PDA

View Full Version : Uh Oh



W3WN
10-04-2010, 05:09 PM
Phone rings last night; my sister-in-law talking to my wife about the upcoming 18th family birthday party for my nephew. Then she hands me the phone.

I'll condense the next 20 minutes:

She got hit with a drive-by malware infection. Masquerading as an alert from "Microsoft Internet Security." Won't let her access the Internet, insists that she's infected, wants to scan her machine (her husband did that, worm now insists on downloading an "anti virus" program).

I have been volunteered to inspect the machine. I got the evil eye from the boss when I suggested the machine be taken somewhere else... since it would cost $$ (of course, I'm expected to clean it. For free. Of course. Not the first time I've had to fix a computer while the family parties, but that's a whole 'nother story...)

I haven't laid eyes on the little bastard yet. I think this is a variant on the "AntiVirus 2009" scam. Sound familiar to anyone? And will Malwarebytes AntiMalware nuke it, or should I be looking at other cleaners?

NQ6U
10-04-2010, 05:43 PM
I recommend removing the HD and soaking it in diesel fuel for about three days. That will probably take care of the infection but, if not, try applying acetone at about 465° C.

kf0rt
10-04-2010, 06:50 PM
I feel your pain, brother Ron.

Had a BIL do the same with me this summer and I complied. His system really was pretty clean -- probably clicked on an errant link somewhere. Malwarebytes cured it and he fixed my lawn mower in return. He was SURE it was caused by using the computer during a lightening storm (because, well, that's when the problem started).

Boot in safe mode, and run Malwarebytes from there.

KC2UGV
10-04-2010, 06:56 PM
Backup "My Documents", and reinstall Windows... Only sure-fire way to clean the thing out, and spend less than 10 hours on it.

W3WN
10-04-2010, 07:52 PM
I recommend removing the HD and soaking it in diesel fuel for about three days. That will probably take care of the infection but, if not, try applying acetone at about 465° C.

Ooooooo... I like that idea.

Well, remember I gave you the condensed soup version. I have been assured that she has "all" of her data backed up to CD, save a few recent photos. She is supposed to take care of that the next few days.

My "druthers" are to find out the type of hard drive (IDE or SATA), go to Best Buy, purchase (on HER credit card) a brand new drive with equal or greater capacity, install drive, reinstall OS etc. from OEM disks, and then she can reinstall her data. Less time, less pain, secure-er system. Of course, that's not going to happen, but I can dream.

If I don't get anywhere fast, that is what I'm going to recommend.

And I'm NOT fixing it up next weekend. Pa QSO comes first!

VE7MGF
10-04-2010, 08:04 PM
format is your friend:yes:
do a full format then reinstall the os
dont even bother to try and save anything on the drive

N1LAF
10-04-2010, 08:28 PM
Phone rings last night; my sister-in-law talking to my wife about the upcoming 18th family birthday party for my nephew. Then she hands me the phone.

I'll condense the next 20 minutes:

She got hit with a drive-by malware infection. Masquerading as an alert from "Microsoft Internet Security." Won't let her access the Internet, insists that she's infected, wants to scan her machine (her husband did that, worm now insists on downloading an "anti virus" program).

I have been volunteered to inspect the machine. I got the evil eye from the boss when I suggested the machine be taken somewhere else... since it would cost $$ (of course, I'm expected to clean it. For free. Of course. Not the first time I've had to fix a computer while the family parties, but that's a whole 'nother story...)

I haven't laid eyes on the little bastard yet. I think this is a variant on the "AntiVirus 2009" scam. Sound familiar to anyone? And will Malwarebytes AntiMalware nuke it, or should I be looking at other cleaners?

A friend of mine went through this, even bought the antivirus software. She was pretty upset, couldn't use internet, facebook, etc. We got the terms from the offending website, she wrote the letter for refund, and had the credit card dump the charge and stop all activities until it was straightened out.

Bottom line - it was fix-able.

AVG antivirus and Antimalware will fix it.
After you clense the system, install firefox, and make it the default browser.

Problem never came back. IE was most likely the weak point here, and Firefox anti popup prevented any further outbreaks.

Edit: I was on copy for the letter to that company associated with the phony anti-virus. It was to support(a)mailingsimple.com, dated July 12, 2009

KJ3N
10-04-2010, 09:11 PM
Boot in safe mode with networking, and run Malwarebytes from there.

Fixed... and agreed. :yes:

KJ3N
10-04-2010, 09:14 PM
Backup "My Documents", and reinstall Windows... Only sure-fire way to clean the thing out, and spend less than 10 hours on it.

BS

Light-weight...... :roll:

KJ3N
10-04-2010, 09:24 PM
format is your friend:yes:
do a full format then reinstall the os
dont even bother to try and save anything on the drive

WRONG! :angry:

WTF is it with you people? :irked:

Some of you surrender so easily. Are you French? It's a simple bit of malware. :bfd:

I've cleaned machines that were in far worse shape. One had no less than 185 "infections" and was completely cleaned with no data loss.

Get a grip.... :roll:

N1LAF
10-04-2010, 09:32 PM
WRONG! :angry:

WTF is it with you people? :irked:

Some of you surrender so easily. Are you French? It's a simple bit of malware. :bfd:

I've cleaned machines that were in far worse shape. One had no less than 185 "infections" and was completely cleaned with no data loss.

Get a grip.... :roll:

I see you have battle scars dealing with malware. Somwetimes I will use Hijackthis for additional checks. Adaware has become less affective.

NA4BH
10-04-2010, 09:43 PM
Some of you surrender so easily. Are you French? :bfd:



:rofl: :rofl: :rofl:

W4RLR
10-04-2010, 11:50 PM
The more I see posts like this, the more I love my Macs.

NQ6U
10-05-2010, 12:01 AM
The more I see posts like this, the more I love my Macs.

I Agree With You Completely.

Macs have their own set of disadvantages but in the 20 years I've been using them--a number of those years taking care of hundreds of them as a Mac support pro--I've seen a grand total of two examples of Mac viruses on machines in the wild. Both of those were under the "Classic" Mac OS, too. Haven't seen a single one since I started using OS X exclusively.

ad4mg
10-05-2010, 05:19 AM
Ubuntu. That should start something ...

I shy away from the re-install approach. A good anti-virus scan in safe mode, followed by a scan by Malwarebytes, Spybot S&D, and AdAware will eliminate 99.9% of the problems. The other 0.1% require the drive to be wiped clean and a fresh OS install.

A quick check with 'hijackthis' is all that's needed to confirm success or failure.

And, moving forward, do use Firefox, and allow IE to just collect virtual dust.

KC2UGV
10-05-2010, 06:19 AM
BS

Light-weight...... :roll:

Path of least resistance, coupled with a prior history of being a service technician, where the client pays by the hour. Rather than rape them for 10 hours of labor, two hours, and they get the annual "Windows Reinstall" to clean out the junk.

W3MIV
10-05-2010, 07:17 AM
Discipline and discretion, coupled with quality anti-malware, are the simplest and most effective tools, regardless of browser, OS or user. When it comes to computers, I am far from the sharpest blade in the pack (I confess I should long ago have been pushed into that small slot that used to be in the back wall of every medicine cabinet), but simple common sense is the first line of defense. We have here five Macs and four PCs, none of which have ever been infected, though all of which have been handled ham-handedly on occasion (no pun intended) since the xyl is a professional graphic designer and I a professional beach bum.

(I hope I don't regret having posted this.)

KG4CGC
10-05-2010, 07:34 AM
Anyone ever get that Space Alien Symbols virus? That's a fun one.

KJ3N
10-05-2010, 09:06 AM
Path of least resistance, coupled with a prior history of being a service technician, where the client pays by the hour. Rather than rape them for 10 hours of labor, two hours, and they get the annual "Windows Reinstall" to clean out the junk.

If it takes 10 hours to clean an infected Windoze box, you're doing something wrong, IMO. I can get about 75-85% of it done in about 2 hours, depending on the speed of the machine.

It might take under 2 hours in re-install the OS, but what about all the other programs, Windoze updates, etc? That's going to to take more than 2 hours, even if you have an XP SP3 CD.

KC2UGV
10-05-2010, 09:13 AM
If it takes 10 hours to clean an infected Windoze box, you're doing something wrong, IMO. I can get about 75-85% of it done in about 2 hours, depending on the speed of the machine.

It might take under 2 hours in re-install the OS, but what about all the other programs, Windoze updates, etc? That's going to to take more than 2 hours, even if you have an XP SP3 CD.

