Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: virus

  1. #11
    Suspended
    Join Date
    Oct 2007
    Posts
    2,346
    Thanks
    0
    Thanked 254 Times in 209 Posts
    i have a genuine xp pro...installed on the netbook...which was one of the conditions of the purchase of the netbook...it had to be installed or downgraded because of the it was supplied with vista...i need xp to for my test equipment.

    we have a few people in the area who i can see of the wireless networks...but i cannot access their network because they are security enable...but as i mantioned there is a new "kid on the block" as soon as i see his network again i will make a point of getting the name...something else i noted is he has a WPA 2 security enabled network...all the others are just WPA

    just done a full scan and noted the virusses are still active in the netbook and there is now a new one...PWS:win 32 / Fareit . A

    my laptop doesnt have a 3 g card and i havent been affected by these viruses yet...could it be possible that i dont have a secure link via the 3 g sim card?

  2. #12
    Gold Member irneb's Avatar
    Join Date
    Apr 2007
    Location
    Jhb
    Posts
    625
    Thanks
    37
    Thanked 111 Times in 97 Posts
    Regarding WPA/WPA2: forget anything to do with WEP - that's simply an old, "easily" breakable encryption ( http://www.suite101.com/content/encr...andards-a25951 ). Regardding the difference between the WPA/2, the one's not necessarily more secure than the other - they just use different methods / transmission protocols. Also WPA2 is intended for use with other hardware as well as PC's (e.g. cellphones, etc.): http://www.securityprocedure.com/com...n-wpa-and-wpa2

    As I've stated before, access to wireless networks goes through the Access Control mechanism. This is usually a separate thing from the Security Encryption, but can be affected by what encryption you use. E.g. if you use a passkey access control, you're probably using WEP/WPA/WPA2 as well - otherwise the passkey can be seen whenever you connect by anyone in range. If you use the push-button / physical address method, no such pass key is sent - the router checks the connecting device's MAC (Physical Network Address) then saves that to a list of allowed devices. The push-button method just does this less manually, otherwise you'd have to open the router's control program to add a MAC manually.

    If you don't have an access control installed it would be possible for anyone to use your router (even if you have WPA running). Did you have to provide a passkey when you 1st connected to the router? If not you might be in trouble as this is usually the default, unless the default is to not have any control (which is the worst possible scenario). If you had to press a button on the router, you should be reasonably fine.

    Some routers also have the ability to "hide" themselves to all devices except those which have been connected before. These usually also have the push-button method, which temporarily displays the router to everyone, then waits for a connect request, and then waits for you to press the button again.

    Irrespective of if you use access control and / or security encryption or not: if a PC is connected to the network, it's got access to all others. At which stage it becomes up to the OS to try and protect itself. If that fails, then you're relying on stuff like firewalls and AV's. So if one of the PC's (laptops / notebooks as well) is infected, be careful that it doesn't infect something else on the network - otherwise you could end up having the virus jump from one to the other. So try to have only one device connected at a time when you clean these things.

    If M$-SE doesn't want to remove these, first try to reboot into Safe-Mode (press F8 during WinXP bootup). Then run SE and see if it can now remove the offending files. If not, do a google for a removal tool for that particular virus.
    Gold is the money of kings; silver is the money of gentlemen; barter is the money of peasants; but debt is the money of slaves. - Norm Franz
    And central banks are the slave clearing houses

  3. #13
    Gold Member irneb's Avatar
    Join Date
    Apr 2007
    Location
    Jhb
    Posts
    625
    Thanks
    37
    Thanked 111 Times in 97 Posts
    Quote Originally Posted by murdock View Post
    PWS:win 32 / Fareit . A
    Doing a google, that sounds like a very nasty thing you've got there: http://www.microsoft.com/security/po...ID=-2147321963 I.e. it can "steal" any passwords you type.

    Edit: strangely only MSSE calls that virus by that particular name. Doing some further searches I came across this: http://www.virustotal.com/file-scan/...302-1304151829

    From there doing a search on what AVG/Avast! calls it: Win32: Delf-OXZ removal - http://www.spywareviruscleaner.com/H...2.Delf.ox.html
    Last edited by irneb; 05-May-11 at 04:37 PM.
    Gold is the money of kings; silver is the money of gentlemen; barter is the money of peasants; but debt is the money of slaves. - Norm Franz
    And central banks are the slave clearing houses

  4. #14
    Diamond Member AndyD's Avatar
    Join Date
    Jan 2010
    Location
    Cape Town
    Posts
    4,923
    Thanks
    576
    Thanked 934 Times in 755 Posts
    The original trojan you had will download other worms and trojans and install the appropriate services on you pc and it is also scripted to upload your usernames and passwords etc so my suggestion still stands to go online from an uninfected pc and change them all before it's too late. Did you try hijackthis yet?
    _______________________________________________

    _______________________________________________

  5. #15
    Suspended
    Join Date
    Oct 2007
    Posts
    2,346
    Thanks
    0
    Thanked 254 Times in 209 Posts
    open gmail this morning...big red banner across the top of my pc...WARNING YOUR ACCOUNT HAS BEEN ACCESSED FROM CHINA...

    and full of rubbish...the amazing thing was not one email in spam all directly into my front page.

    well that is a clear indication it time to shut the netbook down ans send it in for clean up by the proffessionals.

    i was about to have my entire system networked together...so that i could access everything from any of the pcs but after this fiasco...i will be isolating my netbook from the rest of my office.

  6. #16
    Suspended
    Join Date
    Oct 2007
    Posts
    2,346
    Thanks
    0
    Thanked 254 Times in 209 Posts
    just opened office pc and logged into bank account ..trusteer rapport...password keystroke attempts: 8

    does this mean they have managed to access this pc as well?

    maybe a good idea just to have this pc cleaned out by the pros as well.

  7. #17
    Suspended
    Join Date
    Oct 2007
    Posts
    2,346
    Thanks
    0
    Thanked 254 Times in 209 Posts
    Quote Originally Posted by AndyD View Post
    The original trojan you had will download other worms and trojans and install the appropriate services on you pc and it is also scripted to upload your usernames and passwords etc so my suggestion still stands to go online from an uninfected pc and change them all before it's too late. Did you try hijackthis yet?
    no andy my knowledge about pcs is as bad as an accountant doing diy at home so i think its time to get the people in the know to have a look.

  8. #18
    Suspended
    Join Date
    Oct 2007
    Posts
    2,346
    Thanks
    0
    Thanked 254 Times in 209 Posts
    drop box 1.1.29...any comments on this facility...this is the only new program i have added recently.

  9. #19
    Diamond Member AndyD's Avatar
    Join Date
    Jan 2010
    Location
    Cape Town
    Posts
    4,923
    Thanks
    576
    Thanked 934 Times in 755 Posts
    Dropbox is a legitimate site, I also use it and I've never heard of it being a problem but the site may have been hacked at some time, I don't know. You should use Sandboxie for your internet browsing and e-mail. It's freeware with a small nag screen if you don't register it and you don't need to be a computer whizz to use it.
    _______________________________________________

    _______________________________________________

  10. Thanks given for this post:

    IanF (06-May-11)

  11. #20
    Suspended
    Join Date
    Oct 2007
    Posts
    2,346
    Thanks
    0
    Thanked 254 Times in 209 Posts
    took my netbook in for a good rinse...to clean out the spook...they flushed out everything...when i switched the pc back on and tried to access my gmail account...the spooks had got into my gmail account and caused absolute chaos...to a point that i have had to get a pin code from them to try re active the account...they have tried numerous attempts at my bank account...so i took all the money out just in case.

Page 2 of 3 FirstFirst 123 LastLast

Did you like this article? Share it with your favourite social network.

Did you like this article? Share it with your favourite social network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •