Why you keep getting fake antivirus warnings

[Papa_Complex]

It's called "Google Image Poisoning", and it's pretty damned widespread. I've been dealing with up to 10 of these damned things, per week, with an average of about 6.

http://isc.sans.edu/diary/More+on+Go...oisoning/10822

So stop doing Google Image searches for porn and you'll be OK.

[Flexin]

Quote:

Originally Posted by Papa_Complex

It's called "Google Image Poisoning", and it's pretty damned widespread. I've been dealing with up to 10 of these damned things, per week, with an average of about 6.

http://isc.sans.edu/diary/More+on+Go...oisoning/10822

So stop doing Google Image searches for porn and you'll be OK.

Ok I was with you to I read Stop and Porn. So your saying get off the internet?

James

[Papa_Complex]

Quote:

Originally Posted by Flexin

Ok I was with you to I read Stop and Porn. So your saying get off the internet?

James

Stop doing Google IMAGE searches for porn. Use text searches.

[Flexin]

Quote:

Originally Posted by Papa_Complex

Stop doing Google IMAGE searches for porn. Use text searches.

Yeah I know how back the google images can be.

James

[njchopper87]

NoScript ftw!

[Particle Man]

Quote:

Originally Posted by Flexin

Ok I was with you to I read Stop and Porn. So your saying get off the internet?

James

[Porkchop]

I deal with a couple of these a year. Most of them are easy to get rid of, but every so often one can be a little bitch. The one I got most recently from the Tosh.0 link from a thread in here was a monster.

[Papa_Complex]

Quote:

Originally Posted by Porkchop

I deal with a couple of these a year. Most of them are easy to get rid of, but every so often one can be a little bitch. The one I got most recently from the Tosh.0 link from a thread in here was a monster.

I've worked on maybe a dozen different flavours, of this thing, and you simply can't reliably recover from some of them.

[dubbs]

Quote:

Originally Posted by Papa_Complex

I've worked on maybe a dozen different flavours, of this thing, and you simply can't reliably recover from some of them.

They're all pretty easy and just sit in the user's profile or the all users folder..

I can't even count how many I've gotten rid of maybe 50+.. shouldn't take longer than 20 mins to get rid of it even with roaming profiles with the virus files getting in multiple places..

I'm actually surprised how easy these new forms of virus/spyware are to get rid of, it's actually making my job a lot easier. Seems like they're getting lazy..

[Papa_Complex]

Quote:

Originally Posted by dubbs

They're all pretty easy and just sit in the user's profile or the all users folder..

I can't even count how many I've gotten rid of maybe 50+.. shouldn't take longer than 20 mins to get rid of it even with roaming profiles with the virus files getting in multiple places..

I'm actually surprised how easy these new forms of virus/spyware are to get rid of, it's actually making my job a lot easier. Seems like they're getting lazy..

Then you haven't seen a fraction of the stuff that i have. This thing has been coming down various forms, for the last year and a half. I've been doing no less than 4 of them, per week, over that time period and as many as a dozen. If you're cleaning it up in 20 minutes, then you're leaving some of it behind.

It lives in program files, user temp, internet temp, windows temp, all users appdata, system32, recycle bin, system dir, it's own directory under system dir, windows restore, the Java applets store, HCCR\exefile, HCLM\Software\Microsoft\WindowsNT\Winlogon, and I've seen as many as 32 separate entries in the Tasks list all set to reinfect the system, on a schedule. None of that includes the rootkits that they've pushed up, after the system was infected.