs.

I think an external drive is better option for backup than a program , I backup data weekly cause you never now.
good luck hope you got most of your data back.
 
Yeah, l have an external. Saved me heaps. So cheap nowdays anyone who hasn't got one is sort of asking for trouble IMO. If you cant afford say $200, well....

Did lose a little bit of data but overall it wasn't to bad.
In the end l think it was a blessing in disguise (if u can believe that). Cleaned up alot of crap that l had on the laptop and wasn't using.

I was using Ad-aware, AVG free and Spybot S&D. Ad-aware is usless and Spybot was also starting to create more problems than it was worth, wouldn't allow google.com.au to be my homepage, to suspicious for some reason?!?
After all that, l just settled on Kaspersky. Very happy so far. I also scanned my dad's external 320gb and found 19 tojans that Norton missed.
 

thats good to hear Danny, nowadays I think its best to use a combination of at least 2 Antivirus program. Here's what I do one pc for trading and personal stuff, and another pc for games,music and other downloads not a perfect system but its been good so far.
I use AVG and ClamWin open source, I have personally stopped using Spybot S&D for a few years now, it used to be a good little program until they included all that crap extras that made it unstable.
 
Here's a new one for the gurus,

my web based hotmail account just sent a spam mail to everyone in my address book (apologies to members here who are in my list). How do i remove it as it seems to be web-based, not actually in my PC. I have run a malware scan and virus (AVG) scan

Help very muchly appreciated
 

Seems like your hotmail password has been compromised, you may have signed in to a phishing website pretending to be hotmail (net based) or a keylogger has stolen ur details. (your comp based)
Change your password and see if it still gives you any trouble.
I think there was a news article a few weeks ago about how lots of hotmail account info were sold...

good luck
 

Prawn,

Create a bogus address and add it to your address book. If your account is hacked or your PC has a keylogger on it you will get notification of a failed to send. That way you will know that your e-mail has had unauthorised access.

Relying on Avg alone is not good mitigation.

I have recently been seriously infected on my surfing machine which I was totally shocked about.
 

Change your password to something much more complex (no english or recognisable words, mixed case, + numbers and special characters, at least 8 characters in length).

There's been a spate of Hotmail and Gmail account compromises (including one of mine ) that had easily guessable or stolen passwords.

m.
 
My password was already 14 characters long... But i have changed it now
 
Can anyone help me guys?? Concerned I've lost my HDD - is there anything I can do to salvage this? Can't make heads or tails of the information from what I've found on Google so far. Error messages below! Thanks!
 
You must log in or register to reply here.

Similar threads

Computer virus...dammit
3 4 5
Replies
90
Views
15K
Logique
Computer Question
2
Replies
24
Views
5K
sptrawler
Computer Problem - Can Anyone Help?
2
Replies
33
Views
8K
MrBurns
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more...