Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Windows 64bit > Desktop destructive virus

Reply
Thread Tools

Desktop destructive virus

 
 
Skybuck Flying
Guest
Posts: n/a
 
      05-02-2011
Hello,

I was surfing the web with a pretty recent IE8 browser. (Windows XP x64 Pro
SP2)

And I googled the following:

crossfpc

This then shows a result with the title:

CrossFPC : Helpers wanted - 7:30am

I clicked on it... then my harddrive started to spindle etc.

My system ended up being infected with "Windows Recovery" virus.

This is a pretty "desktop" destructive virus.

All my shortlinks got deleted.

I had many short links in my program start menu so this is a pretty nasty
situation.

(I unhided all files but they seem really gone).

Also

I cannot copy & paste to my desktop which is really annoying ?!?

The right click pop-up menu is not there ?!?

How do I get it back ?


My advice to Microsoft is the following:


Make your Internet Explorer download every webpage on the face of the
planet, then let it run for a few seconds.

That will surely infect your systems and then you can go fix your software.


Bye,
Skybuck.




 
Reply With Quote
 
 
 
 
Jeff Gaines
Guest
Posts: n/a
 
      05-02-2011
On 02/05/2011 in message
<3ddcd$4dbe7d23$54192bf7$(E-Mail Removed)1.nb.ho me.nl> Skybuck Flying
wrote:

>I clicked on it... then my harddrive started to spindle etc.


Why on earth did you do that? No programmer can protect idiots from
themselves.

--
Jeff Gaines Wiltshire UK
All those who believe in psychokinesis raise my hand.
 
Reply With Quote
 
 
 
 
Paul
Guest
Posts: n/a
 
      05-02-2011
Skybuck Flying wrote:
> Hello,
>
> I was surfing the web with a pretty recent IE8 browser. (Windows XP x64 Pro
> SP2)
>
> And I googled the following:
>
> crossfpc
>
> This then shows a result with the title:
>
> CrossFPC : Helpers wanted - 7:30am
>
> I clicked on it... then my harddrive started to spindle etc.
>
> My system ended up being infected with "Windows Recovery" virus.
>
> This is a pretty "desktop" destructive virus.
>
> All my shortlinks got deleted.
>
> I had many short links in my program start menu so this is a pretty nasty
> situation.
>
> (I unhided all files but they seem really gone).
>
> Also
>
> I cannot copy & paste to my desktop which is really annoying ?!?
>
> The right click pop-up menu is not there ?!?
>
> How do I get it back ?
>
>
> My advice to Microsoft is the following:
>
>
> Make your Internet Explorer download every webpage on the face of the
> planet, then let it run for a few seconds.
>
> That will surely infect your systems and then you can go fix your software.
>
>
> Bye,
> Skybuck.


This writeup was done Mar.23, 2011. Check to see whether this matches your
symptoms or not. It might not be the same infector. The section at the
bottom, shows what gets changed. I also find it interesting, that
to fix this one, you have to run a program called "unhide.exe", because
apparently the malware attempts to hide your files. I've heard of
worse though, like the malware that encrypts all your files, and
asks for $200 ransom to get them back.

http://www.bleepingcomputer.com/viru...ndows-recovery

Paul

 
Reply With Quote
 
Robert Carnegie
Guest
Posts: n/a
 
      05-02-2011
On May 2, 10:48*am, Alias <(E-Mail Removed).ˇnvalˇd> wrote:
> On 05/02/2011 11:45 AM, Skybuck Flying wrote:
>
> > I was surfing the web with a pretty recent IE8 browser. (Windows XP x64Pro
> > SP2)

>
> Now you know you should be up-to-date. SP2 is no longer supported.
>
> That said, get SuperAntiSpyware and MalwareBytes to get rid of your
> problem. Once clean, install SP already.


I don't know what patches aren't compatible with SP2 (unsupported*
since last July) versus SP3, but that isn't the point. You do need to
make your software current, which at the moment is free. (Except for
your present problem.) But even then you have vulnerabilities in the
software, probably. You just have to hope that bad people haven't
worked out how to crack them yet. Sometimes they have.

Otherwise, and you probably already know the rest of what I'm going to
say, you probably had to click more than one "Are you sure?"-type
prompt in order to get invaded, or to disable some such prompt from
appearing again, in which case, shame on you. I'm sorry but it's
true.

It's prudent to stick to familiar and well-run web sites, but note
that when sites show advertising and make a modest amount of money
from it, they're vulnerable to evil content being slipped in wherever
the advertising comes from. This probably wouldn't be intentionally
done by the advertising provider either, but an attack on them.

Also either maintain Adobe Flash, Adobe Reader, and Java up to date,
or un-install them, or detach them from the browser. (Flash is
installed separately for Internet Explorer and for Most Other
Browsers.) If you think other competing products are more secure:
why?

Consider using an alternative web browser that is less often attacked
and that may be more secure, but bear in mind that all are vulnerable,
and some also have incompatibilities. I'm typing this in Google
Groups with Opera, which I'm finding an imperfect relationship. The
Opera browser in particular has a nice feature of allowing you to set
it to load web pages without graphics, multimedia, /or/ script
content, and then to load at least the graphics at a single
keystroke. If you browse mainly for reading, this saves time, and
annoys advertisers, probably. If you aren't seeing ads, then you
aren't paying for the ad-supported services you use. Well, you're
probably too sneaky to buy something just because there was an advert,
anyway. And to confirm, Opera in previous versions has had several
update releases that were due to security faults in the program.

I just now tried to search up "stay safe online" to see if someone has
published a comprehensive guide to online security, not to hand out
your personal information and so forth, but, upon reflection, that's
just the sort of document that would be either compromised or faked by
people interested in acting against your interest. So, tricky.

* <http://windows.microsoft.com/en-us/windows/products/lifecycle>
 
Reply With Quote
 
Skybuck
Guest
Posts: n/a
 
      05-03-2011
On May 2, 5:48*am, Alias <(E-Mail Removed).ˇnvalˇd> wrote:
> On 05/02/2011 11:45 AM, Skybuck Flying wrote:
>
> > I was surfing the web with a pretty recent IE8 browser. (Windows XP x64Pro
> > SP2)

>
> Now you know you should be up-to-date. SP2 is no longer supported.
>
> That said, get SuperAntiSpyware and MalwareBytes to get rid of your
> problem. Once clean, install SP already.
>
> --
> Alias


Serive Pack 3 for XP x64 Pro does not exist ?!
 
Reply With Quote
 
Skybuck
Guest
Posts: n/a
 
      05-03-2011
On May 2, 5:45*am, "Skybuck Flying" <(E-Mail Removed)> wrote:
> Hello,
>
> I was surfing the web with a pretty recent IE8 browser. (Windows XP x64 Pro
> SP2)
>
> And I googled the following:
>
> crossfpc
>
> This then shows a result with the title:
>
> CrossFPC : Helpers wanted - 7:30am
>
> I clicked on it... then my harddrive started to spindle etc.
>
> My system ended up being infected with "Windows Recovery"virus.
>
> This is a pretty "desktop"destructivevirus.
>
> All my shortlinks got deleted.
>
> I had many short links in my program start menu so this is a pretty nasty
> situation.
>
> (I unhided all files but they seem really gone).
>
> Also
>
> I cannot copy & paste to mydesktopwhich is really annoying ?!?
>
> The right click pop-up menu is not there ?!?
>
> How do I get it back ?
>
> My advice to Microsoft is the following:
>
> Make your Internet Explorer download every webpage on the face of the
> planet, then let it run for a few seconds.
>
> That will surely infect your systems and then you can go fix your software.
>
> Bye,
> * Skybuck.


They day this happened is the day Osama Bin Laden died !

Anyway...

I have backed up my most important data.

Apperently the C: harddisk is failing.

Checkdisk says:

"File record segment is unreadable".

13 times each time is about 650 KB.

Either the virus caused this or my harddisk is indeed failing
according to others this could be the symptoms of it.

The failure could be caused by me hitting the table, or cleaning the
dust filters why PC is on and moving harddisks while they are on.

It could also be vacuum cleaner against it which I did recently.

Another theory could be Creative Labs X-Fi Sounderblaster driver
which hangs my system on shutdown, I them use reset button to reboot
or power button to force a power off.

Perhaps this causes the harddisk head to crash against the plates.

Chkdsk was unable to fix the file system, it proceeded to reboot
endlessly and perform endless checks.

I did not find the event log in the event viewer.

I am just glad that my most important data was not lost.

In a way this virus infection could be a blessing, at least now I got
a warning that my system is about to die and crash.

However I am not happy with Internet Explorer infecting one of my
systems for the third time already !

My system and browser is pretty up to date as far as I know, probably
something like a few weeks up to date at least. Maybe even a few days
up to date.

Therefore IE8 has big security hole and risks.

I'm thinking about installing windows 7. I happened to order two new
harddisks so I could use those.

However I am also thinking about a new solution, perhaps: network
attached storage in the future.

At least that way the harddisk should be out of harms way which is
me

No more PC under table, No more PC on table, No more harddisks around
me is probably better.

Another option would be the place entire PC case far away but that
might not work because of too short cables.

The only thing that sucks is losing an entire system like this... at
least losing the icons in the start menu is still very shitty for
historical/nostalgia reasons.

Even if I back it up now, the damage is down, no more perfectly
functioning system... at least I get a chance to backup all of this
for historical purposes.

Perhaps I will try to do so via a simple disk image or so, and store
it for the time being. Perhaps later I might give tape streamer a try
or something else.

For now I am planning to keep this harddisk alive and try to transfer
files as soon as possible to new harddisk like said above.

Anyway it's interesting to see what I used to use in the past so
that's why I would like to keep it it's fun.

I also tried to use an undelete tool to see if anything could be
undeleted but this wasn't so.

I wish IE would run inside a virtual machine, at least then it would
be more safe...

The fact that IE simply was able to install executables/virus on my
system is pretty ridicilous.

I'm not sure if I am going to like Windows Seven... but I guess I have
little choice, other operating systems probably much worse in many
ways...

Though if I really don't like it I might just be crazy enough to
switch to something else... Ubuntu or other Linux comes to mind or
perhaps Mac Os X.

However the problem is probably not with the operating system it's
with the browser... though the operating system is also pretty
vunerable.

It could have been much worse, this is a sign of things to come in the
future.
 
Reply With Quote
 
Skybuck
Guest
Posts: n/a
 
      05-03-2011
All software on my system is fully up to date.

The virus slipped in via the web browser.

Therefore the web browser IE8 is insecure.

I did not click anything except a link, and then as the page loaded
the trouble started automatically.

If I felt I did anything wrong I would not write this message to the
newsgroup.

I write this message to the newsgroup to inform Microsoft that they
have a huge whole in IE8 and need to look at it and fix it if they
want to fix their already damaged reputation.

I have no firewalls and no virus scanners installed since then my
system would already be dead because of holes in such products.

Further details about me is: 17 years of PC experience so I am not
some noob who clicked on something like you questioned.

The only thing I did click on was a warning message near my tray that
my harddisk was failing.

By then the virus was probably already doing bad things, though this
could also have been a genuine warning of windows.

I was surprised by that and I think it was a fake warning but I am not
sure.

In case this product did manage to fool me then that is quite
remarkable and a warning to all.

Last but definetly not least:

This is not the first time that I have seen Internet Explorer fail big
time.

This is the third time that I have seen IE8 have a whole which leads
to fully automatic comprise of my systems without any action on my
part besides from visiting the page.

Ofcourse when I search via google I cannot know before hand if a
website is infected or not, therefore a webbrowser should be secure.

