My spyware issue update





I have been doing a lot more research into the spyware issue I had and it seems to be a rogue AV trojan. Basically here are the symptoms:

SYMPTOMS

Constant popups warning of issues on my PC (See pics above courtesy of www.geekpolice.net)
Inability yo run task manager
Inability to run any installers or av software
Inability to run just about any applications without errors.

The warnings of rogue IP addresses attacking me were quickly rumbled after they continued after my internet connection was disconnected. Still the trojan was a real pain in the ass. Being from a security background I never fully trust a machine after it has been infected so I always rebuild as I mentioned in a previous post.

CURE

If you do not want to carry out a rebuild then you are going to need to be very thorough and very patient with this one.

If you have other user profiles on the PC you may be able to login using a different user and then run your scanning tools from there.

If not then rebooting in safe mode will enable you to run superantispyware for example. I tried spybot S&D but could not get it to work in safe mode. This particular spyware adds a bunch of registry keys and adds files to your system directories

There is loads of information on the internet regarding these spyware types
and you are basically going to need to try each technique to find the exact one that works for you. I would advise against using any software recommended on these sites unless you are 100% sure about it's authenticity. (Including any auto ads linked from this site).

Remember: Just visiting and browsing around a dodgy site could be enough to introduce this problem into your PC.

google bankerfox.A for loads more info. I am going to build a spare pc and place it on a dmz interface off my LAN and try to pick this malware up again so I can do a lot more investigation. Just need to remember where I have been to speed up the process.

Comments

Post a Comment

Popular posts from this blog

configuring the zmodo ZP-IBi-13W camera to work with Blue Iris Software.

Image
Off topic.......configuring the zmodo ZP-IBi-13W camera to work with Blue Iris Software. Many people have had issues getting these cameras to display video in any other sotware except the supplied z-viewer.  Here is how I got it working with the Blue Iris Software.  The settings may work with other software but have not been tested. Pre-Requisites First set the camera up using the instructions with the camera using zviewer and zsight software. You will need to find the cameras wireless ip address.   If possible set this statically by connecting to the cameras IP address using internet explorer.   .. http://ip-of-camera.. .   Note it does not work with Firefox of chrome. Once working you need to install Blue Iris Software on a machine which can contact the cameras.   Usually this will be sitting on the same network but it will work over a router network providing   the required ports are allowed Blue Iris Installation Load up the Blue Iris Software and Add a new camer
Read more

Apple MAC Fake Virus Alert

Similar to the windows fake AV alerts, MAC users have now been targeted with a fake AV scam. After visiting an infected site, the software scans the users hard disk and reports on viruses found. Users are then given the opportunity to purchase remedial AV software, thus parting with credit card information. The trick here is that is can masqurade as the legitimate MAC Defender application making the users less suspicious about the warnings. Apple Mac users have been adviced to disable a setting in the Safari browser that allows "safe" files to be automatically installed. Full details on removing and preventing this malware can be found here. Apple MAC Malware Removal
Read more

Evolution

Image
I've just spent some time out watching my favourite comedy movies, the original Pink Panther films. Made over 30 years ago, these films relied on primitive effects which in my opinion made the visual jokes even better. What strikes me is the lack of technology available back in those days. No "real" computers, offices with computerless desks and everything but fancy televisions being the focal point of furnished rooms. I am old enough to remember the days without computers and the thrill of the ZX-81 computer being released, and no google to find out the answer to just about anything. So what am I going on about here.....? Well, in essence it is all about the evolving threats, how we must be open minded and keep up with what is happening around us. Security back in those days was limited to the necessity of keeping information locked up in a secure filing cabinet in a guarded room. A basic security strategy, but one which could be regarded as effective under the c
Read more