Ok, I'll play here:

Windows install + updates = 2.5 hours (Slipstream the updates into the ISO).

How long does it take you to clean out a malware infested computer, because some yahoo client clicked "OK" every time is asked to install Antivirus?

Most of the programs can be installed (If it's not a Factory-reimage) in under an hour.

Can you completely clean a machine out, and guarantee is completely clean? I could never really "guarantee" it's clean, because they would do the same crap, and it would be buggered up again in 3 months. And, then I'd get blamed.

Add in most of my clients were businesses, and had images, a re-image took much less time than cleaning it out, and most of the re-image is automated, so I could do 10 at a time, rather than being stuck on one fighting those bastards.

KJ3N
10-05-2010, 09:13 AM
Ubuntu. That should start something ....

Nah, I got one better. It'll make everyone puke their guts.

OS/2

:rofl: :rofl:

W5RB
10-05-2010, 09:20 AM
My roomie has a persistent case of Alureon.H . Norton won't clean it , nor Microsoft Essentials , nor Malwarebytes . It disabled 2 of his browsers by changing proxy settings , and crashes Chrome whenever he does an image search , among other things . Given his high-risk browsing , he needs to be using a Mac or Linux . Looks like he's due for a format , and start over .

KJ3N
10-05-2010, 09:28 AM
Ok, I'll play here:

Windows install + updates = 2.5 hours (Slipstream the updates into the ISO).

How long does it take you to clean out a malware infested computer, because some yahoo client clicked "OK" every time is asked to install Antivirus?

Most of the programs can be installed (If it's not a Factory-reimage) in under an hour.

Can you completely clean a machine out, and guarantee is completely clean? I could never really "guarantee" it's clean, because they would do the same crap, and it would be buggered up again in 3 months. And, then I'd get blamed.

Add in most of my clients were businesses, and had images, a re-image took much less time than cleaning it out, and most of the re-image is automated, so I could do 10 at a time, rather than being stuck on one fighting those bastards.

In a business environment that has those images, yes, you can do it pretty quick. However, most of my experience with cleaning machines is with home users (mostly family members), so we're talking 2 different situations.

And, yes, I can guarantee the machine is clean when I'm done with it. I take no responsibility for what they do afterwards, especially when I send documentation along with the machine as to what they should and shouldn't do. I also make sure that there are tools installed on the machine that prevent most acts of stupidity. Not completely fool-proof (there's always a more talented fool somewhere), but it'll sure stop a large percentage of the stuff out there.

KJ3N
10-05-2010, 09:29 AM
My roomie has a persistent case of Alureon.H . Norton won't clean it , nor Microsoft Essentials , nor Malwarebytes . It disabled 2 of his browsers by changing proxy settings , and crashes Chrome whenever he does an image search , among other things . Given his high-risk browsing , he needs to be using a Mac or Linux . Looks like he's due for a format , and start over .

Porn sites will do that.... ;) :rofl:

W3WN
10-05-2010, 10:24 AM
Well guys, Linux would be a wiser choice. But if I put it on that machine, I have to support it. Gratis. No thanks.

...bad enough I have to try and fix it, but at least I don't have to do full time support on the poor thing.

I've had good success in the past with Malwarebytes, and I've switched all of my home machines to Avast (especially after Symantec nuked the older NAV client. I wonder how Peter Norton feels these days about his name being attached to that product, especially since that wasn't originally one of his tools?)

My druthers are to put Avast on this machine, if I can clean it up of course. But I know what's going to happen next. They paid for Norton 360, dag nab it, so they're going to put it back on! grrrrrrrrrrrrrrrrrrrr

KJ3N
10-05-2010, 11:13 AM
I wanted to touch on this earlier, but got side-tracked...


Discipline and discretion, coupled with quality anti-malware, are the simplest and most effective tools, regardless of browser, OS or user. When it comes to computers, I am far from the sharpest blade in the pack (I confess I should long ago have been pushed into that small slot that used to be in the back wall of every medicine cabinet), but simple common sense is the first line of defense. We have here five Macs and four PCs, none of which have ever been infected, though all of which have been handled ham-handedly on occasion (no pun intended) since the xyl is a professional graphic designer and I a professional beach bum.

(I hope I don't regret having posted this.)

One doesn't exactly have to be the "sharpest blade in the pack", Albi, but it does take more than 5 functioning brain cells.

I have seen more than my share of infected machines that are simply results of intentional disabling of protection software ("oh, it's SO annoying"), or (and this is much more common in my experience) the continued ignoring of warnings from AV software that no longer is updating. Nearly every single machine I've ever had to work on has been the result of NAV that hasn't had a valid subscription or update in over 3 years. How the fsck do you ignore NAV warnings for that long? Are you fscking kidding me?

Then there are the multitude of file sharing networks like Limewire, Kazaa, etc. That's probably the #2 problem I see, right after NAV expiration. Most people don't seem to realize that you get more than you bargained for using these networks.

Of course, we also have the dumb-assed people who panic at the sight of some bogus warning about infected files (like what Ron's probably dealing with) and just go all fscking "click happy" trying to fix a problem that doesn't actually exist. You would think by now it would dawn on people that you never, ever, ever, ever download files from places you don't know, and most especially from some pop-up window.

There are several things I consider a "must" for a Windoze box:

1) AVG (http://free.avg.com/us-en/homepage) (or at least something better than NAV or MacAfee bloatware)

2) Malwarebytes (http://www.malwarebytes.org/)

3) Use FF instead of IE.

4) Install Ad Block Plus (https://addons.mozilla.org/en-US/firefox/addon/1865/) to FF.

5) Spybot Search & Destroy (http://www.safer-networking.org/en/download/)


YMMV

KC2UGV
10-05-2010, 11:42 AM
I wanted to touch on this earlier, but got side-tracked...



One doesn't exactly have to be the "sharpest blade in the pack", Albi, but it does take more than 5 functioning brain cells.

I have seen more than my share of infected machines that are simply results of intentional disabling of protection software ("oh, it's SO annoying"), or (and this is much more common in my experience) the continued ignoring of warnings from AV software that no longer is updating. Nearly every single machine I've ever had to work on has been the result of NAV that hasn't had a valid subscription or update in over 3 years. How the fsck do you ignore NAV warnings for that long? Are you fscking kidding me?

Then there are the multitude of file sharing networks like Limewire, Kazaa, etc. That's probably the #2 problem I see, right after NAV expiration. Most people don't seem to realize that you get more than you bargained for using these networks.

Of course, we also have the dumb-assed people who panic at the sight of some bogus warning about infected files (like what Ron's probably dealing with) and just go all fscking "click happy" trying to fix a problem that doesn't actually exist. You would think by now it would dawn on people that you never, ever, ever, ever download files from places you don't know, and most especially from some pop-up window.

There are several things I consider a "must" for a Windoze box:

1) AVG (http://free.avg.com/us-en/homepage) (or at least something better than NAV or MacAfee bloatware)

2) Malwarebytes (http://www.malwarebytes.org/)

3) Use FF instead of IE.

4) Install Ad Block Plus (https://addons.mozilla.org/en-US/firefox/addon/1865/) to FF.

5) Spybot Search & Destroy (http://www.safer-networking.org/en/download/)


YMMV

Don't forget the software vendors that when you call them, their first troubleshooting step is "Disable the Antivirus". Even Verizon will say that as the first troubleshooting step. They lack the step telling the users to turn it back on, however.

W3MIV
10-05-2010, 12:40 PM
Basically, we agree. I switched to FF long ago, not because I dislike IE, but because FF works better, faster and offers more versatility. I have Avast on some machines here and Avira on one; Avira can be more of a PITA than Avast in that it balks at some autorun files more often than I like, but I have no complaints with either service. Do not use Malwarebytes; have not had reason to. I do use Ad Block and run Spybot, but not regularly.

I also prefer Thunderbird to either Win Mail or Win Live Mail -- which I understand is a cloud program. My rule has been, if it is from an unknown, delete it and let them use the telephone or snail mail. Same with websites -- I am very suspicious, perhaps more than I should be, even of some sites linked here on these forums; happily, both Avira and Avast have good early warning alarms.



I wanted to touch on this earlier, but got side-tracked...

One doesn't exactly have to be the "sharpest blade in the pack", Albi, but it does take more than 5 functioning brain cells.

I have seen more than my share of infected machines that are simply results of intentional disabling of protection software ("oh, it's SO annoying"), or (and this is much more common in my experience) the continued ignoring of warnings from AV software that no longer is updating. Nearly every single machine I've ever had to work on has been the result of NAV that hasn't had a valid subscription or update in over 3 years. How the fsck do you ignore NAV warnings for that long? Are you fscking kidding me?

Then there are the multitude of file sharing networks like Limewire, Kazaa, etc. That's probably the #2 problem I see, right after NAV expiration. Most people don't seem to realize that you get more than you bargained for using these networks.

Of course, we also have the dumb-assed people who panic at the sight of some bogus warning about infected files (like what Ron's probably dealing with) and just go all fscking "click happy" trying to fix a problem that doesn't actually exist. You would think by now it would dawn on people that you never, ever, ever, ever download files from places you don't know, and most especially from some pop-up window.

There are several things I consider a "must" for a Windoze box:

1) AVG (http://free.avg.com/us-en/homepage) (or at least something better than NAV or MacAfee bloatware)

2) Malwarebytes (http://www.malwarebytes.org/)

3) Use FF instead of IE.

4) Install Ad Block Plus (https://addons.mozilla.org/en-US/firefox/addon/1865/) to FF.

5) Spybot Search & Destroy (http://www.safer-networking.org/en/download/)


YMMV

KJ3N
10-05-2010, 01:02 PM
Don't forget the software vendors that when you call them, their first troubleshooting step is "Disable the Antivirus". Even Verizon will say that as the first troubleshooting step.

My response, "I'll be returning your defective software immediately." :hand:


They lack the step telling the users to turn it back on, however.

Dumb on their part, even dumber on the user's part. "Stupid is as stupid does, Lt. Dan." :roll:

There's that "more than 5 functioning brain cells" part again. :roll:

NQ6U
10-05-2010, 01:15 PM
Don't forget the software vendors that when you call them, their first troubleshooting step is "Disable the Antivirus". Even Verizon will say that as the first troubleshooting step. They lack the step telling the users to turn it back on, however.

Doesn't most A/V software launch automatically on reboot anyway?

W3MIV
10-05-2010, 01:21 PM
Doesn't most A/V software launch automatically on reboot anyway?

Everything I have ever used does.

KC2UGV
10-05-2010, 01:40 PM
Doesn't most A/V software launch automatically on reboot anyway?

Sometimes, it's a long time between reboots.

W3WN
10-05-2010, 02:12 PM
Doesn't most A/V software launch automatically on reboot anyway?
Most of today's stuff does. But there's a ton of the older (outdated) stuff out there and still running, and doing little (if any) good. And some of the older stuff would not always launch (or launch active) on reboot.

Those of us who've worked in the field as consultants or general fix-it techs have seen almost everything...
-- The AV/AntiMalware package someone deliberately left disabled
-- The AV/AM package that needs an annual license renewal that got overlooked (or that someone wouldn't pay for)
-- The AV/AM package that was "borrowed" from a corporate environment, but that the user has no idea how to update (or can't)
-- The AV/AM package that was never configured in the first place (and needed some configuring)
-- The AV/AM package set up by the kids or grandkids for parents/grandparents who had little or no PC training, had no idea what to do, and had no idea how to maintain their AV/AM package with frequent updates.
-- To say nothing of the kids/grandkids who disabled the AV/AM package so that they could view a naughty site (and in the process infected the computer with various worms and other nasties), leaving the parents/grandparents too embarressed to find out how all those naughty pictures/videos ended up on their machine.

One of my favorites happened to WA3BOJ. He went out and bought a new computer, and got talked (suckered) into buying a 64 bit version of Vista at BestBuy. Half of his software didn't work, including the AV package he owned. (This happened shortly after Vista was introduced, obviously). The AV firm told him that their 64 bit home user version wasn't ready yet, but he could wait 3 months for a "free" upgrade. And BestBuy wouldn't take the machine back on some pretext.

NQ6U
10-05-2010, 02:17 PM
Sometimes, it's a long time between reboots.

About the time between Patch Tuesdays, I guess.

KC2UGV
10-05-2010, 02:48 PM
About the time between Patch Tuesdays, I guess.

Basically :)

N1LAF
10-05-2010, 03:27 PM
This may not be for everyone, but I run VMware with an OS and Firefox, Opera, Chrome, IE, and AVG plus Malwarebytes, etc.. After install, or use and scanned clean, I save the VMware folder as baseline. IF a problem occurs, delete the VMware folder and copy from baseline. Fixed in 40 seconds - beats everyone!!

W2NAP
10-05-2010, 08:18 PM
makes me so glad i use *nix

KC2UGV
10-05-2010, 08:21 PM
This may not be for everyone, but I run VMware with an OS and Firefox, Opera, Chrome, IE, and AVG plus Malwarebytes, etc.. After install, or use and scanned clean, I save the VMware folder as baseline. IF a problem occurs, delete the VMware folder and copy from baseline. Fixed in 40 seconds - beats everyone!!

So, what happens when your vm nails your host OS with a worm that hits on a zero day? :lol:






Sorry, just had to burst your bubble there :)

N1LAF
10-05-2010, 09:13 PM
So, what happens when your vm nails your host OS with a worm that hits on a zero day? :lol:






Sorry, just had to burst your bubble there :)

I think that worm infection would not migrate from the virtual machine to the host.

Here is a site you will enjoy, lots of egos parsing over word definition - consider this a present...
;)
http://anti-virus-rants.blogspot.com/2006/12/what-virtualization-can-and-cannot-do.html

N1LAF
10-05-2010, 09:22 PM
So, what happens when your vm nails your host OS with a worm that hits on a zero day? :lol:






Sorry, just had to burst your bubble there :)

I will have to ask my cousin Andy, since he is one of the leading experts in computer security....

n6hcm
10-06-2010, 03:42 AM
I think that worm infection would migrate from the virtual machine to the host.

which, in turn, only works if the host and the guest run operating systems which can be compromised by the same worm.

KC2UGV
10-06-2010, 08:32 AM
I will have to ask my cousin Andy, since he is one of the leading experts in computer security....

You got it right in your first post... :)

N1LAF
10-06-2010, 04:08 PM
I think that worm infection would not migrate from the virtual machine to the host.

which, in turn, only works if the host and the guest run operating systems which can be compromised by the same worm.

Mistake in post...

W3WN
10-08-2010, 10:02 PM
Just got back from 4 excruciating hours at my sister-in-laws. Well, only the first 1/2 hour was bad, but then I got myself excused from dealing with the nieces and nephews and got to the computer.

Took awhile, but I knew this sucker seemed familiar. It was opening up a red "Microsoft Security Essentials" warning box -- on every single .EXE that anyone tried to run. Including both IE and Firefox (their default browser). And Internet access was blocked to boot, but I don't know if that was the nasty or the fact that their wireless router needed rebooting. (Edit: I now know this is actually a legit app, but my s-i-l insists they never downloaded it. So I had my suspicions, especially when the "scan" wanted to them to download certain cleaning packages... for a fee... so this may have been hacked copy or a fake. It certainly wasn't cleaning the files!)

To make a long story short, got in with Safe Mode, copied certain key .EXE files to similarly named .COM files (cmd.exe became cmmd.com, taskmgr.exe tmanager.com, etc.) to sidestep the bugger. And discovered a file called hotfix.exe running -- located in my s-i-l's personal program directory on the XP box. (See http://greatis.com/blog/how-to-remove-malware/hotfix-exe-fakeav-mse.htm) Removed the file, and voila! everything came back as it should.

Got their semi-useless copy of Norton updated, and imagine this, all-of-a-sudden it's detecting an attack from a web site at 194.28.113.23 ("tid serv request 2"), trying to load a file NL6FA53.COM. Rolls right off the tongue, doesn't it?

I'm not completely out of the woods. There's a file that is generating an error and blue screening the computer, LSIPNDS.SYS, after about 20 minutes or so. It has a 2003 date, so I suspect it's a damaged system file. Got to track that sucker down.

Oh, and as I suspected, it's highly likely that this nasty was picked up at a pØrn site. During the removal process, I discovered attempts to load about a dozen naughty sites into IE. Use your imagination... it will fall short.

So, I'm trying to figure out how to tell my s-i-l that it appears that someone was viewing sites like "Debbie F(ornicate)s Dallas" without tipping off a roomful of people, including my in-laws, my brother-in-law & his family, and my nephew's high school friends. :chin:

Turns out my s-i-l already knew. She'd caught her hubby on these sites many times and has been chewing him out over it (they're heading for a divorce, a whole 'nother story). SHE was too embarressed to tell ME about it. But she's planning to give him a lashing (and not a good or kinky one) over this tonight, as she has told him repeatedly to stop viewing pØrn sites on HER computer when she's not home.

So, all is well. :pray: On the computer front, at least.

No, she didn't pay me nor did she offer to. But then, my wife had already told her I'd do it for free. Well, at least I had General Tzo's chicken and fried rice...

Thanks for all the advice.

KC2UGV
10-08-2010, 11:00 PM
A nickel's worth of free advice:

Don't say it was caused by checking out who in Dallas did Debbie. Just say,"There's tons of sites out there that get hijacked and load drive by crap onto it. Sometime even the gossip rag sites out there."

Trust me, you don't want to be there when someone's been "de-masked" for violating the "Internet Usage Agreement".

W3WN
10-08-2010, 11:17 PM
A nickel's worth of free advice:

Don't say it was caused by checking out who in Dallas did Debbie. Just say,"There's tons of sites out there that get hijacked and load drive by crap onto it. Sometime even the gossip rag sites out there."

Trust me, you don't want to be there when someone's been "de-masked" for violating the "Internet Usage Agreement".
I may not have been clear on that.

I pointed no fingers; what I told her was that the system was probably infected during a "drive by" while looking at a web site with a problem. I didn't say what site or who was looking at what.

My s-i-l is the one who replied "Oh, you mean a pØrn site. I've already yelled at (husband's name redacted) about viewing those on my computer, the @$$hØle!"

I've been watching this marriage fall apart, little by little, for years. There is no way to salvage it at this point, sad to say. I'm taking no sides (but just between us, her husband IS an @$$hØle, and a bigot as well), and I'm certainly not going to try and add fuel to the fire. I think the only thing keeping them together at this point is his daughter... but not hers... that she's raising (the poor thing's mother, the ex-gf, is a psycho. You don't want to know) as her own. They break up, he gets custody (he doesn't want it, but that's beside the point) and she doesn't. Hell of a way to run a railroad.

KC2UGV
10-08-2010, 11:41 PM
I may not have been clear on that.

I pointed no fingers; what I told her was that the system was probably infected during a "drive by" while looking at a web site with a problem. I didn't say what site or who was looking at what.

My s-i-l is the one who replied "Oh, you mean a pØrn site. I've already yelled at (husband's name redacted) about viewing those on my computer, the @$$hØle!"

I've been watching this marriage fall apart, little by little, for years. There is no way to salvage it at this point, sad to say. I'm taking no sides (but just between us, her husband IS an @$$hØle, and a bigot as well), and I'm certainly not going to try and add fuel to the fire. I think the only thing keeping them together at this point is his daughter... but not hers... that she's raising (the poor thing's mother, the ex-gf, is a psycho. You don't want to know) as her own. They break up, he gets custody (he doesn't want it, but that's beside the point) and she doesn't. Hell of a way to run a railroad.

That situation is as bad as letting the CEO know that the CISO has been caught with kiddy-pr0n on his corporate computer...

N1LAF
10-21-2010, 05:28 PM
I will have to ask my cousin Andy, since he is one of the leading experts in computer security....

Talked with Andy tonight, and he says that using VMware is safe,, and does protect the host operating system. Use safe practices of course, no sharing of folders, etc.. but to use the browser in a VMware window is safe and smart. He also recommends the obvious, don't execute PDF documents, Turn FLASH off, and even if one can bear so, turn off Javascript. All of these easy to do with Firefox.

KG4CGC
10-21-2010, 05:41 PM
https://addons.mozilla.org/en-US/firefox/collections/theparadox/paranoia/?advancedsearch=1

N1LAF
10-21-2010, 05:56 PM
https://addons.mozilla.org/en-US/firefox/collections/theparadox/paranoia/?advancedsearch=1

Nice! Thanks Charles!!

W1GUH
10-22-2010, 08:04 AM
Here's whatch do...

Next time you're "volunteered" to give up mucho personal relaxation time by working for free....make SURE that you leave the machine in a completly inoperable state, but, of course, say "It's fixed." Let 'em pay somebody else & see if you get asked again.

When the conversation even gets anywhere near "can you fix my PC", I always, always, ALWAYS beg off with, "Whoa....I know nothing about PC's and Windows...I only know unix and embedded systems & advanced stuff. I let the IT turkeys at work mess with my PC."

W5RB
10-22-2010, 08:15 AM
Here's whatch do...

Next time you're "volunteered" to give up mucho personal relaxation time by working for free....make SURE that you leave the machine in a completly inoperable state, but, of course, say "It's fixed." Let 'em pay somebody else & see if you get asked again.

When the conversation even gets anywhere near "can you fix my PC", I always, always, ALWAYS beg off with, "Whoa....I know nothing about PC's and Windows...I only know unix and embedded systems & advanced stuff. I let the IT turkeys at work mess with my PC."

Back in the day , I finally learned a stock answer when asked "Hey, you know anything about a VCR?" I'd respond, "I guess not. The last one I worked on actually caught fire."

KC2UGV
10-22-2010, 09:50 AM
Here's whatch do...

Next time you're "volunteered" to give up mucho personal relaxation time by working for free....make SURE that you leave the machine in a completly inoperable state, but, of course, say "It's fixed." Let 'em pay somebody else & see if you get asked again.

When the conversation even gets anywhere near "can you fix my PC", I always, always, ALWAYS beg off with, "Whoa....I know nothing about PC's and Windows...I only know unix and embedded systems & advanced stuff. I let the IT turkeys at work mess with my PC."

This one works for me:
"Well, my schedule is really full for like the next week. But, if you can drop it off over my place, I might be able to get it back to you in a week and a half or so..." I might need to try the "Hey, I'm a UNIX guy, not winders..." line.

n2ize
10-24-2010, 02:29 AM
Here's whatch do...

Next time you're "volunteered" to give up mucho personal relaxation time by working for free....make SURE that you leave the machine in a completly inoperable state, but, of course, say "It's fixed." Let 'em pay somebody else & see if you get asked again.

When the conversation even gets anywhere near "can you fix my PC", I always, always, ALWAYS beg off with, "Whoa....I know nothing about PC's and Windows...I only know unix and embedded systems & advanced stuff. I let the IT turkeys at work mess with my PC."

It doesn't always work. When I graduated college people assumed that because I got a math degree that I knew everything there was to know about computers. Uh... duh... are these people aware that math was done long before "computers" were invented ? Even now days I'll get calls from friends asking me why a particular website is down, or why they cannot access an audio feed from a site in Istanbul or something. As if I am supposed to know everything that is going on in the entire computer universe. I tell them I don;t know. I also add that I don't control the entire Internet and I don;t run every single website on it. And no, there is no "magic formula" that can tell me why a particular web server in New Zealand was down between 12:00 - 6:00 pm.

n2ize
10-24-2010, 02:30 AM
This one works for me:
"Well, my schedule is really full for like the next week. But, if you can drop it off over my place, I might be able to get it back to you in a week and a half or so..." I might need to try the "Hey, I'm a UNIX guy, not winders..." line.

The "Unix not Winders" line only works for people who have a clue. Most people will just assume that you know every single thing about all things computer. See my posting above.

ad4mg
10-24-2010, 05:32 AM
I just quote my hourly rate, which is about 1/2 of what the 'Geek Squad' and other 'experts' charge.

That resolves many requests immediately.

kf0rt
10-24-2010, 05:41 AM
I just quote my hourly rate, which is about 1/2 of what the 'Geek Squad' and other 'experts' charge.

That resolves many requests immediately.

You need to raise your rates if you want it to resolve all requests. ;)

n2ize
10-24-2010, 02:23 PM
I just quote my hourly rate, which is about 1/2 of what the 'Geek Squad' and other 'experts' charge.

That resolves many requests immediately.

yeah, but I've tried that. The problem is that when its family you get a sheepish grin as in, "of course you're not serious, you ARE going to fix it for free". If I still insist on a fee the next this is, "cmon, we know you can't be that much of a greed lowlife that you'd charge family members". At that point if I still insist I am then labeled the "family villain"

W5RB
10-24-2010, 02:27 PM
http://cdn1.ioffer.com/img/item/301/047/81/94_1.JPG

N1LAF
10-24-2010, 05:45 PM
I just quote my hourly rate, which is about 1/2 of what the 'Geek Squad' and other 'experts' charge.

That resolves many requests immediately.

You capitalist you...
Stealing work from others...
:snicker: :snicker: :snicker:

But this is how you start.

n2ize
10-24-2010, 06:02 PM
You capitalist you...
Stealing work from others...
:snicker: :snicker: :snicker:

But this is how you start.

You could also be a Marxist and do just as well.