Switch Theme:

DO NOT GO TO BELL OF LOST SOULS! VIRUS WARNING! Update: Not totally fixed!!!  [RSS] Share on facebook Share on Twitter Submit to Reddit
»
Author Message
Advert


Forum adverts like this one are shown to any user who is not logged in. Join us by filling out a tiny 3 field form and you will get your own, free, dakka user account which gives a good range of benefits to you:
  • No adverts like this in the forums anymore.
  • Times and dates in your local timezone.
  • Full tracking of what you have read so you can skip to your first unread post, easily see what has changed since you last logged in, and easily see what is new at a glance.
  • Email notifications for threads you want to watch closely.
  • Being a part of the oldest wargaming community on the net.
If you are already a member then feel free to login now.




Made in au
Owns Whole Set of Skullz Techpriests






Versteckt in den Schatten deines Geistes.

Hi all,

Yesterday I spent about 7 hours fighting an insidious and clever computer virus that was masquerading as a piece of anti-virus software. It took several tries, me digging into the registry, and even a trip across town to find a functioning internet connection to download new anti-virus software, but the virus was dealt with.

It all started when I got a fake trojan alert whilst browsing BOLS. Now, normally I wouldn't ascribe such a danger to a single website, but given that I just got a call from a friend of mine who got the exact same fake tojan alert whilst visiting BOLS, I thought it best to warn everyone here:

Avoid BOLS for the time being - someone has done something to their website. If anyone has an E-mail address for MKerr and the rest of the gang, let them know.

Thanks!

This message was edited 2 times. Last update was at 2009/11/25 07:08:16


Industrial Insanity - My Terrain Blog
"GW really needs to understand 'Less is more' when it comes to AoS." - Wha-Mu-077

 
   
Made in gb
[ADMIN]
Decrepit Dakkanaut






London, UK

I think this virus is doing the rounds at the moment. From what I can tell it uses an exploit in Java to install itself, and gets in through exploited advertising servers - not original websites themselves.

If you use firefox, I recommend going to edit > preferences then deselect enable java to minimise the risk of this evil trojan from infecting you.

Check out our new, fully plastic tabletop wargame - Maelstrom's Edge, made by Dakka!
 
   
Made in us
Warplord Titan Princeps of Tzeentch





Pat that askala, O-H-I hate this stupid state

Thanks for the heads up and ways to avoid getting it.

Then it comes to be that the soothing light at the end of your tunnel, its just a freight train coming your way!
Thousand Sons 10000
Grey knights 3000
Sisters of battle 3000
I have 29 sucessful trades where others recommend me.
Be sure to use the Reputable traders list when successfully completing a trade found here:
Dakka's Reputable Traders List 
   
Made in us
Regular Dakkanaut






Nu`uanu, Hawai`i

Ahhh. So that is where it came from. I belive it was a sysgaurd virus. I was wondering how I got it twice in a week!

All painted and pushing 60,000 points combined.

senjistudios.com

A good game of 40k is one part competition and two parts cooperation. 
   
Made in us
Human Auxiliary to the Empire



Los Angeles

I agree, it is getting through the advertisements. Something popped up while I was on a FF wiki, which I found out, the whole "YOUR COMPUTER IS INFECTED" adware/spyware and it mnimized all my windows. Thankfully that was the extent of it and it didn't actually infect my system.
   
Made in us
Bane Knight





Washington DC metro area.

Its an ad served to them with sysguard embedded. Turn off Javascript and Sysguard can't propogate.

Edit:
That said, if you don't have some solid computer-fu, stay off BOLS.
their admins have been made aware.

Edit 2:
Yakface/Mods : you might want to take another look at your served ads as well.

This message was edited 2 times. Last update was at 2009/11/22 02:23:12


Special unique snowflake of unique specialness (+1/+3versus werewolves)
Alternatively I'm a magical internet fairy.
Pho indignation *IS* the tastiest form of angry!
 
   
Made in us
Crazy Marauder Horseman





Does Ad Block Plus protect you? I have been there several times in the last day and have not experienced any problems.
   
Made in us
Bane Knight





Washington DC metro area.

For those of you concerned about Sysguard:

http://www.softpedia.com/progDownload/Remove-System-Guard-2009-Download-122168.html
http://forums.majorgeeks.com/showthread.php?t=185527
http://www.pctools.com/mrc/infections/id/RogueAntiSpyware.Sysguard/
http://www.exterminate-it.com/malpedia/remove-sysguard
http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=105x9088117

Edit:
Short answer - probably not. Sysguard is a troublesome creature and the 2010 version is more so.