I no way can this damage/security failure be blamed on me.

There is only one company to blame in this regard/case and that is
Microsoft 100% sure.

I'm staying calm about it because I have become used to it... staying
calm is the best course of action... does not mean I have to like it.

However this is already the third time and you know what they say:

"Third time is a charm, or third time is ship law or whatever".

This is undermining my convidence in Microsoft software and especially
the browser.

However I know Firefox is practically the same, but perhaps I will
start using that to give it a chance, at least it might have less
functionality.

Your argument about IE8 being more compatible and having more
functionality is exactly the problem with IE8...

It supports so much crap it makes the attack surface larger.

I don't trust Chrome Browser because I don't trust spy company Google.

Safari is a bit to weird to me, isn't this evil Apple controlled by
now ?

Less choice for me... perhaps I will use the web a bit less.

Or perhaps I will try to install a windows firewall a little bit
better, perhaps that might help a bit.

Or perhaps I will try to run the webbrowser in some kind of virtual
machine to secure it from the rest of my computer.

I don't really want to do that because that will probably be very
inconvenient.

So I am kinda hoping Microsoft hears my plea and starts working on a
webbrowser that can easily work in a virtual machine, but can still
save files
to my desktop when I give it clear permission.

Perhaps windows seven is already better secured but I doubt it...

For now I will give windows seven a try, but then I risk falling into
Microsoft's deception that their next products are any better, while
this remains unproven.

Thus it could be make believe software at best: pretends to be more
secure/better while in reality it's not or even worse.

Time will tell.

Bye,
Skybuck.
 
Reply With Quote
 
Skybuck
Guest
Posts: n/a
 
      05-03-2011
I installed my two new harddisks and then I installed Windows 7
Ultimate x64 retail.

So I am now running Windows 7 !

I also installed Internet Explorer 9 for hopefully more secure and
perhaps more speed.

So far I have already noticed one bug in IE9 with selecting text in
this google edit window...

When holding shift and pressing page up it fails to select text upward
and instead it scroll down again in a cyclic fashion... pretty weird.
(Perhaps the wrong keyboard settings are used but I don't think so).

So far I am liking what I see.

I was also getting a bit fed up with Windows XP x64 edition and
Creative X-Fi Soundblaster drivers which were screwed up and buggy and
couldn't remove it.

Furthermore some new technologies require Windows 7. Now I get to play
with some of them.

I will probably buy a new DX11 graphics card so I can play with
Cuda... I am quite interested in that to see how that works out and if
it can be of some use to me. The 5 second kernel limitation is a bit
worrieing but can probably be dealt with

My first point of critique at IE9 is that ti's top bar does take a bit
of unnecessary space at the top... this could probably reduced
further. I guess it's an estatic thing... but I'd much rather have
more screen real estate so I will probably try to change that if
possible,
Perhaps I will also go back to vertical taskbar for more vertical
space.

I have plenty of horizontal space (1920) but little vertical space
(1200). (Screen resolution).

So far windows 7 automatically installed 3 updates during install
which was nice, now it's a bit more secure I guess... but this could
be deceiving so maybe I should go to windows update site soon...

However I have done enough for today me thinks so this will be done
tomorrow and then I also need to re-install many applications... but I
take it slowly... first the ones I really need and I will take it from
there...

My profile was also corrupted because of memory corruption some time
ago so a fresh/new start seems like a good thing... Hopefully I don't
get to regret windows 7 ! =)

It's a brave new world for me...

Maybe it will also bring out the best out of my DreamPC since it was
from 2006 and windows xp was from 2003.

So far Windows 7 seems to run real nice on my DreamPC2006 ! =D

Yeah baby ! =D

The remarkable/interesting/funny thing is that I always
"upgraded" (windows has "" issue's here but I know what that is need
to change that all my PC'' ('' also) to newer operating systems.

