New Posts  All Forums:Forum Nav:

Trojan at Head-Fi? - Page 3

post #31 of 39
4/27/10 at 3:58pm
Ok thanks for the help.But I can't take the harddrive out because I don't have another dektop computer at home,I have a laptop and two other laptops that belong to my sisters.I will try to take everything out of the hard desk when I go to my friend.
Just a question how will he be able to reinstall the windows again when the computer is not showing except black screen?
Reply
post #32 of 39
4/27/10 at 4:14pm
Quote:
Originally Posted by Landis View Post
Jude, which antivirus are you using on the computers you're trying to replicate it on? If you have a random crap computer lying around the house, install AVG/Avast which will give you pop up notices for anything it does and make sure you're using a basic version of IE. Most modern antivirus/internet security software will automatically block pop ups and so on without telling you, so basic and free is the way to go for replication.
A big problem with trying to track down where a malvertisement came from is that the malvertisement authors are very tricky. They use all sorts of obfuscation, redirection, and other tricks to hide where they came from. One trick they use is IP address geolocation. They'll only serve up the exploit to IP addresses from certain areas. They do this to hide and to also make it more difficult to track down or find. For example, if an ad network is headquarted in Germany the malvertisement will not do its nasty stuff to any IP address from Germany. But connect from Australia and blamo, and even then it may be random. They'll also block based on IP addresses from specific companies and users. They do that so when the advertising network or website admin checks the ad it comes up clean.

It becomes very difficult for the web site owner to even figure out which ad network came from even if you provide a screenshot.

There are some logging tools that you can run that will track where a malvertisement came from. Security researches run those sorts of tools. But you have to be running the logging software when the malvertisement pops up. You can't trace or log after the fact.
Reply
post #33 of 39
4/27/10 at 4:29pm
Quote:
Originally Posted by midoo1990 View Post
Ok thanks for the help.But I can't take the harddrive out because I don't have another dektop computer at home,I have a laptop and two other laptops that belong to my sisters.I will try to take everything out of the hard desk when I go to my friend.
Just a question how will he be able to reinstall the windows again when the computer is not showing except black screen?
You don't have a DVD drive in the desktop? That would be the normal way, to reinstall the OS with original install disk. (best way to reinstall, especially after a virus crash is to have the OS format your disk before it reinstalls, so make sure you have definitely backed up everything) If there's no DVD drive, your friend might also setup a bootable USB drive for you (with the OS reinstall files on there) to get you back up and running.

Either way don't worry, with the right reinstall setup your computer should boot fine from either a DVD or USB...you are only getting the black screen because the hard disk it's trying to boot from is fouled at the moment.
Reply
post #34 of 39
4/28/10 at 2:52am
sigh. my desktop is infected and i can't clean it. i need to reinstall it.
Reply
post #35 of 39
4/28/10 at 3:33am
On IE8, when you visit certain Head-fi pages (I dunno which) at times it will block the site saying the site is prone to viruses.

My Antivirus has picked up a trojan from this site, only happened once but.
Reply
post #36 of 39
5/5/10 at 8:44pm

I'm getting a warning right now from my Avira Antivirus....

 

http://pubads.g.doubleclick.net/gampad/ads?correlator=1273117203782&output=html&impl=ifr&client=ca-pub-8810354328358242&slotname=Head-Fi_Forum_300x250&page_slots=Head-Fi_Forum_728x90%2CHead-Fi_Forum_300x250&cookie=ID%3D101d15b3ae310d5c%3AT%3D1258933053%3AS%3DALNI_MaGbQ43JQlz_aLZmxLYHr32VDxkZg&ga_vid=219748982.1273117204&ga_sid=1273117204&ga_hid=222022189&url=http%3A%2F%2Fwww.head-fi.org%2Fforum%2Flist%2F11%2F50&ref=http%3A%2F%2Fwww.head-fi.org%2Fforum%2Flist%2F11&lmt=1273117203&dt=1273117203792&cc=95&biw=1819&bih=999&ifi=2&oe=utf-8&u_tz=-360&u_his=4&u_java=true&u_h=1200&u_w=1920&u_ah=1160&u_aw=1920&u_cd=32&flash=10.0.45.2


Information: Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
 

Reply
post #37 of 39
5/5/10 at 9:07pm

(user deleted)


Edited by Wrist-Fi - 5/6/10 at 2:42am
Reply
post #38 of 39
5/6/10 at 9:06pm

midoo1990:

This information might be too late to help you but here it is anyway. Get a friend to download and burn a Linux live cd onto dvd (confusing huh?...cd is too small to hold it) for you. Then you can boot from the live cd and recover important files (I usually copy them to a usb flash drive or external usb drive). Linux will be able to access all of your files just fine unless you had full disk encryption running (very unlikely).

The Ubuntu linux live cd can be downloaded at ubuntu.com.


Edited by srserl - 5/7/10 at 2:07am
Reply
post #39 of 39
5/6/10 at 10:59pm
Thanks for the advice,I still didn't repair my computer because I have exams and will finish at the end of the month,so for now it will remain dead in my room collecting dust as I use my laptop.
Reply
New Posts  All Forums:Forum Nav:
  Return Home