This message was edited 1 time. Last update was at 2009/11/22 02:29:23


Special unique snowflake of unique specialness (+1/+3versus werewolves)
Alternatively I'm a magical internet fairy.
Pho indignation *IS* the tastiest form of angry!
 
   
Made in us
Fresh-Faced New User




Hi guys,

Bigred here from BoLS.

Ad providers are reporting that malware operators were isolated and removed this evening. Apparently there was a big push by these scumbags internet wide and everything from the big political sites, to news and sports got hit.

Bell of Lost Souls www.belloflostsouls.blogspot.com
Warhammer 40,000 Minis, News, Tactics, and Opinion  
   
Made in gb
[ADMIN]
Decrepit Dakkanaut






London, UK

Thanks for reporting. I've updated the title of this thread so people are not put off now that is is sorted.

Check out our new, fully plastic tabletop wargame - Maelstrom's Edge, made by Dakka!
 
   
Made in us
Bane Knight





Washington DC metro area.

Cheers Bigred. Knew we could count on you.

Special unique snowflake of unique specialness (+1/+3versus werewolves)
Alternatively I'm a magical internet fairy.
Pho indignation *IS* the tastiest form of angry!
 
   
Made in us
Fresh-Faced New User




Thanks for the fast response legoburner and Oldgrue,

And H.B.M.C., track me down at Adepticon if you're going. I'll buy you a brewski.

Bell of Lost Souls www.belloflostsouls.blogspot.com
Warhammer 40,000 Minis, News, Tactics, and Opinion  
   
Made in us
Shas'o Commanding the Hunter Kadre




Missouri

Man, I was wondering what the hell was going on, I've gotten that same virus at least three fething times and could never figure out how...it just seemed to get on my comp at random while I was browsing different sites. It's really fethed up my computer.

Thanks for posting those links.

 Desubot wrote:
Why isnt Slut Wars: The Sexpocalypse a real game dammit.


"It's easier to change the rules than to get good at the game." 
   
Made in us
Longtime Dakkanaut





So quick Q..

Whats the best way to get rid of it if you have it? Want to know in case it pops up.
   
Made in us
Bane Knight





Washington DC metro area.

There is no quick way, but there's some handy-dandy links I supplied above for just that purpose.

Edit:
My professional opinion is to confirm your important data is backed up (Why wasn't it? Hmm? ) and perform a low level format before reinstalling the OS to ensure a secondary payload wasn't buried somewhere you missed. The links above are much more reasonable if less thorough.

This message was edited 1 time. Last update was at 2009/11/22 04:38:52


Special unique snowflake of unique specialness (+1/+3versus werewolves)
Alternatively I'm a magical internet fairy.
Pho indignation *IS* the tastiest form of angry!
 
   
Made in us
Blood-Drenched Death Company Marine





WA, USA

Firefox users also have two browser add ons that can be very helpful

No Script
https://addons.mozilla.org/en-US/firefox/addon/722

Adblock
https://addons.mozilla.org/en-US/firefox/addon/1865

Read up on both on how to configure them, and enjoy your web surfing again.


 
   
Made in gb
Adolescent Youth with Potential



Suffolk, England

legoburner wrote:Thanks for reporting. I've updated the title of this thread so people are not put off now that is is sorted.


Don't think it is safe... I got caught a few days ago...
ended up doing a full strip and rebuild of my lappy as it was the only way to get rid of it...
Went back to BOLS this afternoon and got infected again..!!!
   
Made in au
Lethal Lhamean






I'm glad I don't care for Bols that much.. phew.. dodged a bullet.
   
Made in au
Owns Whole Set of Skullz Techpriests






Versteckt in den Schatten deines Geistes.

Yeah I was trying to help everyone here, not take a dig at BLoS.

And Big Red, despite what my flag says, I'm actually in Australia. And as much as I'd love to attend an adepticon, right now affording food is my biggest priority, not plane tickets. But thanks anyway.


Automatically Appended Next Post:
Ok, not 100% fixed it seems.

Just went to BOLS and my virus scanner popped up two alerts for something called "nikuraka.com".

Just thought y'all should know.

This message was edited 1 time. Last update was at 2009/11/25 07:09:42


Industrial Insanity - My Terrain Blog
"GW really needs to understand 'Less is more' when it comes to AoS." - Wha-Mu-077

 
   
Made in gb
Fixture of Dakka





Southampton

Yeah, we had a problem with Personal Antivirus (another piece of malware) a couple of months ago. Had to wipe the hard drive in the end. Cheers for the warning, I really don't want to go through that hassle again. The people who put this stuff on the web should have their insides ripped out and fed to them.

   
Made in us
Most Glorious Grey Seer





Everett, WA

Moopy wrote:Firefox users...
Sigh... here we go again. Look, I use the default IE browser and have never had these problems. How? By doing the following...

Tools > Internet Options > Privacy > turn on the popup blocker and click settings button > go to the bottom and set the block level to HIGH.

If you like using a non-IE browser, fine. Good for you. Have fun. But leave the Firefox fanboy crap for the Warcraft forums.

 
   
Made in gb
Fully-charged Electropriest






Glasgow

I wasn't aware Web Browsers could have fanboys and these are Warcraft Forums?? y'learn something new everyday!

   
Made in us
Wraith





Raleigh, North Carolina

Breotan wrote:If you like using a non-IE browser, fine. Good for you. Have fun. But leave the Firefox fanboy crap for the Warcraft forums.

I'm pretty sure there was nobody gushing over the joys and pleasures of non-IE browsers. Looked a lot more like "If you happen to have this browser, here is an option for you." The same thing you did by showing IE users where they can adjust their pop-up blocker sensitivity.

You might want to stop visiting the Warcraft forums for a while, they appear to be infecting your reactions to innocuous statements.

 
   
Made in us
Foul Dwimmerlaik






Minneapolis, MN

Breotan wrote:
Moopy wrote:Firefox users...
Sigh... here we go again. Look, I use the default IE browser and have never had these problems. How? By doing the following...

Tools > Internet Options > Privacy > turn on the popup blocker and click settings button > go to the bottom and set the block level to HIGH.

If you like using a non-IE browser, fine. Good for you. Have fun. But leave the Firefox fanboy crap for the Warcraft forums.


Fly of the hinge much?

   
Made in si
Foxy Wildborne







Breotan wrote:
Moopy wrote:Firefox users...
Sigh... here we go again. Look, I use the default IE browser and have never had these problems. How? By doing the following...

Tools > Internet Options > Privacy > turn on the popup blocker and click settings button > go to the bottom and set the block level to HIGH.

If you like using a non-IE browser, fine. Good for you. Have fun. But leave the Firefox fanboy crap for the Warcraft forums.


So I take it that irrational hatred of popular things is back in fashion?

The old meta is dead and the new meta struggles to be born. Now is the time of munchkins. 
   
Made in gb
Decrepit Dakkanaut






Omadon's Realm

lord_blackfang wrote:
So I take it that irrational hatred of popular things is back in fashion?


It never goes out of fashion here at El Dakka Ranch senior!



 
   
Made in us
Crazy Marauder Horseman





Breotan wrote:Sigh... here we go again. Look, I use the default IE browser and have never had these problems. How? By doing the following...

Tools > Internet Options > Privacy > turn on the popup blocker and click settings button > go to the bottom and set the block level to HIGH.

If you like using a non-IE browser, fine. Good for you. Have fun. But leave the Firefox fanboy crap for the Warcraft forums.


So, basically, I shouldn't say anything right now about using a mac?

Actually, using a Mac and FireFox w/ Ad Block Plus might be bad in the long run, because honestly I never even know about stuff like this until i read about it. It is like I have overprotective parents and I will never know what is out there till I end up using IE for the first time and all of a sudden I am dead from syphilis.
   
Made in us
Resentful Grot With a Plan




Silver Spring, MD

Firefox+No Script+ Ad-Block = no worries.

Club me. Ain't I cute?


 
   
Made in gb
[ADMIN]
Decrepit Dakkanaut






London, UK

Dont forget flash block and disable java or you'll still get hit by exploits in those plugins.

Check out our new, fully plastic tabletop wargame - Maelstrom's Edge, made by Dakka!
 
   
Made in us
Resentful Grot With a Plan




Silver Spring, MD

legoburner wrote:Dont forget flash block and disable java or you'll still get hit by exploits in those plugins.

Absolutely!

Club me. Ain't I cute?


 
   
 
Forum Index » News & Rumors
Go to: