speculative visionscience fiction and fantasy

Malaware Message

Feedback and suggestions for Speculative Vision. This is also where we make site announcements.

Moderators: Bmat, Qray

    Bookmark and Share

Re: Malaware Message

Postby Qray » Sat Oct 03, 2009 5:50 pm

A friend of mine got the same thing. If it happens to you again, let me know what URL it is that you get redirected to and what ad was at the top of the SV Page.
I'm going to die the way I've lived...poor, screaming, and naked.
User avatar
Posts: 8144
Joined: Sat Apr 09, 2005 12:15 pm
Location: Down in Cognito
Blog: View Blog (49)


Re: Malaware Message

Postby The Master » Sun Oct 04, 2009 1:51 pm

Trying to track it down.
User avatar
The Master
Site Admin
Site Admin
Posts: 1990
Joined: Tue Apr 05, 2005 4:55 pm
Location: California
Blog: View Blog (2)
Art: View My Art Gallery


Re: Malaware Message

Postby Asp Zelazny » Wed Sep 14, 2011 11:57 pm

Just a bit of a warning: there's a new virus/worm/trojan out there that I fell for ... spent most of today working with the McAfee live service to fix, 'cause I walked right into it. Got an email allegedly from PC Mag yesterday (and I've gotten those regularly), this time touting a new, souped up virus scanner and overall fixer-upper, free scan the first time. Stupid me/trusting me, judging the email to be legit: clicked on the link, read some of the descriptions and the terms of use, noted that the website was not an https:// site so did NOT accept the analysis or download anything. Within the next 30 minutes started getting messages of all kinds of nasty viruses/trojans, infected emails being received and being sent out from the program called OpenCloud Security. These became increasingly frequent, and then the computer would jump to a blue screen, and before it could be read would jump to a version of the Windows "splash screen" WITH THE TIMER BAR SPINNING OVER AND OVER AS IT REBOOTED! Very impressive special effects! It would then pop to a screen that would give you the option of "Buy Now" which connected you to a website that for only $52.95 would allegedly sell you the program to debug (right) or you could click on "continue unprotected" ... this would let you work for about 10 minutes before the cycle would start again. After midnight, the program shut off access to "Add/Remove Programs", Windows security, shut off access to Google, Ask.com and other web sites, and disabled my wireless internet connectivity. The only way I could strike back was to disable the program's access to the internet (which IT had maintained). My existing copies of McAfee Security and Ad Aware were unable to find anything wrong.

Today spent a lot of phone time to Bangalore with McAfee: was able to finally get internet access with a direct line modem, and get a remote analysis in Safe Mode: found an OpenCloud.exe buried deep in my system and removed it. Went to lunch, and on my return, the thing was back. Another hour with Bangalore found the root program "csrss.exe" even deeper in the system, and got that sucked out too. They checked on their data-base, and it's a new virus (Yay! First sucker to fall for it! But no finders fee). But now it seems to be gone.

I've notified PC Mag/Zinio that they are being spoofed. The antivirus community is now aware of this new one out there. And I'm putting out the word.

Gotta say though ... got hooked by better than usually social engineering, and the scary special effects to the computer were very entertaining. But it cost $89.95 to McAfee and about 4 hours to bring my computer back to life.
User avatar
Asp Zelazny
True Visionary
True Visionary
Posts: 1919
Joined: Sun Sep 26, 2010 9:17 pm
Location: Arizona


Re: Malaware Message

Postby nightlock » Thu Sep 15, 2011 12:33 am

Asp Zelazny wrote:After midnight, the program shut off access to "Add/Remove Programs", Windows security, shut off access to Google, Ask.com and other web sites, and disabled my wireless internet connectivity.

:smt105 I mean... Ooh Devious. Those bastards, etc.
Still, gotta admit, that was a stroke of genius.

Good to hear you got your computer back.
Sorry to hear it cost you so much. Mayhaps it was a scheme by the telephone company?

Read New Awakenings

"This is here." :smt104
User avatar
Site Regular
Site Regular
Posts: 460
Joined: Fri Sep 05, 2008 1:28 pm
Location: Netherlands
Blog: View Blog (3)


Re: Malaware Message

Postby Bmat » Thu Sep 15, 2011 5:49 am

Thank you for the warning. I've had email from an online person I knew years ago. It didn't make sense that she'd be contacting me with the subject of the email, so I've been deleting, assuming it was viral.
User avatar
Super Moderator
Super Moderator
Posts: 5827
Joined: Tue Apr 05, 2005 5:31 pm
Location: East coast US
Blog: View Blog (10)


Return to Comments On Speculative Vision

Who is online

Users browsing this forum: No registered users and 1 guest