Example:

80486 dos to windows 95 (fresh install, for fun to see if 486 can run
windows and probably to get rid of messy dos and also necessity for
dial up)
pentium 166 windows 95 to windows 98 (upgrade and probably new install
too, probably pc screwed up too or dead harddisk)
pentium III 450 mhz windows 98 to windows xp (necessary because
somebody screwed my pc up, trojan/virus related)
AMD X2 3800+ windows xp to windows seven (virus related, harddisk
problem related, corruption related, unsafety related)

So end conclusion is:

All my upgrades were probably problem/technical related.

Kinda interesting.

Don't worry though, Microsoft didn't earn a buck from it =D

But maybe same story can be applied to others he might have spent a
buck on it ! =D

At least now Microsoft doesn't have to worry to much about "losing
market share".

Create some problems and people will convert, but again don't worry
about that... these problem will happen automatically, hardware
related usually, though with a little help of virus this time, but was
thinking about upgrading for a while now ! =D

One other little weird thing is that Microsoft Windows Seven failed to
use the second big new terrabyte drive... it probably first needs to
be formatted or there is some other weird problem going on.

So far it only detect 3 harddisk, but there are 4 inside.

(Had to use two screws per harddisk, me a bit ****ed at case
manufacturer for only delivering 8 screws for his case, cheapskate
prick, I payed 200+ euro's for this case, now I have to go find new
screws because 2 is not too safe and might cause vibrations. My mother
claims to have plenty of screws, later today at night I will go there
and have a looksy, but my hopes are low, usually it's bullshit, but my
Dad did have a store with many many screws lol... to bad he dead...
maybe he had some... but I guess not, those special screws for kitchen
and ****.)

For now I am wondering where to buy these screws, they are abour 3
millimeter thick but very long 4 to 5 centimers about 2 or 3 inches.

I also removed a bit of plastic from the inside of the case some kind
of air duct or fan mounting thingy for the antec 1200 case, not a big
deal but ok... maybe I should have removed that in the first place...
it might have caused unnecessary turbulence... I am glad that thing is
gone.. didn't need it.

I am also a bit annoyed at the guy he made a video about using sticky
tape to attach wires... My experience is now that using little bits of
tapes are not sufficient, it will let loose... it's better to use
large pieces... it gives more sticking power.

So this time I was a bit lazy/sloppy and didn't give a **** and just
used large pieces for more sticking power, and slammed the door like
it's a little bitch ! And sticking those wires with the fricking door
yeah baby ! =D

I should try to find out where I can buy tape like this... probably
not a big deal... I got this tape from my daddy and he said it's
expensive so I didn't want to use too much and be carefull with it...
but fok that

His tip is to wrap it in bag so it dont dry it... good tip... this
tape is already 5 years old hehe probably way old like 10 years or 20
who knows... but it's still working and sticky. I did remove some
tape here and there...

I also found out I did something stupid on accident.

I noticed I connected both power cords to the two older harddisks,
they have sata power and old power connectors, it's not recommended to
do that.. fortunately it probably didn't cause damage... but I can see
now how it's easy to miss this mistake.

So surprise surprise, Hitachi removed the old power connectors from
the new harddisks... I was a bit surprised by that and a bit worried,
but it's ok... fortunately the seasonic s12 power supply came with
enough power connectors to attach 4 harddisks... it actually uses 3
cable pairs because I wanted to spread the new harddisks out a little
bit for better airflow and less dust on top of them... I placed them
at the top of the front shafts so the cold air flows beneath them...
that's also where the chips are... and that's also where the graphics
card is located in the back so it is probably getting sufficient
airflow same goes for cpu so it seems very wise to do so.

(I was also a bit ****ed at a watermarker pen... I didn't know how to
open it... it was weird... three local cheap ones from supermarket...
I was turning the top which descrewed it... turns out I had to pull on
the top to reveal the writing pin... it was weird... I didn't notice
it at all, same fokking thing happened last time I wanted to use
them... and I totally forgot how to fokking use these pens/markers/
stifts.... but fortunately I found out... now my finger tops a bit
black but ok.. it's coming off already... so that was kinda funny. I
almost wanted to go back with them and sue the fricking store for
fraud... fortunately it was in the morning and I knew I had to be able
to use these pens somehow ?! =D Cause how the hell did I otherwise
write with them last time ?! =D Bit boring pen story, but gonna
write it down anyway).

I am also very glad I wrote my own file transfer tool in the past, it
has saved me many times now and was very usefull many times... so I
should definetly work on it some more and make it even better ! =D
Mostly so that other people can use it better as well... it's a bit
peculiar right now but ok. (It already has nice opengl support, and it
has 64 bit support for a while now but still unreleased )

But first I also want to work on some other stuff which is main reason
for upgrade and interest in new stuff. The file transfer tool can
wait, it's already good enough for my purposes and private use !
=D To bad for you guys though the public ! =D

As I type more and more text into this posting I am starting to notice
that IE9 is lagging !

This is not a good sign.... IE8 never did that ?! So this is already
the third issue that I found with IE9 in only a few minutes/one day.

Well enough for now, lot's of stuff in this posting.

Bye,
For now,
Skybuck.

Oh yeah one last thing:

I guess just like you Americans... and the rest of the world ! My PC
is no "liberated" just like you guys from Bin Laden... but just like
you guys I am starting to worry and fear LOL for the future ?! =D

Bad signs are already visibile in this lag ! LOL. But hopefully it's
just googles implementation.

Ok and now I am really "singin off" this posting.

Skybuck signing off !

Over and lag out ! =)






 
Reply With Quote
 
Robert Carnegie
Guest
Posts: n/a
 
      05-03-2011
On May 3, 10:53*am, Alias <(E-Mail Removed).ˇnvalˇd> wrote:
> On 05/03/2011 04:12 AM, Skybuck wrote:
>
> > On May 2, 5:48 am, Alias<(E-Mail Removed).ˇnvalˇd> *wrote:
> >> On 05/02/2011 11:45 AM, Skybuck Flying wrote:

>
> >>> I was surfing the web with a pretty recent IE8 browser. (Windows XP x64 Pro
> >>> SP2)

>
> >> Now you know you should be up-to-date. SP2 is no longer supported.

>
> >> That said, get SuperAntiSpyware and MalwareBytes to get rid of your
> >> problem. Once clean, install SP already.

>
> >> --
> >> Alias

>
> > Serive Pack 3 for XP x64 Pro does not exist ?!

>
> Sorry, I didn't know that.


1, does the "regular" service pack not work?

2, SP2 is /still/ not supported and that still could be your problem -
with a vulnerability that is only fixed on or after SP3.

There isn't much separation between Internet Explorer and Windows
itself, particularly but not exclusively with Windows XP. So Windows
flaws are Internet Explorer flaws, and vice versa.
 
Reply With Quote
 
Jeff Gaines
Guest
Posts: n/a
 
      05-03-2011
On 03/05/2011 in message
<(E-Mail Removed)> Robert
Carnegie wrote:

>2, SP2 is still not supported and that still could be your problem -
>with a vulnerability that is only fixed on or after SP3.


XP Pro x64 uses a different code base to XP 32 bit. The latest service
pack is SP2 and I doubt MSFT will issue any more.

--
Jeff Gaines Wiltshire UK
There are 3 types of people in this world. Those who can count, and those
who can't.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
NTFS data recovery after non-destructive restore Ike Milligan Computer Support 1 06-05-2006 11:58 PM
Which Non Destructive Glue to Use on Mats Mike Digital Photography 12 02-27-2006 02:48 AM
Writing a destructive trojan with C++... Mad Programmer C++ 18 09-13-2005 10:14 PM
Destructive Windows Script rbt Python 27 06-10-2005 06:26 PM
Case-insensitive dict, non-destructive, fast, anyone? Ville Vainio Python 11 04-06-2005 06:53 AM



Advertisments